remove the last dependency on PrettyPrinting

erik-krogh · erik-krogh · commit fb94af976414 · 2020-02-24T13:18:15.000+01:00
diff --git a/javascript/ql/src/semmle/javascript/security/UselessUseOfCat.qll b/javascript/ql/src/semmle/javascript/security/UselessUseOfCat.qll
@@ -93,13 +93,10 @@ class UselessCat extends CommandCall {
   UselessCat() {
     this = command and
     isACallTo(getACatExecuteable()) and
-    // There is a file to read, and not just a pair of quotes.
-    (
-      not exists(PrettyPrintCatCall::createFileArgument(this))
-      or
-      exists(string fileArg | fileArg = PrettyPrintCatCall::createFileArgument(this) |
-        fileArg.length() >= 3
-      )
+    // There is a file to read, it's not just spawning `cat`.
+    not (
+      not exists(getArgumentList()) and
+      getArgument(0).mayHaveStringValue(getACatExecuteable())
     ) and
     // wildcards, pipes, redirections, other bash features, and multiple files (spaces) are OK.
     not exists(getNonCommandConstantString().regexpFind("\\*|\\||>|<| |\\$|&|,|\\`", _, _)) and
diff --git a/javascript/ql/test/query-tests/Security/CWE-078/UselessUseOfCat.expected b/javascript/ql/test/query-tests/Security/CWE-078/UselessUseOfCat.expected
@@ -45,7 +45,7 @@ syncCommand
 | tst_shell-command-injection-from-environment.js:5:2:5:54 | cp.exec ... temp")) |
 | uselesscat.js:16:1:16:29 | execSyn ... uinfo') |
 | uselesscat.js:18:1:18:26 | execSyn ... path}`) |
-| uselesscat.js:20:1:20:50 | child_p ... wc -l') |
+| uselesscat.js:20:1:20:36 | execSyn ... wc -l') |
 | uselesscat.js:22:1:22:38 | execSyn ... o/bar') |
 | uselesscat.js:24:1:24:35 | execSyn ... o/bar`) |
 | uselesscat.js:28:1:28:39 | execSyn ...  1000}) |
diff --git a/javascript/ql/test/query-tests/Security/CWE-078/uselesscat.js b/javascript/ql/test/query-tests/Security/CWE-078/uselesscat.js
@@ -17,7 +17,7 @@ execSync('cat /proc/cpuinfo').toString(); // NOT OK.
 
 execSync(`cat ${newpath}`) // NOT OK
 
-child_process.execSync('cat package.json | wc -l'); // OK - pipes!
+execSync('cat package.json | wc -l'); // OK - pipes!
 
 execSync('cat /proc/cpuinfo /foo/bar').toString(); // OK multiple files.
 
@@ -135,4 +135,8 @@ console.log(notDead);
 
 const stdout2 = execSync('cat /etc/dnsmasq.conf', { // NOT OK.
   encoding: 'utf8'
-});
+});
+
+exec('/bin/cat', function (e, s) {});  // OK
+
+spawn("cat") // OK  
