Skip to content

Commit a3dc19f

Browse files
asgerfasgerf
committed
JS: Check privacy earlier
1 parent 5c45494 commit a3dc19f

File tree

2 files changed

+8
-6
lines changed

2 files changed

+8
-6
lines changed

javascript/ql/lib/semmle/javascript/endpoints/EndpointNaming.qll

Lines changed: 7 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -38,19 +38,21 @@ private string join(string x, string y) {
3838

3939
private predicate isPackageExport(API::Node node) { node = API::moduleExport(_) }
4040

41-
private predicate memberEdge(API::Node pred, API::Node succ) { succ = pred.getAMember() }
41+
private predicate relevantEdge(API::Node pred, API::Node succ) {
42+
succ = pred.getAMember() and
43+
not isPrivateLike(succ)
44+
}
4245

4346
/** Gets the shortest distance from a packaeg export to `nd` in the API graph. */
4447
private int distanceFromPackageExport(API::Node nd) =
45-
shortestDistances(isPackageExport/1, memberEdge/2)(_, nd, result)
48+
shortestDistances(isPackageExport/1, relevantEdge/2)(_, nd, result)
4649

4750
private predicate isExported(API::Node node) {
4851
isPackageExport(node)
4952
or
5053
exists(API::Node pred |
5154
isExported(pred) and
52-
memberEdge(pred, node) and
53-
not isPrivateLike(node)
55+
relevantEdge(pred, node)
5456
)
5557
}
5658

@@ -81,6 +83,7 @@ private predicate isPrivateLike(API::Node node) { isPrivateAssignment(node.asSin
8183

8284
private API::Node getASuccessor(API::Node node, string name, int badness) {
8385
isExported(node) and
86+
isExported(result) and
8487
exists(string member |
8588
result = node.getMember(member) and
8689
if member = "default"

javascript/ql/test/library-tests/EndpointNaming/EndpointNaming.expected

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,12 +1,11 @@
11
testFailures
2-
| pack11/index.ts:2:12:2:65 | // $ me ... .name.m | Missing result:method=(pack11).C1.publicField.really.long.name.m |
32
| pack11/index.ts:33:1:33:16 | | Unexpected result: method=(pack11).C3.privateField |
43
| pack11/index.ts:33:18:33:69 | // $ me ... ng.name | Missing result:method=(pack11).C3.publicField.really.long.name |
54
| pack11/index.ts:41:23:41:24 | | Unexpected result: alias=(pack11).C3.publicField.really.long.name==(pack11).C3.privateField |
65
ambiguousPreferredPredecessor
76
| pack2/lib.js:8:22:8:34 | def moduleImport("pack2").getMember("exports").getMember("lib").getMember("LibClass").getMember("foo") |
87
ambiguousSinkName
98
ambiguousClassObjectName
10-
ambiguousClassInstanceName
119
failures
10+
ambiguousClassInstanceName
1211
ambiguousFunctionName

0 commit comments

Comments
 (0)