Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit df79f2a

Browse files
semmle-qlcisemmle-qlci
authored
Merge pull request #3655 from asger-semmle/js/string-ops-regexp-test-fix
Approved by esbena
2 parents b6e0e66 + 0345036 commit df79f2a

3 files changed

Lines changed: 44 additions & 20 deletions

File tree

javascript/ql/src/semmle/javascript/StringOps.qll

Lines changed: 19 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -720,14 +720,8 @@ module StringOps {
720720
override DataFlow::Node getStringOperand() { result = getArgument(0) }
721721
}
722722

723-
private class MatchesCall extends Range, DataFlow::MethodCallNode {
724-
MatchesCall() { getMethodName() = "matches" }
725-
726-
override DataFlow::Node getRegExpOperand(boolean coerced) {
727-
result = getArgument(0) and coerced = true
728-
}
729-
730-
override DataFlow::Node getStringOperand() { result = getReceiver() }
723+
private class MatchCall extends DataFlow::MethodCallNode {
724+
MatchCall() { getMethodName() = "match" }
731725
}
732726

733727
private class ExecCall extends DataFlow::MethodCallNode {
@@ -777,5 +771,22 @@ module StringOps {
777771

778772
override boolean getPolarity() { result = polarity }
779773
}
774+
775+
private class MatchTest extends Range, DataFlow::ValueNode {
776+
MatchCall match;
777+
boolean polarity;
778+
779+
MatchTest() {
780+
exists(Expr use | match.flowsToExpr(use) | impliesNotNull(astNode, use, polarity))
781+
}
782+
783+
override DataFlow::Node getRegExpOperand(boolean coerced) {
784+
result = match.getArgument(0) and coerced = true
785+
}
786+
787+
override DataFlow::Node getStringOperand() { result = match.getReceiver() }
788+
789+
override boolean getPolarity() { result = polarity }
790+
}
780791
}
781792
}

