Skip to content

Commit ca5f8b0

Browse files
asgerfasgerf
committed
JS: Move some code into ModelsAsData.qll
1 parent 6e64a22 commit ca5f8b0

File tree

2 files changed

+44
-46
lines changed

2 files changed

+44
-46
lines changed

javascript/ql/lib/semmle/javascript/frameworks/data/ModelsAsData.qll

Lines changed: 44 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -45,12 +45,55 @@ private class ThreatModelSourceFromDataExtension extends ThreatModelSource::Rang
4545
}
4646
}
4747

48+
/**
49+
* Holds if `path` is an input or output spec for a summary with the given `base` node.
50+
*/
51+
pragma[nomagic]
52+
private predicate relevantInputOutputPath(API::InvokeNode base, AccessPath inputOrOutput) {
53+
exists(string type, string input, string output, string path |
54+
ModelOutput::resolvedSummaryBase(type, path, base) and
55+
ModelOutput::relevantSummaryModel(type, path, input, output, _, _) and
56+
inputOrOutput = [input, output]
57+
)
58+
}
59+
60+
/**
61+
* Gets the API node for the first `n` tokens of the given input/output path, evaluated relative to `baseNode`.
62+
*/
63+
private API::Node getNodeFromInputOutputPath(API::InvokeNode baseNode, AccessPath path, int n) {
64+
relevantInputOutputPath(baseNode, path) and
65+
(
66+
n = 1 and
67+
result = Shared::getSuccessorFromInvoke(baseNode, path.getToken(0))
68+
or
69+
result =
70+
Shared::getSuccessorFromNode(getNodeFromInputOutputPath(baseNode, path, n - 1),
71+
path.getToken(n - 1))
72+
)
73+
}
74+
75+
/**
76+
* Gets the API node for the given input/output path, evaluated relative to `baseNode`.
77+
*/
78+
private API::Node getNodeFromInputOutputPath(API::InvokeNode baseNode, AccessPath path) {
79+
result = getNodeFromInputOutputPath(baseNode, path, path.getNumToken())
80+
}
81+
82+
private predicate summaryStep(API::Node pred, API::Node succ, string kind) {
83+
exists(string type, string path, API::InvokeNode base, AccessPath input, AccessPath output |
84+
ModelOutput::relevantSummaryModel(type, path, input, output, kind, _) and
85+
ModelOutput::resolvedSummaryBase(type, path, base) and
86+
pred = getNodeFromInputOutputPath(base, input) and
87+
succ = getNodeFromInputOutputPath(base, output)
88+
)
89+
}
90+
4891
/**
4992
* Like `ModelOutput::summaryStep` but with API nodes mapped to data-flow nodes.
5093
*/
5194
private predicate summaryStepNodes(DataFlow::Node pred, DataFlow::Node succ, string kind) {
5295
exists(API::Node predNode, API::Node succNode |
53-
Specific::summaryStep(predNode, succNode, kind) and
96+
summaryStep(predNode, succNode, kind) and
5497
pred = predNode.asSink() and
5598
succ = succNode.asSource()
5699
)

javascript/ql/lib/semmle/javascript/frameworks/data/internal/ApiGraphModelsSpecific.qll

Lines changed: 0 additions & 45 deletions
Original file line numberDiff line numberDiff line change
@@ -272,51 +272,6 @@ predicate invocationMatchesExtraCallSiteFilter(API::InvokeNode invoke, AccessPat
272272
)
273273
}
274274

275-
/**
276-
* Holds if `path` is an input or output spec for a summary with the given `base` node.
277-
*/
278-
pragma[nomagic]
279-
private predicate relevantInputOutputPath(API::InvokeNode base, AccessPath inputOrOutput) {
280-
exists(string type, string input, string output, string path |
281-
ModelOutput::relevantSummaryModel(type, path, input, output, _, _) and
282-
ModelOutput::resolvedSummaryBase(type, path, base) and
283-
inputOrOutput = [input, output]
284-
)
285-
}
286-
287-
/**
288-
* Gets the API node for the first `n` tokens of the given input/output path, evaluated relative to `baseNode`.
289-
*/
290-
private API::Node getNodeFromInputOutputPath(API::InvokeNode baseNode, AccessPath path, int n) {
291-
relevantInputOutputPath(baseNode, path) and
292-
(
293-
n = 1 and
294-
result = getSuccessorFromInvoke(baseNode, path.getToken(0))
295-
or
296-
result =
297-
getSuccessorFromNode(getNodeFromInputOutputPath(baseNode, path, n - 1), path.getToken(n - 1))
298-
)
299-
}
300-
301-
/**
302-
* Gets the API node for the given input/output path, evaluated relative to `baseNode`.
303-
*/
304-
private API::Node getNodeFromInputOutputPath(API::InvokeNode baseNode, AccessPath path) {
305-
result = getNodeFromInputOutputPath(baseNode, path, path.getNumToken())
306-
}
307-
308-
/**
309-
* Holds if a CSV summary contributed the step `pred -> succ` of the given `kind`.
310-
*/
311-
predicate summaryStep(API::Node pred, API::Node succ, string kind) {
312-
exists(string type, string path, API::InvokeNode base, AccessPath input, AccessPath output |
313-
ModelOutput::relevantSummaryModel(type, path, input, output, kind, _) and
314-
ModelOutput::resolvedSummaryBase(type, path, base) and
315-
pred = getNodeFromInputOutputPath(base, input) and
316-
succ = getNodeFromInputOutputPath(base, output)
317-
)
318-
}
319-
320275
class InvokeNode = API::InvokeNode;
321276

322277
/** Gets an `InvokeNode` corresponding to an invocation of `node`. */

0 commit comments

Comments
 (0)