JS: Use getAMatchedString instead of getConstantString

Author: asgerf

javascript/ql/lib/semmle/javascript/security/dataflow/TaintedPathCustomizations.qll

@@ -459,7 +459,7 @@ module TaintedPath {
    * An expression of form `x.matches(/\.\./)` or similar.
    */
   class ContainsDotDotRegExpSanitizer extends BarrierGuardNode instanceof StringOps::RegExpTest {
-    ContainsDotDotRegExpSanitizer() { super.getRegExp().getConstantValue() = [".", "..", "../"] }
+    ContainsDotDotRegExpSanitizer() { super.getRegExp().getAMatchedString() = [".", "..", "../"] }
 
     override predicate blocks(boolean outcome, Expr e, DataFlow::FlowLabel label) {
       e = super.getStringOperand().asExpr() and

javascript/ql/test/query-tests/Security/CWE-022/TaintedPath/Consistency.expected

@@ -1 +0,0 @@
-| query-tests/Security/CWE-022/TaintedPath/normalizedPaths.js:402 | did not expect an alert, but found an alert for TaintedPath | OK |  |

javascript/ql/test/query-tests/Security/CWE-022/TaintedPath/TaintedPath.expected

@@ -2129,9 +2129,6 @@ nodes
 | normalizedPaths.js:399:21:399:24 | path |
 | normalizedPaths.js:399:21:399:24 | path |
 | normalizedPaths.js:399:21:399:24 | path |
-| normalizedPaths.js:402:21:402:24 | path |
-| normalizedPaths.js:402:21:402:24 | path |
-| normalizedPaths.js:402:21:402:24 | path |
 | other-fs-libraries.js:9:7:9:48 | path |
 | other-fs-libraries.js:9:7:9:48 | path |
 | other-fs-libraries.js:9:7:9:48 | path |
@@ -7022,10 +7019,6 @@ edges
 | normalizedPaths.js:385:7:385:46 | path | normalizedPaths.js:399:21:399:24 | path |
 | normalizedPaths.js:385:7:385:46 | path | normalizedPaths.js:399:21:399:24 | path |
 | normalizedPaths.js:385:7:385:46 | path | normalizedPaths.js:399:21:399:24 | path |
-| normalizedPaths.js:385:7:385:46 | path | normalizedPaths.js:402:21:402:24 | path |
-| normalizedPaths.js:385:7:385:46 | path | normalizedPaths.js:402:21:402:24 | path |
-| normalizedPaths.js:385:7:385:46 | path | normalizedPaths.js:402:21:402:24 | path |
-| normalizedPaths.js:385:7:385:46 | path | normalizedPaths.js:402:21:402:24 | path |
 | normalizedPaths.js:385:14:385:46 | pathMod ... uery.x) | normalizedPaths.js:385:7:385:46 | path |
 | normalizedPaths.js:385:14:385:46 | pathMod ... uery.x) | normalizedPaths.js:385:7:385:46 | path |
 | normalizedPaths.js:385:35:385:45 | req.query.x | normalizedPaths.js:385:14:385:46 | pathMod ... uery.x) |
@@ -9706,7 +9699,6 @@ edges
 | normalizedPaths.js:381:19:381:29 | slash(path) | normalizedPaths.js:377:14:377:27 | req.query.path | normalizedPaths.js:381:19:381:29 | slash(path) | This path depends on $@. | normalizedPaths.js:377:14:377:27 | req.query.path | a user-provided value |
 | normalizedPaths.js:388:19:388:22 | path | normalizedPaths.js:385:35:385:45 | req.query.x | normalizedPaths.js:388:19:388:22 | path | This path depends on $@. | normalizedPaths.js:385:35:385:45 | req.query.x | a user-provided value |
 | normalizedPaths.js:399:21:399:24 | path | normalizedPaths.js:385:35:385:45 | req.query.x | normalizedPaths.js:399:21:399:24 | path | This path depends on $@. | normalizedPaths.js:385:35:385:45 | req.query.x | a user-provided value |
-| normalizedPaths.js:402:21:402:24 | path | normalizedPaths.js:385:35:385:45 | req.query.x | normalizedPaths.js:402:21:402:24 | path | This path depends on $@. | normalizedPaths.js:385:35:385:45 | req.query.x | a user-provided value |
 | other-fs-libraries.js:11:19:11:22 | path | other-fs-libraries.js:9:24:9:30 | req.url | other-fs-libraries.js:11:19:11:22 | path | This path depends on $@. | other-fs-libraries.js:9:24:9:30 | req.url | a user-provided value |
 | other-fs-libraries.js:12:27:12:30 | path | other-fs-libraries.js:9:24:9:30 | req.url | other-fs-libraries.js:12:27:12:30 | path | This path depends on $@. | other-fs-libraries.js:9:24:9:30 | req.url | a user-provided value |
 | other-fs-libraries.js:13:24:13:27 | path | other-fs-libraries.js:9:24:9:30 | req.url | other-fs-libraries.js:13:24:13:27 | path | This path depends on $@. | other-fs-libraries.js:9:24:9:30 | req.url | a user-provided value |