add node-serialize as a js/code-injection sink

erik-krogh · erik-krogh · commit 050ed97d9c0c · 2020-10-06T22:35:38.000+02:00
diff --git a/javascript/ql/src/semmle/javascript/security/dataflow/CodeInjectionCustomizations.qll b/javascript/ql/src/semmle/javascript/security/dataflow/CodeInjectionCustomizations.qll
@@ -86,6 +86,8 @@ module CodeInjection {
       |
         this = c.getArgument(index)
       )
+      or
+      this = DataFlow::moduleMember("node-serialize", "unserialize").getACall().getArgument(0)
     }
   }
 

Original file line number	Diff line number	Diff line change
`@@ -86,6 +86,8 @@ module CodeInjection {`
`86`	`86`	`\|`
`87`	`87`	`this = c.getArgument(index)`
`88`	`88`	`)`
	`89`	`+ or`
	`90`	`+ this = DataFlow::moduleMember("node-serialize", "unserialize").getACall().getArgument(0)`
`89`	`91`	`}`
`90`	`92`	`}`
`91`	`93`