JS: Update NoSQL model

asgerf · asgerf · commit c146e044ca9a · 2020-11-23T16:17:00.000Z
diff --git a/javascript/ql/src/semmle/javascript/frameworks/NoSQL.qll b/javascript/ql/src/semmle/javascript/frameworks/NoSQL.qll
@@ -62,22 +62,20 @@ private module MongoDB {
   }
 
   /** A call to a MongoDB query method. */
-  private class QueryCall extends DatabaseAccess, DataFlow::CallNode {
+  private class QueryCall extends DatabaseAccess, API::CallNode {
     int queryArgIdx;
-    API::Node callee;
 
     QueryCall() {
       exists(string method |
         CollectionMethodSignatures::interpretsArgumentAsQuery(method, queryArgIdx) and
-        callee = getACollection().getMember(method)
-      ) and
-      this = callee.getACall()
+        this = getACollection().getMember(method).getACall()
+      )
     }
 
     override DataFlow::Node getAQueryArgument() { result = getArgument(queryArgIdx) }
 
     DataFlow::Node getACodeOperator() {
-      result = getADollarWhereProperty(callee.getParameter(queryArgIdx))
+      result = getADollarWhereProperty(getParameter(queryArgIdx))
     }
   }
 
@@ -670,22 +668,20 @@ private module Minimongo {
   }
 
   /** A call to a Minimongo query method. */
-  private class QueryCall extends DatabaseAccess, DataFlow::MethodCallNode {
+  private class QueryCall extends DatabaseAccess, API::CallNode {
     int queryArgIdx;
-    API::Node callee;
 
     QueryCall() {
       exists(string m |
-        callee = API::moduleImport("minimongo").getAMember().getReturn().getAMember().getMember(m) and
-        this = callee.getACall() and
+        this = API::moduleImport("minimongo").getAMember().getReturn().getAMember().getMember(m).getACall() and
         CollectionMethodSignatures::interpretsArgumentAsQuery(m, queryArgIdx)
       )
     }
 
     override DataFlow::Node getAQueryArgument() { result = getArgument(queryArgIdx) }
 
     DataFlow::Node getACodeOperator() {
-      result = getADollarWhereProperty(callee.getParameter(queryArgIdx))
+      result = getADollarWhereProperty(getParameter(queryArgIdx))
     }
   }
 
@@ -706,14 +702,12 @@ private module Minimongo {
  */
 private module MarsDB {
   /** A call to a MarsDB query method. */
-  private class QueryCall extends DatabaseAccess, DataFlow::MethodCallNode {
+  private class QueryCall extends DatabaseAccess, API::MethodCallNode {
     int queryArgIdx;
-    API::Node callee;
 
     QueryCall() {
       exists(string m |
-        callee = API::moduleImport("marsdb").getMember("Collection").getInstance().getMember(m) and
-        this = callee.getACall() and
+        this = API::moduleImport("marsdb").getMember("Collection").getInstance().getMember(m).getACall() and
         // implements parts of the Minimongo interface
         Minimongo::CollectionMethodSignatures::interpretsArgumentAsQuery(m, queryArgIdx)
       )
@@ -722,7 +716,7 @@ private module MarsDB {
     override DataFlow::Node getAQueryArgument() { result = getArgument(queryArgIdx) }
 
     DataFlow::Node getACodeOperator() {
-      result = getADollarWhereProperty(callee.getParameter(queryArgIdx))
+      result = getADollarWhereProperty(getParameter(queryArgIdx))
     }
   }
 

