JS: Model pipe classes

asgerf · asgerf · commit d80313be4ff6 · 2021-01-18T12:18:27.000Z
diff --git a/javascript/ql/src/semmle/javascript/frameworks/Angular2.qll b/javascript/ql/src/semmle/javascript/frameworks/Angular2.qll
@@ -363,6 +363,26 @@ module Angular2 {
     }
   }
 
+  /** A class with the `@Pipe` decorator. */
+  class PipeClass extends DataFlow::ClassNode {
+    DataFlow::CallNode decorator;
+
+    PipeClass() {
+      decorator = DataFlow::moduleMember("@angular/core", "Pipe").getACall() and
+      decorator = getADecorator()
+    }
+
+    /** Gets the value of the `name` option passed to the `@Pipe` decorator. */
+    string getPipeName() {
+      decorator.getOptionArgument(0, "name").mayHaveStringValue(result)
+    }
+
+    /** Gets a reference to this pipe. */
+    DataFlow::Node getAPipeRef() {
+      result.asExpr().(PipeRefExpr).getName() = getPipeName()
+    }
+  }
+
   private class ComponentSteps extends PreCallGraphStep {
     override predicate step(DataFlow::Node pred, DataFlow::Node succ) {
       exists(ComponentClass cls, string name |
@@ -386,4 +406,13 @@ module Angular2 {
       )
     }
   }
+
+  private class PipeSteps extends PreCallGraphStep {
+    override predicate step(DataFlow::Node pred, DataFlow::Node succ) {
+      exists(PipeClass cls |
+        pred = cls.getInstanceMethod("transform") and
+        succ = cls.getAPipeRef()
+      )
+    }
+  }
 }
