Skip to content

Commit efb582b

Browse files
asgerfasgerf
committed
JS: Drive-by fix to newly gained FPs
1 parent 869c6d2 commit efb582b

File tree

1 file changed

+2
-0
lines changed

1 file changed

+2
-0
lines changed

javascript/ql/lib/semmle/javascript/security/dataflow/PrototypePollutingAssignmentQuery.qll

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -53,6 +53,8 @@ class Configuration extends TaintTracking::Configuration {
5353
not replace.getRawReplacement().getStringValue() = ""
5454
)
5555
)
56+
or
57+
node = NodeJSLib::Path::moduleMember(["join", "normalize", "relative", "resolve"]).getACall()
5658
}
5759

5860
override predicate isAdditionalFlowStep(

0 commit comments

Comments
 (0)