JS: simplify asExpr().getStringValue() calls

Esben Sparre Andreasen · Esben Sparre Andreasen · commit ee106ccff902 · 2019-09-11T10:56:57.000+02:00
diff --git a/javascript/ql/src/Security/CWE-798/HardcodedCredentials.ql b/javascript/ql/src/Security/CWE-798/HardcodedCredentials.ql
@@ -22,7 +22,7 @@ where
   // use source value in message if it's available
   if source.getNode().asExpr() instanceof ConstantString
   then
-    value = "The hard-coded value \"" + source.getNode().asExpr().getStringValue() +
+    value = "The hard-coded value \"" + source.getNode().getStringValue() +
         "\""
   else value = "This hard-coded value"
 select source.getNode(), source, sink, value + " is used as $@.", sink.getNode(),
diff --git a/javascript/ql/src/semmle/javascript/Closure.qll b/javascript/ql/src/semmle/javascript/Closure.qll
@@ -56,7 +56,7 @@ module Closure {
     ClosureNamespaceRef::Range {
     DefaultNamespaceRef() { this = DataFlow::globalVarRef("goog").getAMethodCall() }
 
-    override string getClosureNamespace() { result = getArgument(0).asExpr().getStringValue() }
+    override string getClosureNamespace() { result = getArgument(0).getStringValue() }
   }
 
   /**
diff --git a/javascript/ql/src/semmle/javascript/StandardLibrary.qll b/javascript/ql/src/semmle/javascript/StandardLibrary.qll
@@ -17,7 +17,7 @@ class CallToObjectDefineProperty extends DataFlow::MethodCallNode {
   DataFlow::Node getBaseObject() { result = getArgument(0) }
 
   /** Gets the name of the property being defined, if it can be determined. */
-  string getPropertyName() { result = getArgument(1).asExpr().getStringValue() }
+  string getPropertyName() { result = getArgument(1).getStringValue() }
 
   /** Gets the data flow node denoting the descriptor of the property being defined. */
   DataFlow::Node getPropertyDescriptor() { result = getArgument(2) }
diff --git a/javascript/ql/src/semmle/javascript/frameworks/Electron.qll b/javascript/ql/src/semmle/javascript/frameworks/Electron.qll
@@ -116,7 +116,7 @@ module Electron {
       Process getProcess() { result = process }
 
       /** Gets the name of the channel the callback is listening on. */
-      string getChannelName() { result = channel.asExpr().getStringValue() }
+      string getChannelName() { result = channel.getStringValue() }
 
       /** Gets the data flow node containing the message received by the callback. */
       DataFlow::Node getMessage() { result = getParameter(1) }
@@ -156,7 +156,7 @@ module Electron {
 
       override Process getProcess() { result = process }
 
-      override string getChannelName() { result = channel.asExpr().getStringValue() }
+      override string getChannelName() { result = channel.getStringValue() }
     }
 
     /**
@@ -186,7 +186,7 @@ module Electron {
 
       override Process getProcess() { result = callback.getProcess() }
 
-      override string getChannelName() { result = channel.asExpr().getStringValue() }
+      override string getChannelName() { result = channel.getStringValue() }
     }
 
     /**
@@ -221,7 +221,7 @@ module Electron {
 
       override Process getProcess() { result = Process::main() }
 
-      override string getChannelName() { result = channel.asExpr().getStringValue() }
+      override string getChannelName() { result = channel.getStringValue() }
     }
 
     /**
diff --git a/javascript/ql/src/semmle/javascript/security/dataflow/TaintedPathCustomizations.qll b/javascript/ql/src/semmle/javascript/security/dataflow/TaintedPathCustomizations.qll
@@ -229,11 +229,11 @@ module TaintedPath {
    * Holds if `node` is a prefix of the string `../`.
    */
   private predicate isDotDotSlashPrefix(DataFlow::Node node) {
-    node.asExpr().getStringValue() + any(string s) = "../"
+    node.getStringValue() + any(string s) = "../"
     or
     // ".." + path.sep
     exists(StringOps::Concatenation conc | node = conc |
-      conc.getOperand(0).asExpr().getStringValue() = ".." and
+      conc.getOperand(0).getStringValue() = ".." and
       conc.getOperand(1).getALocalSource() = DataFlow::moduleMember("path", "sep") and
       conc.getNumOperand() = 2
     )
@@ -277,7 +277,7 @@ module TaintedPath {
       this = startsWith and
       not isDotDotSlashPrefix(startsWith.getSubstring()) and
       // do not confuse this with a simple isAbsolute() check
-      not startsWith.getSubstring().asExpr().getStringValue() = "/"
+      not startsWith.getSubstring().getStringValue() = "/"
     }
 
     override predicate blocks(boolean outcome, Expr e, DataFlow::FlowLabel label) {
@@ -308,7 +308,7 @@ module TaintedPath {
       )
       or
       exists(StringOps::StartsWith startsWith, string substring | this = startsWith |
-        startsWith.getSubstring().asExpr().getStringValue() = "/" + substring and
+        startsWith.getSubstring().getStringValue() = "/" + substring and
         operand = startsWith.getBaseString() and
         polarity = startsWith.getPolarity() and
         if substring = "" then negatable = true else negatable = false
diff --git a/javascript/ql/test/library-tests/StringConcatenation/ContainsTwo.ql b/javascript/ql/test/library-tests/StringConcatenation/ContainsTwo.ql
@@ -2,7 +2,7 @@ import javascript
 
 // Select all expressions whose string value contains the word "two"
 predicate containsTwo(DataFlow::Node node) {
-  node.asExpr().getStringValue().regexpMatch(".*two.*")
+  node.getStringValue().regexpMatch(".*two.*")
   or
   containsTwo(node.getAPredecessor())
   or

Original file line number	Diff line number	Diff line change
`@@ -56,7 +56,7 @@ module Closure {`
`56`	`56`	`ClosureNamespaceRef::Range {`
`57`	`57`	`DefaultNamespaceRef() { this = DataFlow::globalVarRef("goog").getAMethodCall() }`
`58`	`58`
`59`		`- override string getClosureNamespace() { result = getArgument(0).asExpr().getStringValue() }`
	`59`	`+ override string getClosureNamespace() { result = getArgument(0).getStringValue() }`
`60`	`60`	`}`
`61`	`61`
`62`	`62`	`/**`