Permalink
Cannot retrieve contributors at this time
58 lines (50 sloc)
1.88 KB
Name already in use
A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
codeql-action/queries/default-setup-event-context.ql
Go to fileThis commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/** | |
* @name Some context properties may not exist in default setup workflows | |
* @id javascript/codeql-action/default-setup-context-properties | |
* @kind path-problem | |
* @severity warning | |
*/ | |
import javascript | |
import DataFlow::PathGraph | |
class NotParsedLabel extends DataFlow::FlowLabel { | |
NotParsedLabel() { this = "not-parsed" } | |
} | |
class ParsedLabel extends DataFlow::FlowLabel { | |
ParsedLabel() { this = "parsed" } | |
} | |
class EventContextAccessConfiguration extends DataFlow::Configuration { | |
EventContextAccessConfiguration() { this = "EventContextAccessConfiguration" } | |
override predicate isSource(DataFlow::Node source, DataFlow::FlowLabel lbl) { | |
source = NodeJSLib::process().getAPropertyRead("env").getAPropertyRead("GITHUB_EVENT_PATH") and | |
lbl instanceof NotParsedLabel | |
} | |
override predicate isSink(DataFlow::Node sink, DataFlow::FlowLabel lbl) { | |
sink instanceof DataFlow::PropRead and | |
lbl instanceof ParsedLabel and | |
not exists(DataFlow::PropRead n | sink = n.getBase()) and | |
not sink.asExpr().getFile().getBaseName().matches("%.test.ts") | |
} | |
override predicate isAdditionalFlowStep( | |
DataFlow::Node src, DataFlow::Node trg, DataFlow::FlowLabel inlbl, DataFlow::FlowLabel outlbl | |
) { | |
src = trg.(FileSystemReadAccess).getAPathArgument() and inlbl = outlbl | |
or | |
exists(JsonParserCall c | | |
src = c.getInput() and | |
trg = c.getOutput() and | |
inlbl instanceof NotParsedLabel and | |
outlbl instanceof ParsedLabel | |
) | |
or | |
( | |
TaintTracking::sharedTaintStep(src, trg) or | |
DataFlow::SharedFlowStep::step(src, trg) or | |
DataFlow::SharedFlowStep::step(src, trg, _, _) | |
) and | |
inlbl = outlbl | |
} | |
} | |
from EventContextAccessConfiguration cfg, DataFlow::PathNode source, DataFlow::PathNode sink | |
where cfg.hasFlowPath(source, sink) | |
select sink.getNode(), source, sink, | |
"This event context property may not exist in default setup workflows." |