File tree Expand file tree Collapse file tree 1 file changed +24
-0
lines changed
javascript/ql/src/Security/CWE-400 Expand file tree Collapse file tree 1 file changed +24
-0
lines changed Original file line number Diff line number Diff line change @@ -120,6 +120,30 @@ class EntriesEnumeratedPropName extends EnumeratedPropName {
120120 }
121121}
122122
123+ /**
124+ * Property enumeration through the `for-own` package.
125+ */
126+ class ForOwnEnumeratedPropName extends EnumeratedPropName {
127+ CallNode call ;
128+ FunctionNode callback ;
129+
130+ ForOwnEnumeratedPropName ( ) {
131+ call = moduleImport ( "for-own" ) .getACall ( ) and
132+ callback = call .getCallback ( 1 ) and
133+ this = callback .getParameter ( 1 )
134+ }
135+
136+ override Node getSourceObject ( ) {
137+ result = call .getArgument ( 0 )
138+ }
139+
140+ override SourceNode getASourceProp ( ) {
141+ result = super .getASourceProp ( )
142+ or
143+ result = callback .getParameter ( 0 )
144+ }
145+ }
146+
123147/**
124148 * Holds if the properties of `node` are enumerated locally.
125149 */
You can’t perform that action at this time.
0 commit comments