Merge pull request #18740 from asgerf/js/more-precise-diff-informed

asgerf · web-flow · commit 0ca9b2285b25 · 2025-02-17T10:27:15.000+01:00
JS: Provide more precise related locations
diff --git a/javascript/ql/lib/semmle/javascript/security/regexp/PolynomialReDoSQuery.qll b/javascript/ql/lib/semmle/javascript/security/regexp/PolynomialReDoSQuery.qll
@@ -29,8 +29,6 @@ module PolynomialReDoSConfig implements DataFlow::ConfigSig {
   predicate observeDiffInformedIncrementalMode() { any() }
 
   Location getASelectedSinkLocation(DataFlow::Node sink) {
-    result = sink.(Sink).getLocation()
-    or
     result = sink.(Sink).getHighlight().getLocation()
     or
     result = sink.(Sink).getRegExp().getLocation()
diff --git a/javascript/ql/src/experimental/Security/CWE-918/SSRF.qll b/javascript/ql/src/experimental/Security/CWE-918/SSRF.qll
@@ -29,6 +29,10 @@ module SsrfConfig implements DataFlow::ConfigSig {
 
   predicate isBarrierOut(DataFlow::Node node) { strictSanitizingPrefixEdge(node, _) }
 
+  Location getASelectedSourceLocation(DataFlow::Node source) {
+    none() // Does not select the source
+  }
+
   predicate observeDiffInformedIncrementalMode() { any() }
 }
 

Original file line number	Diff line number	Diff line change
`@@ -29,6 +29,10 @@ module SsrfConfig implements DataFlow::ConfigSig {`
`29`	`29`
`30`	`30`	`predicate isBarrierOut(DataFlow::Node node) { strictSanitizingPrefixEdge(node, _) }`
`31`	`31`
	`32`	`+ Location getASelectedSourceLocation(DataFlow::Node source) {`
	`33`	`+ none() // Does not select the source`
	`34`	`+ }`
	`35`	`+`
`32`	`36`	`predicate observeDiffInformedIncrementalMode() { any() }`
`33`	`37`	`}`
`34`	`38`