Original file line number	Diff line number	Diff line change
`@@ -62,22 +62,20 @@ private module MongoDB {`
`62`	`62`	`}`
`63`	`63`
`64`	`64`	`/** A call to a MongoDB query method. */`
`65`		`- private class QueryCall extends DatabaseAccess, DataFlow::CallNode {`
	`65`	`+ private class QueryCall extends DatabaseAccess, API::CallNode {`
`66`	`66`	`int queryArgIdx;`
`67`		`- API::Node callee;`
`68`	`67`
`69`	`68`	`QueryCall() {`
`70`	`69`	`exists(string method \|`
`71`	`70`	`CollectionMethodSignatures::interpretsArgumentAsQuery(method, queryArgIdx) and`
`72`		`- callee = getACollection().getMember(method)`
`73`		`- ) and`
`74`		`- this = callee.getACall()`
	`71`	`+ this = getACollection().getMember(method).getACall()`
	`72`	`+ )`
`75`	`73`	`}`
`76`	`74`
`77`	`75`	`override DataFlow::Node getAQueryArgument() { result = getArgument(queryArgIdx) }`
`78`	`76`
`79`	`77`	`DataFlow::Node getACodeOperator() {`
`80`		`- result = getADollarWhereProperty(callee.getParameter(queryArgIdx))`
	`78`	`+ result = getADollarWhereProperty(getParameter(queryArgIdx))`
`81`	`79`	`}`
`82`	`80`	`}`
`83`	`81`
`@@ -670,22 +668,20 @@ private module Minimongo {`
`670`	`668`	`}`
`671`	`669`
`672`	`670`	`/** A call to a Minimongo query method. */`
`673`		`- private class QueryCall extends DatabaseAccess, DataFlow::MethodCallNode {`
	`671`	`+ private class QueryCall extends DatabaseAccess, API::CallNode {`
`674`	`672`	`int queryArgIdx;`
`675`		`- API::Node callee;`
`676`	`673`
`677`	`674`	`QueryCall() {`
`678`	`675`	`exists(string m \|`
`679`		`- callee = API::moduleImport("minimongo").getAMember().getReturn().getAMember().getMember(m) and`
`680`		`- this = callee.getACall() and`
	`676`	`+ this = API::moduleImport("minimongo").getAMember().getReturn().getAMember().getMember(m).getACall() and`
`681`	`677`	`CollectionMethodSignatures::interpretsArgumentAsQuery(m, queryArgIdx)`
`682`	`678`	`)`
`683`	`679`	`}`
`684`	`680`
`685`	`681`	`override DataFlow::Node getAQueryArgument() { result = getArgument(queryArgIdx) }`
`686`	`682`
`687`	`683`	`DataFlow::Node getACodeOperator() {`
`688`		`- result = getADollarWhereProperty(callee.getParameter(queryArgIdx))`
	`684`	`+ result = getADollarWhereProperty(getParameter(queryArgIdx))`
`689`	`685`	`}`
`690`	`686`	`}`
`691`	`687`
`@@ -706,14 +702,12 @@ private module Minimongo {`
`706`	`702`	`*/`
`707`	`703`	`private module MarsDB {`
`708`	`704`	`/** A call to a MarsDB query method. */`
`709`		`- private class QueryCall extends DatabaseAccess, DataFlow::MethodCallNode {`
	`705`	`+ private class QueryCall extends DatabaseAccess, API::MethodCallNode {`
`710`	`706`	`int queryArgIdx;`
`711`		`- API::Node callee;`
`712`	`707`
`713`	`708`	`QueryCall() {`
`714`	`709`	`exists(string m \|`
`715`		`- callee = API::moduleImport("marsdb").getMember("Collection").getInstance().getMember(m) and`
`716`		`- this = callee.getACall() and`
	`710`	`+ this = API::moduleImport("marsdb").getMember("Collection").getInstance().getMember(m).getACall() and`
`717`	`711`	`// implements parts of the Minimongo interface`
`718`	`712`	`Minimongo::CollectionMethodSignatures::interpretsArgumentAsQuery(m, queryArgIdx)`
`719`	`713`	`)`
`@@ -722,7 +716,7 @@ private module MarsDB {`
`722`	`716`	`override DataFlow::Node getAQueryArgument() { result = getArgument(queryArgIdx) }`
`723`	`717`
`724`	`718`	`DataFlow::Node getACodeOperator() {`
`725`		`- result = getADollarWhereProperty(callee.getParameter(queryArgIdx))`
	`719`	`+ result = getADollarWhereProperty(getParameter(queryArgIdx))`
`726`	`720`	`}`
`727`	`721`	`}`
`728`	`722`