try something else

github · Dec 3, 2021 · e686e7d · e686e7d
1 parent df954b2
commit e686e7d
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 18 deletions.
diff --git a/javascript/ql/lib/semmle/javascript/dataflow/DataFlow.qll b/javascript/ql/lib/semmle/javascript/dataflow/DataFlow.qll
@@ -1584,37 +1584,36 @@ module DataFlow {
   /**
    * Holds if there is a step from `pred` to `succ` through a field accessed through `this` in a class.
    */
-  deprecated predicate localFieldStep(DataFlow::Node pred, DataFlow::Node succ) {
+  predicate localFieldStep(DataFlow::Node pred, DataFlow::Node succ) {
     exists(DataFlow::Node mid, string prop |
-      localFieldStoreStep(_, pred, mid, prop) and
-      localFieldLoadStep(_, mid, succ, prop)
+      localFieldStoreStep(pred, mid, prop) and
+      localFieldLoadStep(mid, succ, prop)
     )
   }
 
-  private predicate localFieldStoreStep(
-    ClassNode cls, DataFlow::Node pred, DataFlow::Node succ, string prop
-  ) {
-    (
+  private predicate localFieldStoreStep(DataFlow::Node pred, DataFlow::Node succ, string prop) {
+    exists(ClassNode cls |
       pred = cls.getAReceiverNode().getAPropertyWrite(prop).getRhs()
       or
       pred = cls.getInstanceMethod(prop)
-    ) and
-    succ = cls.getConstructor().getReceiver()
+    |
+      succ = cls.getConstructor().getReceiver()
+    )
   }
 
-  private predicate localFieldLoadStep(
-    ClassNode cls, DataFlow::Node pred, DataFlow::Node succ, string prop
-  ) {
-    pred = cls.getConstructor().getReceiver() and
-    succ = cls.getAReceiverNode().getAPropertyRead(prop)
+  private predicate localFieldLoadStep(DataFlow::Node pred, DataFlow::Node succ, string prop) {
+    exists(ClassNode cls |
+      pred = cls.getConstructor().getReceiver() and
+      succ = cls.getADirectSubClass*().getAReceiverNode().getAPropertyRead(prop)
+    )
   }
 
   /**
    * A step that models steps to and from fields of a class.
    */
-  private class LocalFieldStep extends PreCallGraphStep {
+  private class LocalFieldStep extends DataFlow::SharedFlowStep {
     override predicate loadStep(DataFlow::Node pred, DataFlow::Node succ, string prop) {
-      localFieldLoadStep(_, pred, succ, prop)
+      localFieldLoadStep(pred, succ, prop)
     }
 
     override predicate step(DataFlow::Node pred, DataFlow::Node succ) {
@@ -1625,7 +1624,7 @@ module DataFlow {
     }
 
     override predicate storeStep(DataFlow::Node pred, DataFlow::SourceNode succ, string prop) {
-      localFieldStoreStep(_, pred, succ, prop)
+      localFieldStoreStep(pred, succ, prop)
     }
   }
 

diff --git a/javascript/ql/test/query-tests/Security/CWE-078/Consistency.expected b/javascript/ql/test/query-tests/Security/CWE-078/Consistency.expected
@@ -1 +0,0 @@
-| query-tests/Security/CWE-078/lib/lib.js:281 | expected an alert, but found none | NOT OK | ComandInjection |
Original file line number	Diff line number	Diff line change
		@@ -1 +0,0 @@
		\| query-tests/Security/CWE-078/lib/lib.js:281 \| expected an alert, but found none \| NOT OK \| ComandInjection \|