JS: Undo sanitization of path.normalize()

asgerf · asgerf · commit c250ba7f2712 · 2023-04-17T08:23:04.000+02:00
diff --git a/javascript/ql/lib/semmle/javascript/security/dataflow/PrototypePollutingAssignmentQuery.qll b/javascript/ql/lib/semmle/javascript/security/dataflow/PrototypePollutingAssignmentQuery.qll
@@ -54,7 +54,7 @@ class Configuration extends TaintTracking::Configuration {
       )
     )
     or
-    node = NodeJSLib::Path::moduleMember(["join", "normalize", "relative", "resolve"]).getACall()
+    node = NodeJSLib::Path::moduleMember(["join", "relative", "resolve"]).getACall()
   }
 
   override predicate isSanitizerEdge(

Original file line number	Diff line number	Diff line change
`@@ -54,7 +54,7 @@ class Configuration extends TaintTracking::Configuration {`
`54`	`54`	`)`
`55`	`55`	`)`
`56`	`56`	`or`
`57`		`- node = NodeJSLib::Path::moduleMember(["join", "normalize", "relative", "resolve"]).getACall()`
	`57`	`+ node = NodeJSLib::Path::moduleMember(["join", "relative", "resolve"]).getACall()`
`58`	`58`	`}`
`59`	`59`
`60`	`60`	`override predicate isSanitizerEdge(`