apply range pattern patch to javascript

erik-krogh · erik-krogh · commit dbd1148bd681 · 2021-10-25T19:38:00.000+02:00
diff --git a/javascript/ql/lib/semmle/javascript/DOM.qll b/javascript/ql/lib/semmle/javascript/DOM.qll
@@ -63,29 +63,25 @@ module DOM {
   /**
    * An HTML element, viewed as an `ElementDefinition`.
    */
-  private class HtmlElementDefinition extends ElementDefinition, @xmlelement {
-    HtmlElementDefinition() { this instanceof HTML::Element }
-
-    override string getName() { result = this.(HTML::Element).getName() }
+  private class HtmlElementDefinition extends ElementDefinition, @xmlelement instanceof HTML::Element {
+    override string getName() { result = HTML::Element.super.getName() }
 
     override AttributeDefinition getAttribute(int i) {
-      result = this.(HTML::Element).getAttribute(i)
+      result = HTML::Element.super.getAttribute(i)
     }
 
-    override ElementDefinition getParent() { result = this.(HTML::Element).getParent() }
+    override ElementDefinition getParent() { result = HTML::Element.super.getParent() }
   }
 
   /**
    * A JSX element, viewed as an `ElementDefinition`.
    */
-  private class JsxElementDefinition extends ElementDefinition, @jsx_element {
-    JsxElementDefinition() { this instanceof JSXElement }
-
-    override string getName() { result = this.(JSXElement).getName() }
+  private class JsxElementDefinition extends ElementDefinition, @jsx_element instanceof JSXElement {
+    override string getName() { result = JSXElement.super.getName() }
 
-    override AttributeDefinition getAttribute(int i) { result = this.(JSXElement).getAttribute(i) }
+    override AttributeDefinition getAttribute(int i) { result = JSXElement.super.getAttribute(i) }
 
-    override ElementDefinition getParent() { result = this.(JSXElement).getJsxParent() }
+    override ElementDefinition getParent() { result = super.getJsxParent() }
   }
 
   /**
@@ -131,14 +127,12 @@ module DOM {
   /**
    * An HTML attribute, viewed as an `AttributeDefinition`.
    */
-  private class HtmlAttributeDefinition extends AttributeDefinition, @xmlattribute {
-    HtmlAttributeDefinition() { this instanceof HTML::Attribute }
-
-    override string getName() { result = this.(HTML::Attribute).getName() }
+  private class HtmlAttributeDefinition extends AttributeDefinition, @xmlattribute instanceof HTML::Attribute {
+    override string getName() { result = HTML::Attribute.super.getName() }
 
-    override string getStringValue() { result = this.(HTML::Attribute).getValue() }
+    override string getStringValue() { result = super.getValue() }
 
-    override ElementDefinition getElement() { result = this.(HTML::Attribute).getElement() }
+    override ElementDefinition getElement() { result = HTML::Attribute.super.getElement() }
   }
 
   /**
diff --git a/javascript/ql/lib/semmle/javascript/dataflow/Nodes.qll b/javascript/ql/lib/semmle/javascript/dataflow/Nodes.qll
@@ -61,17 +61,15 @@ class ParameterNode extends DataFlow::SourceNode {
  * new Array(16)
  * ```
  */
-class InvokeNode extends DataFlow::SourceNode {
-  InvokeNode() { this instanceof DataFlow::Impl::InvokeNodeDef }
-
+class InvokeNode extends DataFlow::SourceNode instanceof DataFlow::Impl::InvokeNodeDef {
   /** Gets the syntactic invoke expression underlying this function invocation. */
-  InvokeExpr getInvokeExpr() { result = this.(DataFlow::Impl::InvokeNodeDef).getInvokeExpr() }
+  InvokeExpr getInvokeExpr() { result = super.getInvokeExpr() }
 
   /** Gets the name of the function or method being invoked, if it can be determined. */
-  string getCalleeName() { result = this.(DataFlow::Impl::InvokeNodeDef).getCalleeName() }
+  string getCalleeName() { result = super.getCalleeName() }
 
   /** Gets the data flow node specifying the function to be called. */
-  DataFlow::Node getCalleeNode() { result = this.(DataFlow::Impl::InvokeNodeDef).getCalleeNode() }
+  DataFlow::Node getCalleeNode() { result = super.getCalleeNode() }
 
   /**
    * Gets the data flow node corresponding to the `i`th argument of this invocation.
@@ -92,10 +90,10 @@ class InvokeNode extends DataFlow::SourceNode {
    * but the position of `z` cannot be determined, hence there are no first and second
    * argument nodes.
    */
-  DataFlow::Node getArgument(int i) { result = this.(DataFlow::Impl::InvokeNodeDef).getArgument(i) }
+  DataFlow::Node getArgument(int i) { result = super.getArgument(i) }
 
   /** Gets the data flow node corresponding to an argument of this invocation. */
-  DataFlow::Node getAnArgument() { result = this.(DataFlow::Impl::InvokeNodeDef).getAnArgument() }
+  DataFlow::Node getAnArgument() { result = super.getAnArgument() }
 
   /** Gets the data flow node corresponding to the last argument of this invocation. */
   DataFlow::Node getLastArgument() { result = getArgument(getNumArgument() - 1) }
@@ -112,12 +110,10 @@ class InvokeNode extends DataFlow::SourceNode {
    * ```
    *  .
    */
-  DataFlow::Node getASpreadArgument() {
-    result = this.(DataFlow::Impl::InvokeNodeDef).getASpreadArgument()
-  }
+  DataFlow::Node getASpreadArgument() { result = super.getASpreadArgument() }
 
   /** Gets the number of arguments of this invocation, if it can be determined. */
-  int getNumArgument() { result = this.(DataFlow::Impl::InvokeNodeDef).getNumArgument() }
+  int getNumArgument() { result = super.getNumArgument() }
 
   Function getEnclosingFunction() { result = getBasicBlock().getContainer() }
 
@@ -258,15 +254,13 @@ class InvokeNode extends DataFlow::SourceNode {
  * Math.abs(x)
  * ```
  */
-class CallNode extends InvokeNode {
-  CallNode() { this instanceof DataFlow::Impl::CallNodeDef }
-
+class CallNode extends InvokeNode instanceof DataFlow::Impl::CallNodeDef {
   /**
    * Gets the data flow node corresponding to the receiver expression of this method call.
    *
    * For example, the receiver of `x.m()` is `x`.
    */
-  DataFlow::Node getReceiver() { result = this.(DataFlow::Impl::CallNodeDef).getReceiver() }
+  DataFlow::Node getReceiver() { result = super.getReceiver() }
 }
 
