Skip to content

Commit 28eef26

Browse files
erik-krogherik-krogh
committed
recognize the define(..) call in PackageExports.qll
1 parent 3ca6701 commit 28eef26

File tree

1 file changed

+2
-1
lines changed

1 file changed

+2
-1
lines changed

javascript/ql/src/semmle/javascript/PackageExports.qll

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -67,7 +67,8 @@ private DataFlow::Node getAValueExportedByPackage() {
6767
exists(ImmediatelyInvokedFunctionExpr func, DataFlow::ParameterNode prev, int i |
6868
prev.getName() = "factory" and
6969
func.getParameter(i) = prev.getParameter() and
70-
result = func.getInvocation().getArgument(i).flow().getAFunctionValue().getAReturn()
70+
result = func.getInvocation().getArgument(i).flow().getAFunctionValue().getAReturn() and
71+
DataFlow::globalVarRef("define").getACall().getArgument(1) = prev.getALocalUse()
7172
)
7273
or
7374
// the exported value is a call to a unique callee

0 commit comments

Comments
 (0)