use the generalized fs module in more places

Author: erik-krogh

javascript/ql/src/semmle/javascript/frameworks/NodeJSLib.qll

@@ -306,7 +306,7 @@ module NodeJSLib {
 
     FsFlowTarget() {
       exists(DataFlow::CallNode call, string methodName |
-        call = DataFlow::moduleMember("fs", methodName).getACall()
+        call = Fs::moduleMember(methodName).getACall()
       |
         methodName = "realpathSync" and
         tainted = call.getArgument(0) and
@@ -430,27 +430,32 @@ module NodeJSLib {
   }
 
   /**
-   * A member `member` from module `fs` or its drop-in replacements `graceful-fs`, `fs-extra`, `original-fs`.
+   * Provides predicates for working with the "fs" module and its variants as a single module.
    */
-  private DataFlow::SourceNode fsModuleMember(string member) {
-    result = fsModule(DataFlow::TypeTracker::end()).getAPropertyRead(member)
-  }
+  module Fs {
+    /**
+     * A member `member` from module `fs` or its drop-in replacements `graceful-fs`, `fs-extra`, `original-fs`.
+     */
+    DataFlow::SourceNode moduleMember(string member) {
+      result = fsModule(DataFlow::TypeTracker::end()).getAPropertyRead(member)
+    }
 
-  private DataFlow::SourceNode fsModule(DataFlow::TypeTracker t) {
-    exists(string moduleName |
-      moduleName = "fs" or
-      moduleName = "graceful-fs" or
-      moduleName = "fs-extra" or
-      moduleName = "original-fs"
-    |
-      result = DataFlow::moduleImport(moduleName)
+    private DataFlow::SourceNode fsModule(DataFlow::TypeTracker t) {
+      exists(string moduleName |
+        moduleName = "fs" or
+        moduleName = "graceful-fs" or
+        moduleName = "fs-extra" or
+        moduleName = "original-fs"
+      |
+        result = DataFlow::moduleImport(moduleName)
+        or
+        // extra support for flexible names
+        result.asExpr().(Require).getArgument(0).mayHaveStringValue(moduleName)
+      ) and
+      t.start()
       or
-      // extra support for flexible names
-      result.asExpr().(Require).getArgument(0).mayHaveStringValue(moduleName)
-    ) and
-    t.start()
-    or
-    exists(DataFlow::TypeTracker t2 | result = fsModule(t2).track(t2, t))
+      exists(DataFlow::TypeTracker t2 | result = fsModule(t2).track(t2, t))
+    }
   }
 
   /**
@@ -459,7 +464,7 @@ module NodeJSLib {
   private class NodeJSFileSystemAccess extends FileSystemAccess, DataFlow::CallNode {
     string methodName;
 
-    NodeJSFileSystemAccess() { this = maybePromisified(fsModuleMember(methodName)).getACall() }
+    NodeJSFileSystemAccess() { this = maybePromisified(Fs::moduleMember(methodName)).getACall() }
 
     /**
      * Gets the name of the called method.
@@ -582,8 +587,8 @@ module NodeJSLib {
         name = "readdir" or
         name = "realpath"
       |
-        this = fsModuleMember(name).getACall().getCallback([1 .. 2]).getParameter(1) or
-        this = fsModuleMember(name + "Sync").getACall()
+        this = Fs::moduleMember(name).getACall().getCallback([1 .. 2]).getParameter(1) or
+        this = Fs::moduleMember(name + "Sync").getACall()
       )
     }
   }

javascript/ql/src/semmle/javascript/security/dataflow/TaintedPathCustomizations.qll

@@ -155,11 +155,11 @@ module TaintedPath {
       input = getAnArgument() and
       output = this
       or
-      this = DataFlow::moduleMember("fs", "realpathSync").getACall() and
+      this = NodeJSLib::Fs::moduleMember("realpathSync").getACall() and
       input = getArgument(0) and
       output = this
       or
-      this = DataFlow::moduleMember("fs", "realpath").getACall() and
+      this = NodeJSLib::Fs::moduleMember("realpath").getACall() and
       input = getArgument(0) and
       output = getCallback(1).getParameter(1)
     }

javascript/ql/src/semmle/javascript/security/dataflow/ZipSlipCustomizations.qll

@@ -107,7 +107,7 @@ module ZipSlip {
       // However, we want to consider even the bare `createWriteStream`
       // to be a zipslip vulnerability since it may truncate an
       // existing file.
-      this = DataFlow::moduleImport("fs").getAMemberCall("createWriteStream").getArgument(0)
+      this = NodeJSLib::Fs::moduleMember("createWriteStream").getACall().getArgument(0)
     }
   }