File tree Expand file tree Collapse file tree
javascript/ql/src/semmle/javascript/frameworks Expand file tree Collapse file tree Original file line number Diff line number Diff line change 11/** Provides taint steps modeling flow through date-manipulation libraries. */
2+
23private import javascript
34
45private module DateFns {
@@ -36,8 +37,7 @@ private module DateFns {
3637 /**
3738 * Taint step of form: `f -> format(f)(date)`
3839 */
39- private class CurriedFormatStep extends TaintTracking:: AdditionalTaintStep ,
40- DataFlow:: CallNode {
40+ private class CurriedFormatStep extends TaintTracking:: AdditionalTaintStep , DataFlow:: CallNode {
4141 CurriedFormatStep ( ) { this = curriedFormatFunction ( ) .getACall ( ) }
4242
4343 override predicate step ( DataFlow:: Node pred , DataFlow:: Node succ ) {
@@ -63,9 +63,7 @@ private module Moment {
6363 * The format string can use backslash-escaping to include mostly arbitrary text.
6464 */
6565 private class MomentFormatStep extends TaintTracking:: AdditionalTaintStep , DataFlow:: CallNode {
66- MomentFormatStep ( ) {
67- this = moment ( ) .getMember ( "format" ) .getACall ( )
68- }
66+ MomentFormatStep ( ) { this = moment ( ) .getMember ( "format" ) .getACall ( ) }
6967
7068 override predicate step ( DataFlow:: Node pred , DataFlow:: Node succ ) {
7169 pred = getArgument ( 0 ) and
You can’t perform that action at this time.
0 commit comments