Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 96a13ff

Browse files
asger-semmleasger-semmle
committed
JS: Add goog.bind and angular.bind as partial invokes
1 parent 3bf86ee commit 96a13ff

2 files changed

Lines changed: 42 additions & 0 deletions

File tree

javascript/ql/src/semmle/javascript/Closure.qll

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -248,4 +248,25 @@ module Closure {
248248
DataFlow::SourceNode moduleImport(string moduleName) {
249249
getClosureNamespaceFromSourceNode(result) = moduleName
250250
}
251+
252+
/**
253+
* A call to `goog.bind`, as a partial function invocation.
254+
*/
255+
private class BindCall extends DataFlow::PartialInvokeNode::Range, DataFlow::CallNode {
256+
BindCall() { this = moduleImport("goog.bind").getACall() }
257+
258+
override predicate isPartialArgument(DataFlow::Node callback, DataFlow::Node argument, int index) {
259+
index >= 0 and
260+
callback = getArgument(0) and
261+
argument = getArgument(index + 2)
262+
}
263+
264+
override DataFlow::SourceNode getBoundFunction(DataFlow::Node callback, int boundArgs) {
265+
boundArgs = getNumArgument() - 2 and
266+
callback = getArgument(0) and
267+
result = this
268+
}
269+
270+
override DataFlow::Node getBoundReceiver() { result = getArgument(1) }
271+
}
251272
}

javascript/ql/src/semmle/javascript/frameworks/AngularJS/AngularJSCore.qll

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1080,3 +1080,24 @@ private class DependencyInjectedArgumentInitializer extends DataFlow::AnalyzedVa
10801080
result = service.getALocalValue()
10811081
}
10821082
}
1083+
1084+
/**
1085+
* A call to `angular.bind`, as a partial function invocation.
1086+
*/
1087+
private class BindCall extends DataFlow::PartialInvokeNode::Range, DataFlow::CallNode {
1088+
BindCall() { this = angular().getAMemberCall("bind") }
1089+
1090+
override predicate isPartialArgument(DataFlow::Node callback, DataFlow::Node argument, int index) {
1091+
index >= 0 and
1092+
callback = getArgument(1) and
1093+
argument = getArgument(index + 2)
1094+
}
1095+
1096+
override DataFlow::SourceNode getBoundFunction(DataFlow::Node callback, int boundArgs) {
1097+
callback = getArgument(1) and
1098+
boundArgs = getNumArgument() - 2 and
1099+
result = this
1100+
}
1101+
1102+
override DataFlow::Node getBoundReceiver() { result = getArgument(0) }
1103+
}

0 commit comments

Comments
 (0)