Update javascript/ql/src/Security/CWE-400/PrototypePollutionUtility.ql

asgerf · esbena · web-flow · commit cf18bd7bb85f · 2020-02-05T09:48:16.000Z
Co-Authored-By: Esben Sparre Andreasen &lt;esbena@github.com&gt;
diff --git a/javascript/ql/src/Security/CWE-400/PrototypePollutionUtility.ql b/javascript/ql/src/Security/CWE-400/PrototypePollutionUtility.ql
@@ -173,7 +173,7 @@ predicate dynamicPropReadStep(Node base, Node key, SourceNode output) {
     output = read
   )
   or
-  // Summarize functions returning a dynamic property read of two parameters.
+  // Summarize functions returning a dynamic property read of two parameters, such as `function getProp(obj, prop) { return obj[prop]; }`.
   exists(CallNode call, Function callee, ParameterNode baseParam, ParameterNode keyParam, Node innerBase, Node innerKey, SourceNode innerOutput |
     dynamicPropReadStep(innerBase, innerKey, innerOutput) and
     baseParam.flowsTo(innerBase) and

Original file line number	Diff line number	Diff line change
`@@ -173,7 +173,7 @@ predicate dynamicPropReadStep(Node base, Node key, SourceNode output) {`
`173`	`173`	`output = read`
`174`	`174`	`)`
`175`	`175`	`or`
`176`		`- // Summarize functions returning a dynamic property read of two parameters.`
	`176`	+ // Summarize functions returning a dynamic property read of two parameters, such as `function getProp(obj, prop) { return obj[prop]; }`.
`177`	`177`	`exists(CallNode call, Function callee, ParameterNode baseParam, ParameterNode keyParam, Node innerBase, Node innerKey, SourceNode innerOutput \|`
`178`	`178`	`dynamicPropReadStep(innerBase, innerKey, innerOutput) and`
`179`	`179`	`baseParam.flowsTo(innerBase) and`