Skip to content

Commit 3da34ca

Browse files
erik-krogherik-krogh
committed
update Express::RouteExpr to a DataFlow::Node 
1 parent 3eb4866 commit 3da34ca

File tree

1 file changed

+9
-12
lines changed
  • javascript/ql/lib/semmle/javascript/frameworks

1 file changed

+9
-12
lines changed

javascript/ql/lib/semmle/javascript/frameworks/Express.qll

Lines changed: 9 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -40,28 +40,25 @@ module Express {
4040
)
4141
}
4242

43-
/**
44-
* Holds if `e` may refer to the given `router` object.
45-
*/
46-
private predicate isRouter(Expr e, RouterDefinition router) { router.ref().flowsToExpr(e) } // TODO: DataFlow::Node
43+
/** Holds if `e` may refer to the given `router` object. */
44+
private predicate isRouter(DataFlow::Node e, RouterDefinition router) { router.ref().flowsTo(e) }
4745

4846
/**
4947
* Holds if `e` may refer to a router object.
5048
*/
51-
private predicate isRouter(Expr e) {
52-
// TODO: DataFlow::Node
49+
private predicate isRouter(DataFlow::Node e) {
5350
isRouter(e, _)
5451
or
55-
e.getType().hasUnderlyingType("express", "Router")
52+
e.asExpr().getType().hasUnderlyingType("express", "Router")
5653
or
5754
// created by `webpack-dev-server`
58-
WebpackDevServer::webpackDevServerApp().flowsToExpr(e)
55+
WebpackDevServer::webpackDevServerApp().flowsTo(e)
5956
}
6057

6158
/**
6259
* An expression that refers to a route.
6360
*/
64-
class RouteExpr extends MethodCallExpr {
61+
class RouteExpr extends DataFlow::MethodCallNode {
6562
RouteExpr() { isRouter(this) }
6663

6764
/** Gets the router from which this route was created, if it is known. */
@@ -143,15 +140,15 @@ module Express {
143140
*/
144141
class RouteSetup extends HTTP::Servers::StandardRouteSetup, DataFlow::MethodCallNode {
145142
RouteSetup() {
146-
isRouter(this.getReceiver().asExpr()) and
143+
isRouter(this.getReceiver()) and
147144
this.getMethodName() = routeSetupMethodName()
148145
}
149146

150147
/** Gets the path associated with the route. */
151148
string getPath() { this.getArgument(0).mayHaveStringValue(result) }
152149

153150
/** Gets the router on which handlers are being registered. */
154-
RouterDefinition getRouter() { isRouter(this.getReceiver().asExpr(), result) }
151+
RouterDefinition getRouter() { isRouter(this.getReceiver(), result) }
155152

156153
/** Holds if this is a call `use`, such as `app.use(handler)`. */
157154
predicate isUseCall() { this.getMethodName() = "use" }
@@ -420,7 +417,7 @@ module Express {
420417
/**
421418
* Gets the router being registered as a sub-router here, if any.
422419
*/
423-
RouterDefinition getAsSubRouter() { isRouter(this, result) }
420+
RouterDefinition getAsSubRouter() { isRouter(this.flow(), result) }
424421
}
425422

426423
/**

0 commit comments

Comments
 (0)