Skip to content

Commit b2016bd

Browse files
asgerfasgerf
committed
JS: Merge concepts of client/database in MongoDB model
1 parent 23480b2 commit b2016bd

File tree

1 file changed

+10
-21
lines changed
  • javascript/ql/lib/semmle/javascript/frameworks

1 file changed

+10
-21
lines changed

javascript/ql/lib/semmle/javascript/frameworks/NoSQL.qll

Lines changed: 10 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -24,36 +24,25 @@ private DataFlow::Node getADollarWhereProperty(API::Node queryArg) {
2424
*/
2525
private module MongoDB {
2626
/**
27-
* Gets an access to `mongodb.MongoClient`.
27+
* Gets an access to `mongodb.MongoClient` or a database.
28+
*
29+
* In Mongo version 2.x, a client and a database handle were the same concept, but in 3.x
30+
* they were separated. To handle everything with a single model, we treat them as the same here.
2831
*/
29-
private API::Node getAMongoClient() {
32+
private API::Node getAMongoClientOrDatabase() {
3033
result = API::moduleImport("mongodb").getMember("MongoClient")
3134
or
32-
// The callback parameter is either a MongoClient or Db depending on the mongodb package version,
33-
// but we just model it as both.
34-
result = getAMongoDbCallback().getParameter(1)
35-
}
36-
37-
/** Gets an API-graph node that refers to a `connect` callback. */
38-
private API::Node getAMongoDbCallback() {
39-
result = getAMongoClient().getMember("connect").getLastParameter()
40-
}
41-
42-
/**
43-
* Gets an API-graph node that may refer to a MongoDB database connection.
44-
*/
45-
private API::Node getAMongoDb() {
46-
result = getAMongoClient().getMember("db").getReturn()
35+
result = getAMongoClientOrDatabase().getMember("db").getReturn()
4736
or
48-
// The callback parameter is either a MongoClient or Db depending on the mongodb package version,
49-
// but we just model it as both.
50-
result = getAMongoDbCallback().getParameter(1)
37+
result = getAMongoClientOrDatabase().getMember("connect").getLastParameter().getParameter(1)
5138
}
5239

5340
/** Gets a data flow node referring to a MongoDB collection. */
5441
private API::Node getACollection() {
5542
// A collection resulting from calling `Db.collection(...)`.
56-
exists(API::Node collection | collection = getAMongoDb().getMember("collection").getReturn() |
43+
exists(API::Node collection |
44+
collection = getAMongoClientOrDatabase().getMember("collection").getReturn()
45+
|
5746
result = collection
5847
or
5948
result = collection.getParameter(1).getParameter(0)

0 commit comments

Comments
 (0)