Skip to content

Commit ca53e97

Browse files
NapalysNapalys
committed
Adressed comments.
1 parent 221cc19 commit ca53e97

File tree

2 files changed

+5
-3
lines changed

2 files changed

+5
-3
lines changed

javascript/ql/lib/ext/underscore.string.model.yml

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -18,17 +18,18 @@ extensions:
1818
- ["'underscore.string'", "Member[toSentence,toSentenceSerial]", "Argument[0].ArrayElement", "ReturnValue", "taint"]
1919
- ["'underscore.string'", "Member[insert,replaceAll,splice,prune,pad,lpad,rpad,repeat,rjust,ljust]", "Argument[0,2]", "ReturnValue", "taint"]
2020
- ["'underscore.string'", "Member[splice]", "Argument[0,3]", "ReturnValue", "taint"]
21-
- ["'underscore.string'", "Member[join]", "Argument[0..N-1]", "ReturnValue", "taint"]
21+
- ["'underscore.string'", "Member[join]", "Argument[0..]", "ReturnValue", "taint"]
2222
- ["'underscore.string'", "Member[surround,quote,q]", "Argument[0,1]", "ReturnValue", "taint"]
2323
- ["'underscore.string'", "", "Argument[0]", "ReturnValue", "taint"]
2424
- ["'underscore.string'.Wrapper", "Member[slugify,capitalize,decapitalize,clean,cleanDiacritics,swapCase,escapeHTML,unescapeHTML,wrap,dedent,reverse,pred,succ,titleize,camelize,classify,underscored,dasherize,humanize,trim,ltrim,rtrim,truncate,sprintf,strRight,strRightBack,strLeft,strLeftBack,stripTags,unquote,value,strip,lstrip,rstrip,camelcase]", "Argument[this]", "ReturnValue", "taint"]
2525
- ["'underscore.string'.Wrapper", "Member[insert,replaceAll,join,splice,prune,pad,lpad,rpad,repeat,surround,quote,q,rjust,ljust]", "Argument[this]", "ReturnValue", "taint"]
2626
- ["'underscore.string'.Wrapper", "Member[insert,replaceAll,prune,pad,lpad,rpad,repeat,rjust,ljust]", "Argument[1]", "ReturnValue", "taint"]
2727
- ["'underscore.string'.Wrapper", "Member[surround,quote,q]", "Argument[0]", "ReturnValue", "taint"]
2828
- ["'underscore.string'.Wrapper", "Member[splice]", "Argument[2]", "ReturnValue", "taint"]
29-
- ["'underscore.string'.Wrapper", "Member[join,concat]", "Argument[0..N-1]", "ReturnValue", "taint"]
29+
- ["'underscore.string'.Wrapper", "Member[join,concat]", "Argument[0..]", "ReturnValue", "taint"]
3030
- ["'underscore.string'.Wrapper", "Member[toUpperCase,toLowerCase,replace,slice,substring,substr,split]", "Argument[this]", "ReturnValue", "taint"]
3131
- ["'underscore.string'.Wrapper", "Member[tap]", "Argument[this]", "ReturnValue", "taint"]
3232
- ["'underscore.string'.Wrapper", "Member[tap]", "Argument[0].ReturnValue", "ReturnValue", "taint"]
33+
- ["'underscore.string'.Wrapper", "Member[tap]", "Argument[this]", "Argument[0].Parameter[1]", "taint"]
3334
- ["'underscore.string'", "Member[map]", "Argument[0]", "Argument[1].Parameter[0]", "taint"]
3435
- ["'underscore.string'", "Member[map]", "Argument[1].ReturnValue", "ReturnValue", "taint"]

javascript/ql/lib/semmle/javascript/frameworks/UnderscoreDotString.qll

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,8 @@ private import semmle.javascript.dataflow.internal.AdditionalFlowInternal
1010
*/
1111
private class UnderscoreDotString extends AdditionalFlowInternal {
1212
/**
13-
* Holds if a call to an Underscore.string method clears array element content of the receiver.
13+
* Some of the methods in `underscore.string` have the same name as methods from `Array.prototype`.
14+
* This prevents methods like `splice` from propagating into Argument[this].ArrayElement.
1415
*/
1516
override predicate clearsContent(DataFlow::Node node, DataFlow::ContentSet contents) {
1617
exists(DataFlow::CallNode call |

0 commit comments

Comments
 (0)