Ensure Member tokens from flow summaries are seen in PropertyName

asgerf · asgerf · commit df0488a47009 · 2024-06-27T10:22:14.000+02:00
diff --git a/javascript/ql/lib/semmle/javascript/dataflow/internal/Contents.qll b/javascript/ql/lib/semmle/javascript/dataflow/internal/Contents.qll
@@ -1,5 +1,7 @@
 private import javascript
 private import semmle.javascript.frameworks.data.internal.ApiGraphModels as ApiGraphModels
+private import semmle.javascript.dataflow.internal.FlowSummaryPrivate as FlowSummaryPrivate
+private import codeql.dataflow.internal.AccessPathSyntax as AccessPathSyntax
 
 module Private {
   import Public
@@ -15,6 +17,15 @@ module Private {
   /** Gets the largest array index should be propagated precisely through flow summaries. */
   int getAPreciseArrayIndex() { result = [0 .. getMaxPreciseArrayIndex()] }
 
+  /**
+   * Holds if a MaD access path token of form `name[arg]` exists.
+   */
+  predicate isAccessPathTokenPresent(string name, string arg) {
+    arg = any(FlowSummaryPrivate::AccessPathToken tok).getAnArgument(name)
+    or
+    arg = any(ApiGraphModels::AccessPathToken tok).getAnArgument(name)
+  }
+
   /**
    * Holds if values associated with `key` should be tracked as a individual contents of a `Map` object.
    */
@@ -25,10 +36,7 @@ module Private {
       call.getArgument(0).getStringValue() = key
     )
     or
-    exists(ApiGraphModels::AccessPathToken token |
-      token.getName() = "MapValue" and
-      token.getAnArgument() = key
-    )
+    isAccessPathTokenPresent("MapValue", key)
   }
 
   /**
@@ -47,9 +55,7 @@ module Private {
       or
       this = getAPreciseArrayIndex().toString()
       or
-      exists(ApiGraphModels::AccessPathToken tok |
-        tok.getName() = "Member" and this = tok.getAnArgument()
-      )
+      isAccessPathTokenPresent("Member", this)
     }
 
     /** Gets the array index corresponding to this property name. */
diff --git a/javascript/ql/lib/semmle/javascript/dataflow/internal/FlowSummaryPrivate.qll b/javascript/ql/lib/semmle/javascript/dataflow/internal/FlowSummaryPrivate.qll
@@ -141,6 +141,10 @@ module Steps = Private::Steps<FlowSummaryStepInput>;
 
 module RenderSummarizedCallable = Private::RenderSummarizedCallable<FlowSummaryStepInput>;
 
+class AccessPath = Private::AccessPath;
+
+class AccessPathToken = Private::AccessPathToken;
+
 /**
  * Gets the textual representation of return kind `rk` used in MaD.
  *

Original file line number	Diff line number	Diff line change
`@@ -141,6 +141,10 @@ module Steps = Private::Steps<FlowSummaryStepInput>;`
`141`	`141`
`142`	`142`	`module RenderSummarizedCallable = Private::RenderSummarizedCallable<FlowSummaryStepInput>;`
`143`	`143`
	`144`	`+class AccessPath = Private::AccessPath;`
	`145`	`+`
	`146`	`+class AccessPathToken = Private::AccessPathToken;`
	`147`	`+`
`144`	`148`	`/**`
`145`	`149`	* Gets the textual representation of return kind `rk` used in MaD.
`146`	`150`	`*`