mirror of
https://github.com/github/codeql.git
synced 2025-12-16 16:53:25 +01:00
889209719b
Locally these seem to get rid of the compilation warnings, but of course CI is the true arbiter here.
45 lines
1.5 KiB
Plaintext
45 lines
1.5 KiB
Plaintext
import javascript
|
|
import semmle.javascript.dataflow.InferredTypes
|
|
import semmle.javascript.dataflow.internal.FlowSteps as FlowSteps
|
|
import semmle.javascript.dataflow.internal.AbstractPropertiesImpl as AbstractPropertiesImpl
|
|
import semmle.javascript.dataflow.CustomAbstractValueDefinitions
|
|
|
|
overlay[local]
|
|
class MyCustomAbstractValueDefinition extends CustomAbstractValueDefinition {
|
|
DataFlow::ValueNode node;
|
|
|
|
MyCustomAbstractValueDefinition() {
|
|
DataFlow::valueNode(this) = node and
|
|
node instanceof DataFlow::ObjectLiteralNode and
|
|
exists(DataFlow::PropWrite pwn |
|
|
pwn.writes(node, "custom", any(BooleanLiteral l | l.getValue() = "true").flow())
|
|
)
|
|
}
|
|
|
|
override boolean getBooleanValue() { result = true }
|
|
|
|
override predicate isCoercibleToNumber() { none() }
|
|
|
|
override PrimitiveAbstractValue toPrimitive() { result = TAbstractOtherString() }
|
|
|
|
override InferredType getType() { result = TTObject() }
|
|
|
|
override predicate shouldTrackProperties() {
|
|
exists(DataFlow::PropWrite pwn |
|
|
pwn.writes(node, "trackProps", any(BooleanLiteral l | l.getValue() = "true").flow())
|
|
)
|
|
}
|
|
}
|
|
|
|
boolean flowProps(AbstractValue val) {
|
|
if FlowSteps::shouldTrackProperties(val) then result = true else result = false
|
|
}
|
|
|
|
boolean typeProps(AbstractValue val) {
|
|
if AbstractPropertiesImpl::shouldTrackProperties(val) then result = true else result = false
|
|
}
|
|
|
|
from MyCustomAbstractValueDefinition def, AbstractValue val
|
|
where def.getAbstractValue() = val
|
|
select def, val, flowProps(val), typeProps(val)
|