add explicit this

erik-krogh · erik-krogh · commit d58fe8e19360 · 2022-05-24T10:59:13.000+02:00
diff --git a/javascript/ql/lib/semmle/javascript/dataflow/TaintTracking.qll b/javascript/ql/lib/semmle/javascript/dataflow/TaintTracking.qll
@@ -87,7 +87,7 @@ module TaintTracking {
     override predicate isLabeledBarrier(DataFlow::Node node, DataFlow::FlowLabel lbl) {
       super.isLabeledBarrier(node, lbl)
       or
-      isSanitizer(node) and lbl.isTaint()
+      this.isSanitizer(node) and lbl.isTaint()
     }
 
     override predicate isBarrier(DataFlow::Node node) {
@@ -103,15 +103,15 @@ module TaintTracking {
     ) {
       super.isBarrierEdge(source, sink, lbl)
       or
-      isSanitizerEdge(source, sink, lbl)
+      this.isSanitizerEdge(source, sink, lbl)
       or
-      isSanitizerEdge(source, sink) and lbl.isTaint()
+      this.isSanitizerEdge(source, sink) and lbl.isTaint()
     }
 
     final override predicate isBarrierGuard(DataFlow::BarrierGuardNode guard) {
       super.isBarrierGuard(guard) or
       guard.(AdditionalSanitizerGuardNode).appliesTo(this) or
-      isSanitizerGuard(guard)
+      this.isSanitizerGuard(guard)
     }
 
     /**
@@ -121,14 +121,14 @@ module TaintTracking {
     predicate isAdditionalTaintStep(DataFlow::Node pred, DataFlow::Node succ) { none() }
 
     final override predicate isAdditionalFlowStep(DataFlow::Node pred, DataFlow::Node succ) {
-      isAdditionalTaintStep(pred, succ) or
+      this.isAdditionalTaintStep(pred, succ) or
       sharedTaintStep(pred, succ)
     }
 
     final override predicate isAdditionalFlowStep(
       DataFlow::Node pred, DataFlow::Node succ, boolean valuePreserving
     ) {
-      isAdditionalFlowStep(pred, succ) and valuePreserving = false
+      this.isAdditionalFlowStep(pred, succ) and valuePreserving = false
     }
 
     override DataFlow::FlowLabel getDefaultSourceLabel() { result.isTaint() }
@@ -173,9 +173,9 @@ module TaintTracking {
     abstract predicate sanitizes(boolean outcome, Expr e);
 
     override predicate blocks(boolean outcome, Expr e, DataFlow::FlowLabel label) {
-      sanitizes(outcome, e) and label.isTaint()
+      this.sanitizes(outcome, e) and label.isTaint()
       or
-      sanitizes(outcome, e, label)
+      this.sanitizes(outcome, e, label)
     }
 
     /**
@@ -1032,13 +1032,13 @@ module TaintTracking {
         name = "has" or
         name = "hasOwnProperty"
       |
-        getMethodName() = name
+        this.getMethodName() = name
       )
     }
 
     override predicate sanitizes(boolean outcome, Expr e) {
       outcome = true and
-      e = getArgument(0).asExpr()
+      e = this.getArgument(0).asExpr()
     }
 
     override predicate appliesTo(Configuration cfg) { any() }
@@ -1053,14 +1053,14 @@ module TaintTracking {
    */
   class AdHocWhitelistCheckSanitizer extends SanitizerGuardNode, DataFlow::CallNode {
     AdHocWhitelistCheckSanitizer() {
-      getCalleeName()
+      this.getCalleeName()
           .regexpMatch("(?i).*((?<!un)safe|whitelist|(?<!in)valid|allow|(?<!un)auth(?!or\\b)).*") and
-      getNumArgument() = 1
+      this.getNumArgument() = 1
     }
 
     override predicate sanitizes(boolean outcome, Expr e) {
       outcome = true and
-      e = getArgument(0).asExpr()
+      e = this.getArgument(0).asExpr()
     }
   }
 
diff --git a/javascript/ql/src/Security/CWE-020/IncompleteUrlSchemeCheck.ql b/javascript/ql/src/Security/CWE-020/IncompleteUrlSchemeCheck.ql
@@ -24,7 +24,7 @@ class DangerousScheme extends string {
   string getWithoutColon() { this = result + ":" }
 
   /** Gets the name of this scheme, with or without the `:`. */
-  string getWithOrWithoutColon() { result = this or result = getWithoutColon() }
+  string getWithOrWithoutColon() { result = this or result = this.getWithoutColon() }
 }
 
 /** Returns a node that refers to the scheme of `url`. */
diff --git a/javascript/ql/test/ApiGraphs/VerifyAssertions.qll b/javascript/ql/test/ApiGraphs/VerifyAssertions.qll
@@ -84,8 +84,8 @@ class Assertion extends Comment {
   string tryExplainFailure() {
     exists(int i, API::Node nd, string prefix, string suffix |
       nd = this.lookup(i) and
-      i < getPathLength() and
-      not exists(this.lookup([i + 1 .. getPathLength()])) and
+      i < this.getPathLength() and
+      not exists(this.lookup([i + 1 .. this.getPathLength()])) and
       prefix = nd + " has no outgoing edge labelled " + this.getEdgeLabel(i) + ";" and
       if exists(nd.getASuccessor())
       then
diff --git a/javascript/ql/test/library-tests/CallGraphs/AnnotatedTest/Test.ql b/javascript/ql/test/library-tests/CallGraphs/AnnotatedTest/Test.ql
@@ -42,16 +42,16 @@ class AnnotatedCall extends DataFlow::Node {
   string getCallTargetName() { result = calls }
 
   AnnotatedFunction getAnExpectedCallee(string kind_) {
-    result.getCalleeName() = getCallTargetName() and
+    result.getCalleeName() = this.getCallTargetName() and
     kind = kind_
   }
 
   int getBoundArgs() { result = getAnnotation(this.getAstNode(), "boundArgs").toInt() }
 
   int getBoundArgsOrMinusOne() {
-    result = getBoundArgs()
+    result = this.getBoundArgs()
     or
-    not exists(getBoundArgs()) and
+    not exists(this.getBoundArgs()) and
     result = -1
   }
 

Original file line number	Diff line number	Diff line change
`@@ -24,7 +24,7 @@ class DangerousScheme extends string {`
`24`	`24`	`string getWithoutColon() { this = result + ":" }`
`25`	`25`
`26`	`26`	/** Gets the name of this scheme, with or without the `:`. */
`27`		`- string getWithOrWithoutColon() { result = this or result = getWithoutColon() }`
	`27`	`+ string getWithOrWithoutColon() { result = this or result = this.getWithoutColon() }`
`28`	`28`	`}`
`29`	`29`
`30`	`30`	/** Returns a node that refers to the scheme of `url`. */