 /**
@@ -279,11 +273,9 @@ class CallNode extends InvokeNode {
  * Math.abs(x)
  * ```
  */
-class MethodCallNode extends CallNode {
-  MethodCallNode() { this instanceof DataFlow::Impl::MethodCallNodeDef }
-
+class MethodCallNode extends CallNode instanceof DataFlow::Impl::MethodCallNodeDef {
   /** Gets the name of the invoked method, if it can be determined. */
-  string getMethodName() { result = this.(DataFlow::Impl::MethodCallNodeDef).getMethodName() }
+  string getMethodName() { result = super.getMethodName() }
 
   /**
    * Holds if this data flow node calls method `methodName` on receiver node `receiver`.
diff --git a/javascript/ql/lib/semmle/javascript/dataflow/Refinements.qll b/javascript/ql/lib/semmle/javascript/dataflow/Refinements.qll
@@ -53,21 +53,18 @@ abstract class RefinementCandidate extends Expr {
  * A refinement candidate that references at most one variable, and hence
  * can be used to refine the abstract values inferred for that variable.
  */
-class Refinement extends Expr {
-  Refinement() {
-    this instanceof RefinementCandidate and
-    count(this.(RefinementCandidate).getARefinedVar()) <= 1
-  }
+class Refinement extends Expr instanceof RefinementCandidate {
+  Refinement() { count(this.(RefinementCandidate).getARefinedVar()) <= 1 }
 
   /**
    * Gets the variable refined by this expression, if any.
    */
-  SsaSourceVariable getRefinedVar() { result = this.(RefinementCandidate).getARefinedVar() }
+  SsaSourceVariable getRefinedVar() { result = super.getARefinedVar() }
 
   /**
    * Gets a refinement value inferred for this expression in context `ctxt`.
    */
-  RefinementValue eval(RefinementContext ctxt) { result = this.(RefinementCandidate).eval(ctxt) }
+  RefinementValue eval(RefinementContext ctxt) { result = super.eval(ctxt) }
 }
 
 /** A literal, viewed as a refinement expression. */
diff --git a/javascript/ql/lib/semmle/javascript/security/performance/PolynomialReDoSCustomizations.qll b/javascript/ql/lib/semmle/javascript/security/performance/PolynomialReDoSCustomizations.qll
@@ -47,10 +47,8 @@ module PolynomialReDoS {
    * A remote input to a server, seen as a source for polynomial
    * regular expression denial-of-service vulnerabilities.
    */
-  class RequestInputAccessAsSource extends Source {
-    RequestInputAccessAsSource() { this instanceof HTTP::RequestInputAccess }
-
-    override string getKind() { result = this.(HTTP::RequestInputAccess).getKind() }
+  class RequestInputAccessAsSource extends Source instanceof HTTP::RequestInputAccess {
+    override string getKind() { result = HTTP::RequestInputAccess.super.getKind() }
   }
 
   /**
diff --git a/javascript/ql/src/experimental/Security/CWE-090/LdapInjectionCustomizations.qll b/javascript/ql/src/experimental/Security/CWE-090/LdapInjectionCustomizations.qll
@@ -39,21 +39,17 @@ module LdapInjection {
   /**
    * An LDAP filter for an API call that executes an operation against the LDAP server.
    */
-  class LdapjsSearchFilterAsSink extends Sink {
-    LdapjsSearchFilterAsSink() { this instanceof LdapjsSearchFilter }
-
+  class LdapjsSearchFilterAsSink extends Sink instanceof LdapjsSearchFilter {
     override DataFlow::InvokeNode getQueryCall() {
-      result = this.(LdapjsSearchFilter).getQueryCall()
+      result = LdapjsSearchFilter.super.getQueryCall()
     }
   }
 
   /**
    * An LDAP DN argument for an API call that executes an operation against the LDAP server.
    */
-  class LdapjsDNArgumentAsSink extends Sink {
-    LdapjsDNArgumentAsSink() { this instanceof LdapjsDNArgument }
-
-    override DataFlow::InvokeNode getQueryCall() { result = this.(LdapjsDNArgument).getQueryCall() }
+  class LdapjsDNArgumentAsSink extends Sink instanceof LdapjsDNArgument {
+    override DataFlow::InvokeNode getQueryCall() { result = LdapjsDNArgument.super.getQueryCall() }
   }
 
   /**
