only activate the PrefixString label in Query.qll files

erik-krogh · erik-krogh · commit b1bad271d553 · 2022-04-20T18:10:53.000+02:00
diff --git a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/XssATM.qll b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/XssATM.qll
@@ -116,6 +116,10 @@ private class PrefixStringSanitizerActivated extends TaintTracking::SanitizerGua
   PrefixStringSanitizerActivated() { this = this }
 }
 
+private class PrefixStringActivated extends DataFlow::FlowLabel, DomBasedXss::PrefixString {
+  PrefixStringActivated() { this = this }
+}
+
 private class QuoteGuard extends TaintTracking::SanitizerGuardNode, Shared::QuoteGuard {
   QuoteGuard() { this = this }
 }
diff --git a/javascript/ql/lib/semmle/javascript/security/dataflow/DomBasedXssCustomizations.qll b/javascript/ql/lib/semmle/javascript/security/dataflow/DomBasedXssCustomizations.qll
@@ -322,7 +322,7 @@ module DomBasedXss {
   /**
    * A flow-label representing tainted values where the prefix is attacker controlled.
    */
-  class PrefixString extends DataFlow::FlowLabel {
+  abstract class PrefixString extends DataFlow::FlowLabel {
     PrefixString() { this = "PrefixString" }
   }
 
diff --git a/javascript/ql/lib/semmle/javascript/security/dataflow/DomBasedXssQuery.qll b/javascript/ql/lib/semmle/javascript/security/dataflow/DomBasedXssQuery.qll
@@ -132,6 +132,10 @@ private class PrefixStringSanitizerActivated extends TaintTracking::SanitizerGua
   PrefixStringSanitizerActivated() { this = this }
 }
 
+private class PrefixStringActivated extends DataFlow::FlowLabel, PrefixString {
+  PrefixStringActivated() { this = this }
+}
+
 private class QuoteGuard extends TaintTracking::SanitizerGuardNode, Shared::QuoteGuard {
   QuoteGuard() { this = this }
 }
diff --git a/javascript/ql/lib/semmle/javascript/security/dataflow/UnsafeHtmlConstructionQuery.qll b/javascript/ql/lib/semmle/javascript/security/dataflow/UnsafeHtmlConstructionQuery.qll
@@ -54,6 +54,10 @@ private class PrefixStringSanitizer extends TaintTracking::SanitizerGuardNode,
   PrefixStringSanitizer() { this = this }
 }
 
+private class PrefixString extends DataFlow::FlowLabel, DomBasedXss::PrefixString {
+  PrefixString() { this = this }
+}
+
 private class QuoteGuard extends TaintTracking::SanitizerGuardNode, Shared::QuoteGuard {
   QuoteGuard() { this = this }
 }
diff --git a/javascript/ql/lib/semmle/javascript/security/dataflow/XssThroughDomQuery.qll b/javascript/ql/lib/semmle/javascript/security/dataflow/XssThroughDomQuery.qll
@@ -59,6 +59,10 @@ private class PrefixStringSanitizer extends TaintTracking::SanitizerGuardNode,
   PrefixStringSanitizer() { this = this }
 }
 
+private class PrefixString extends DataFlow::FlowLabel, DomBasedXss::PrefixString {
+  PrefixString() { this = this }
+}
+
 private class QuoteGuard extends TaintTracking::SanitizerGuardNode, Shared::QuoteGuard {
   QuoteGuard() { this = this }
 }

Original file line number	Diff line number	Diff line change
`@@ -116,6 +116,10 @@ private class PrefixStringSanitizerActivated extends TaintTracking::SanitizerGua`
`116`	`116`	`PrefixStringSanitizerActivated() { this = this }`
`117`	`117`	`}`
`118`	`118`
	`119`	`+private class PrefixStringActivated extends DataFlow::FlowLabel, DomBasedXss::PrefixString {`
	`120`	`+ PrefixStringActivated() { this = this }`
	`121`	`+}`
	`122`	`+`
`119`	`123`	`private class QuoteGuard extends TaintTracking::SanitizerGuardNode, Shared::QuoteGuard {`
`120`	`124`	`QuoteGuard() { this = this }`
`121`	`125`	`}`
Original file line number	Diff line number	Diff line change
`@@ -322,7 +322,7 @@ module DomBasedXss {`
`322`	`322`	`/**`
`323`	`323`	`* A flow-label representing tainted values where the prefix is attacker controlled.`
`324`	`324`	`*/`
`325`		`- class PrefixString extends DataFlow::FlowLabel {`
	`325`	`+ abstract class PrefixString extends DataFlow::FlowLabel {`
`326`	`326`	`PrefixString() { this = "PrefixString" }`
`327`	`327`	`}`
`328`	`328`
Original file line number	Diff line number	Diff line change
`@@ -132,6 +132,10 @@ private class PrefixStringSanitizerActivated extends TaintTracking::SanitizerGua`
`132`	`132`	`PrefixStringSanitizerActivated() { this = this }`
`133`	`133`	`}`
`134`	`134`
	`135`	`+private class PrefixStringActivated extends DataFlow::FlowLabel, PrefixString {`
	`136`	`+ PrefixStringActivated() { this = this }`
	`137`	`+}`
	`138`	`+`
`135`	`139`	`private class QuoteGuard extends TaintTracking::SanitizerGuardNode, Shared::QuoteGuard {`
`136`	`140`	`QuoteGuard() { this = this }`
`137`	`141`	`}`
Original file line number	Diff line number	Diff line change
`@@ -54,6 +54,10 @@ private class PrefixStringSanitizer extends TaintTracking::SanitizerGuardNode,`
`54`	`54`	`PrefixStringSanitizer() { this = this }`
`55`	`55`	`}`
`56`	`56`
	`57`	`+private class PrefixString extends DataFlow::FlowLabel, DomBasedXss::PrefixString {`
	`58`	`+ PrefixString() { this = this }`
	`59`	`+}`
	`60`	`+`
`57`	`61`	`private class QuoteGuard extends TaintTracking::SanitizerGuardNode, Shared::QuoteGuard {`
`58`	`62`	`QuoteGuard() { this = this }`
`59`	`63`	`}`
Original file line number	Diff line number	Diff line change
`@@ -59,6 +59,10 @@ private class PrefixStringSanitizer extends TaintTracking::SanitizerGuardNode,`
`59`	`59`	`PrefixStringSanitizer() { this = this }`
`60`	`60`	`}`
`61`	`61`
	`62`	`+private class PrefixString extends DataFlow::FlowLabel, DomBasedXss::PrefixString {`
	`63`	`+ PrefixString() { this = this }`
	`64`	`+}`
	`65`	`+`
`62`	`66`	`private class QuoteGuard extends TaintTracking::SanitizerGuardNode, Shared::QuoteGuard {`
`63`	`67`	`QuoteGuard() { this = this }`
`64`	`68`	`}`