Add support for typed commands to CodeQL query
This adds support for detecting the `CommandManager.execute` method in the unique command use query. This may not be the best way to implement this. There's a method `hasUnderlyingType` on `this.getReceiver().getType()`, but I couldn't really figure out how to get it recognize `CommandManager`. It might be possible if we can construct the type of `CommandManager`, but this will probably include the filepath to the `CommandManager` class, which might not neccessarily be something we want: moving the `CommandManager` class should not require updating the query. I'm very happy to hear other suggestions.
This commit is contained in:
Koen Vlaswinkel
14
.github/codeql/queries/unique-command-use.ql
vendored
14
.github/codeql/queries/unique-command-use.ql
vendored
@@ -72,6 +72,20 @@
|
||||
|
||||
override string getCommandName() { result = this.getArgument(0).(StringLiteral).getValue() }
|
||||
}
|
||||
|
||||
/**
|
||||
* A usage of a command from the typescript code, by calling `CommandManager.execute`.
|
||||
*/
|
||||
class CommandUsageCommandManagerMethodCallExpr extends CommandUsage, MethodCallExpr {
|
||||
CommandUsageCommandManagerMethodCallExpr() {
|
||||
this.getCalleeName() = "execute" and
|
||||
this.getReceiver().getType().unfold().(TypeReference).getTypeName().getName() = "CommandManager" and
|
||||
this.getArgument(0).(StringLiteral).getValue().matches("%codeQL%") and
|
||||
not this.getFile().getRelativePath().matches("extensions/ql-vscode/test/%")
|
||||
}
|
||||
|
||||
override string getCommandName() { result = this.getArgument(0).(StringLiteral).getValue() }
|
||||
}
|
||||
|
||||
/**
|
||||
* A usage of a command from any menu that isn't the command palette.
|
||||
|
||||
Reference in New Issue
Block a user