JS: implement getADataNode for AxiosUrlRequest

Esben Sparre Andreasen · Esben Sparre Andreasen · commit c21a0472d4a1 · 2018-10-16T08:50:56.000+02:00
diff --git a/javascript/ql/src/semmle/javascript/frameworks/ClientRequests.qll b/javascript/ql/src/semmle/javascript/frameworks/ClientRequests.qll
@@ -116,31 +116,36 @@ private class RequestUrlRequest extends CustomClientRequest {
  */
 private class AxiosUrlRequest extends CustomClientRequest {
 
-  DataFlow::Node url;
+  string method;
 
   AxiosUrlRequest() {
     exists (string moduleName, DataFlow::SourceNode callee |
       this = callee.getACall() |
       moduleName = "axios" and
       (
-        callee = DataFlow::moduleImport(moduleName) or
-        callee = DataFlow::moduleMember(moduleName, httpMethodName()) or
-        callee = DataFlow::moduleMember(moduleName, "request")
-      ) and
-      (
-        url = getArgument(0) or
-        // depends on the method name and the call arity, over-approximating slightly in the name of simplicity
-        url = getOptionArgument([0..2], urlPropertyName())
+        callee = DataFlow::moduleImport(moduleName) and method = "request" or
+        callee = DataFlow::moduleMember(moduleName, method) and (method = httpMethodName() or method = "request")
       )
     )
   }
 
   override DataFlow::Node getUrl() {
-    result = url
+    result = getArgument(0) or
+    // depends on the method name and the call arity, over-approximating slightly in the name of simplicity
+    result = getOptionArgument([0..2], urlPropertyName())
   }
 
   override DataFlow::Node getADataNode() {
-    none()
+    method = "request" and
+    result = getOptionArgument(0, "data")
+    or
+    (method = "post" or method = "put" or method = "put") and
+    (result = getArgument(1) or result = getOptionArgument(2, "data"))
+    or
+    exists (string name |
+      name = "headers" or name = "params"|
+      result = getOptionArgument([0..2], name)
+    )
   }
 
 }
diff --git a/javascript/ql/test/library-tests/frameworks/ClientRequests/ClientRequest.expected b/javascript/ql/test/library-tests/frameworks/ClientRequests/ClientRequest.expected
@@ -16,3 +16,7 @@
 | tst.js:41:5:41:29 | net.req ...  url }) |
 | tst.js:43:5:43:26 | new Cli ... st(url) |
 | tst.js:45:5:45:35 | new Cli ...  url }) |
+| tst.js:53:5:53:23 | axios({data: data}) |
+| tst.js:55:5:55:34 | axios.g ... _data}) |
+| tst.js:57:5:57:39 | axios.p ... data2}) |
+| tst.js:59:5:59:52 | axios({ ... sData}) |
diff --git a/javascript/ql/test/library-tests/frameworks/ClientRequests/ClientRequest_getADataNode.expected b/javascript/ql/test/library-tests/frameworks/ClientRequests/ClientRequest_getADataNode.expected
@@ -0,0 +1,5 @@
+| tst.js:53:5:53:23 | axios({data: data}) | tst.js:53:18:53:21 | data |
+| tst.js:57:5:57:39 | axios.p ... data2}) | tst.js:57:19:57:23 | data1 |
+| tst.js:57:5:57:39 | axios.p ... data2}) | tst.js:57:33:57:37 | data2 |
+| tst.js:59:5:59:52 | axios({ ... sData}) | tst.js:59:21:59:30 | headerData |
+| tst.js:59:5:59:52 | axios({ ... sData}) | tst.js:59:41:59:50 | paramsData |
diff --git a/javascript/ql/test/library-tests/frameworks/ClientRequests/ClientRequest_getADataNode.ql b/javascript/ql/test/library-tests/frameworks/ClientRequests/ClientRequest_getADataNode.ql
@@ -0,0 +1,4 @@
+import javascript
+
+from ClientRequest r
+select r, r.getADataNode()
diff --git a/javascript/ql/test/library-tests/frameworks/ClientRequests/ClientRequest_getUrl.expected b/javascript/ql/test/library-tests/frameworks/ClientRequests/ClientRequest_getUrl.expected
@@ -20,3 +20,7 @@
 | tst.js:43:5:43:26 | new Cli ... st(url) | tst.js:43:23:43:25 | url |
 | tst.js:45:5:45:35 | new Cli ...  url }) | tst.js:45:23:45:34 | { url: url } |
 | tst.js:45:5:45:35 | new Cli ...  url }) | tst.js:45:30:45:32 | url |
+| tst.js:53:5:53:23 | axios({data: data}) | tst.js:53:11:53:22 | {data: data} |
+| tst.js:55:5:55:34 | axios.g ... _data}) | tst.js:55:15:55:15 | x |
+| tst.js:57:5:57:39 | axios.p ... data2}) | tst.js:57:16:57:16 | x |
+| tst.js:59:5:59:52 | axios({ ... sData}) | tst.js:59:11:59:51 | {header ... msData} |
diff --git a/javascript/ql/test/library-tests/frameworks/ClientRequests/tst.js b/javascript/ql/test/library-tests/frameworks/ClientRequests/tst.js
@@ -48,3 +48,13 @@ import {ClientRequest, net} from 'electron';
 
     unknown({ url:url });
 });
+
+(function() {
+    axios({data: data});
+
+    axios.get(x, {data: not_data});
+
+    axios.post(x, data1, {data: data2});
+
+    axios({headers: headerData, params: paramsData});
+});
