hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-11 05:30:24 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
30b30695e41dbffe1cfe41400d2cf515c87599c4
codeql/javascript/ql/lib/semmle/javascript/frameworks/Classnames.qll
Andrew Eisenberg 45d1fa7f01 Packaging: Rafactor Javascript core libraries 
Extract the external facing `qll` files into the codeql/javascript-all
query pack.
2021-08-25 12:15:56 -07:00

36 lines
1.0 KiB
Plaintext
Raw Blame History

/**
* Provides taint steps modeling flow through the `classnames` and `clsx` libraries.
*/
import javascript
private DataFlow::SourceNode classnames() {
result = DataFlow::moduleImport(["classnames", "classnames/dedupe", "classnames/bind"])
}
private class PlainStep extends TaintTracking::SharedTaintStep {
override predicate step(DataFlow::Node pred, DataFlow::Node succ) {
exists(DataFlow::CallNode call |
call = [classnames().getACall(), DataFlow::moduleImport("clsx").getACall()] and
pred = call.getAnArgument() and
succ = call
)
}
}
/**
* Step from `x` or `y` to the result of `classnames.bind(x)(y)`.
*/
private class BindStep extends TaintTracking::SharedTaintStep {
override predicate step(DataFlow::Node pred, DataFlow::Node succ) {
exists(DataFlow::CallNode bind | bind = classnames().getAMemberCall("bind") |
pred =
[
succ.(DataFlow::CallNode).getAnArgument(), bind.getAnArgument(),
bind.getOptionArgument(_, _)
] and
succ = bind.getACall()
)
}
}
Reference in New Issue View Git Blame Copy Permalink