JS: add uniform support for path, path.posix and path.win32

Author: esbena

javascript/ql/src/semmle/javascript/frameworks/NodeJSLib.qll

@@ -1045,4 +1045,25 @@ module NodeJSLib {
       i = 0 and result = this.getArgument(i)
     }
   }
+
+  /**
+   * Provides predicates for working with the "path" module and its platform-specific instances as a single module.
+   */
+  module Path {
+    /**
+     * Gets a node that imports the "path" module, or one of its platform-specific instances.
+     */
+    DataFlow::SourceNode moduleImport() {
+      result = DataFlow::moduleImport("path") or
+      result = DataFlow::moduleMember("path", "posix") or
+      result = DataFlow::moduleMember("path", "win32")
+    }
+
+    /**
+     * Gets an access to member `member` of the "path" module, or one of its platform-specific instances.
+     */
+    DataFlow::SourceNode moduleMember(string member) {
+      result = moduleImport().getAPropertyRead(member)
+    }
+  }
 }

javascript/ql/src/semmle/javascript/security/dataflow/TaintedPath.qll

@@ -108,7 +108,7 @@ module TaintedPath {
       or
       // path.join()
       exists(DataFlow::CallNode join, int n |
-        join = DataFlow::moduleMember("path", "join").getACall()
+        join = NodeJSLib::Path::moduleMember("join").getACall()
       |
         src = join.getArgument(n) and
         dst = join and

javascript/ql/src/semmle/javascript/security/dataflow/TaintedPathCustomizations.qll

@@ -124,7 +124,7 @@ module TaintedPath {
     DataFlow::Node output;
 
     NormalizingPathCall() {
-      this = DataFlow::moduleMember("path", "normalize").getACall() and
+      this = NodeJSLib::Path::moduleMember("normalize").getACall() and
       input = getArgument(0) and
       output = this
     }
@@ -148,7 +148,7 @@ module TaintedPath {
     DataFlow::Node output;
 
     ResolvingPathCall() {
-      this = DataFlow::moduleMember("path", "resolve").getACall() and
+      this = NodeJSLib::Path::moduleMember("resolve").getACall() and
       input = getAnArgument() and
       output = this
       or
@@ -180,7 +180,7 @@ module TaintedPath {
     DataFlow::Node output;
 
     NormalizingRelativePathCall() {
-      this = DataFlow::moduleMember("path", "relative").getACall() and
+      this = NodeJSLib::Path::moduleMember("relative").getACall() and
       input = getAnArgument() and
       output = this
     }
@@ -205,7 +205,7 @@ module TaintedPath {
 
     PreservingPathCall() {
       exists(string name | name = "dirname" or name = "toNamespacedPath" |
-        this = DataFlow::moduleMember("path", name).getACall() and
+        this = NodeJSLib::Path::moduleMember(name).getACall() and
         input = getAnArgument() and
         output = this
       )
@@ -244,7 +244,7 @@ module TaintedPath {
     // ".." + path.sep
     exists(StringOps::Concatenation conc | node = conc |
       conc.getOperand(0).getStringValue() = ".." and
-      conc.getOperand(1).getALocalSource() = DataFlow::moduleMember("path", "sep") and
+      conc.getOperand(1).getALocalSource() = NodeJSLib::Path::moduleMember("sep") and
       conc.getNumOperand() = 2
     )
   }
@@ -311,7 +311,7 @@ module TaintedPath {
 
     IsAbsoluteSanitizer() {
       exists(DataFlow::CallNode call | this = call |
-        call = DataFlow::moduleMember("path", "isAbsolute").getACall() and
+        call = NodeJSLib::Path::moduleMember("isAbsolute").getACall() and
         operand = call.getArgument(0) and
         polarity = true and
         negatable = true