javascript/ql/test/library-tests/StringOps/RegExpTest/RegExpTest.expected

Lines changed: 12 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -2,37 +2,41 @@ regexpTest
22
| tst.js:6:9:6:28 | /^[a-z]+$/.test(str) |
33
| tst.js:7:9:7:36 | /^[a-z] ... != null |
44
| tst.js:8:9:8:28 | /^[a-z]+$/.exec(str) |
5-
| tst.js:9:9:9:31 | str.mat ... -z]+$/) |
6-
| tst.js:10:9:10:31 | str.mat ... -z]+$") |
5+
| tst.js:9:9:9:29 | str.mat ... -z]+$/) |
6+
| tst.js:10:9:10:29 | str.mat ... -z]+$") |
77
| tst.js:12:9:12:24 | regexp.test(str) |
88
| tst.js:13:9:13:32 | regexp. ... != null |
99
| tst.js:14:9:14:24 | regexp.exec(str) |
10-
| tst.js:15:9:15:27 | str.matches(regexp) |
10+
| tst.js:15:9:15:25 | str.match(regexp) |
1111
| tst.js:18:9:18:13 | match |
1212
| tst.js:19:10:19:14 | match |
1313
| tst.js:20:9:20:21 | match == null |
1414
| tst.js:21:9:21:21 | match != null |
1515
| tst.js:22:9:22:13 | match |
1616
| tst.js:25:23:25:27 | match |
1717
| tst.js:29:21:29:36 | regexp.test(str) |
18-
| tst.js:33:21:33:39 | str.matches(regexp) |
18+
| tst.js:33:23:33:39 | str.match(regexp) |
1919
| tst.js:40:9:40:37 | regexp. ... defined |
20+
| tst.js:44:9:44:14 | match2 |
21+
| tst.js:45:10:45:15 | match2 |
2022
#select
2123
| tst.js:6:9:6:28 | /^[a-z]+$/.test(str) | tst.js:6:10:6:17 | ^[a-z]+$ | tst.js:6:9:6:18 | /^[a-z]+$/ | tst.js:6:25:6:27 | str | true |
2224
| tst.js:7:9:7:36 | /^[a-z] ... != null | tst.js:7:10:7:17 | ^[a-z]+$ | tst.js:7:9:7:18 | /^[a-z]+$/ | tst.js:7:25:7:27 | str | true |
2325
| tst.js:8:9:8:28 | /^[a-z]+$/.exec(str) | tst.js:8:10:8:17 | ^[a-z]+$ | tst.js:8:9:8:18 | /^[a-z]+$/ | tst.js:8:25:8:27 | str | true |
24-
| tst.js:9:9:9:31 | str.mat ... -z]+$/) | tst.js:9:22:9:29 | ^[a-z]+$ | tst.js:9:21:9:30 | /^[a-z]+$/ | tst.js:9:9:9:11 | str | true |
25-
| tst.js:10:9:10:31 | str.mat ... -z]+$") | tst.js:10:22:10:29 | ^[a-z]+$ | tst.js:10:21:10:30 | "^[a-z]+$" | tst.js:10:9:10:11 | str | true |
26+
| tst.js:9:9:9:29 | str.mat ... -z]+$/) | tst.js:9:20:9:27 | ^[a-z]+$ | tst.js:9:19:9:28 | /^[a-z]+$/ | tst.js:9:9:9:11 | str | true |
27+
| tst.js:10:9:10:29 | str.mat ... -z]+$") | tst.js:10:20:10:27 | ^[a-z]+$ | tst.js:10:19:10:28 | "^[a-z]+$" | tst.js:10:9:10:11 | str | true |
2628
| tst.js:12:9:12:24 | regexp.test(str) | tst.js:3:17:3:24 | ^[a-z]+$ | tst.js:12:9:12:14 | regexp | tst.js:12:21:12:23 | str | true |
2729
| tst.js:13:9:13:32 | regexp. ... != null | tst.js:3:17:3:24 | ^[a-z]+$ | tst.js:13:9:13:14 | regexp | tst.js:13:21:13:23 | str | true |
2830
| tst.js:14:9:14:24 | regexp.exec(str) | tst.js:3:17:3:24 | ^[a-z]+$ | tst.js:14:9:14:14 | regexp | tst.js:14:21:14:23 | str | true |
29-
| tst.js:15:9:15:27 | str.matches(regexp) | tst.js:3:17:3:24 | ^[a-z]+$ | tst.js:15:21:15:26 | regexp | tst.js:15:9:15:11 | str | true |
31+
| tst.js:15:9:15:25 | str.match(regexp) | tst.js:3:17:3:24 | ^[a-z]+$ | tst.js:15:19:15:24 | regexp | tst.js:15:9:15:11 | str | true |
3032
| tst.js:18:9:18:13 | match | tst.js:3:17:3:24 | ^[a-z]+$ | tst.js:17:17:17:22 | regexp | tst.js:17:29:17:31 | str | true |
3133
| tst.js:19:10:19:14 | match | tst.js:3:17:3:24 | ^[a-z]+$ | tst.js:17:17:17:22 | regexp | tst.js:17:29:17:31 | str | true |
3234
| tst.js:20:9:20:21 | match == null | tst.js:3:17:3:24 | ^[a-z]+$ | tst.js:17:17:17:22 | regexp | tst.js:17:29:17:31 | str | false |
3335
| tst.js:21:9:21:21 | match != null | tst.js:3:17:3:24 | ^[a-z]+$ | tst.js:17:17:17:22 | regexp | tst.js:17:29:17:31 | str | true |
3436
| tst.js:22:9:22:13 | match | tst.js:3:17:3:24 | ^[a-z]+$ | tst.js:17:17:17:22 | regexp | tst.js:17:29:17:31 | str | true |
3537
| tst.js:25:23:25:27 | match | tst.js:3:17:3:24 | ^[a-z]+$ | tst.js:17:17:17:22 | regexp | tst.js:17:29:17:31 | str | true |
3638
| tst.js:29:21:29:36 | regexp.test(str) | tst.js:3:17:3:24 | ^[a-z]+$ | tst.js:29:21:29:26 | regexp | tst.js:29:33:29:35 | str | true |
37-
| tst.js:33:21:33:39 | str.matches(regexp) | tst.js:3:17:3:24 | ^[a-z]+$ | tst.js:33:33:33:38 | regexp | tst.js:33:21:33:23 | str | true |
39+
| tst.js:33:23:33:39 | str.match(regexp) | tst.js:3:17:3:24 | ^[a-z]+$ | tst.js:33:33:33:38 | regexp | tst.js:33:23:33:25 | str | true |
3840
| tst.js:40:9:40:37 | regexp. ... defined | tst.js:3:17:3:24 | ^[a-z]+$ | tst.js:40:9:40:14 | regexp | tst.js:40:21:40:23 | str | false |
41+
| tst.js:44:9:44:14 | match2 | tst.js:3:17:3:24 | ^[a-z]+$ | tst.js:43:28:43:33 | regexp | tst.js:43:18:43:20 | str | true |
42+
| tst.js:45:10:45:15 | match2 | tst.js:3:17:3:24 | ^[a-z]+$ | tst.js:43:28:43:33 | regexp | tst.js:43:18:43:20 | str | true |

javascript/ql/test/library-tests/StringOps/RegExpTest/tst.js

Lines changed: 13 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -6,13 +6,13 @@ function f(str) {
66
if (/^[a-z]+$/.test(str)) {}
77
if (/^[a-z]+$/.exec(str) != null) {}
88
if (/^[a-z]+$/.exec(str)) {}
9-
if (str.matches(/^[a-z]+$/)) {}
10-
if (str.matches("^[a-z]+$")) {}
9+
if (str.match(/^[a-z]+$/)) {}
10+
if (str.match("^[a-z]+$")) {}
1111

1212
if (regexp.test(str)) {}
1313
if (regexp.exec(str) != null) {}
1414
if (regexp.exec(str)) {}
15-
if (str.matches(regexp)) {}
15+
if (str.match(regexp)) {}
1616

1717
let match = regexp.exec(str);
1818
if (match) {}
@@ -30,7 +30,7 @@ function f(str) {
3030
});
3131

3232
something({
33-
someOption: str.matches(regexp)
33+
someOption: !!str.match(regexp)
3434
});
3535

3636
something({
@@ -39,4 +39,13 @@ function f(str) {
3939

4040
if (regexp.exec(str) == undefined) {}
4141
if (regexp.exec(str) === undefined) {} // not recognized as RegExpTest
42+
43+
let match2 = str.match(regexp);
44+
if (match2) {}
45+
if (!match2) {}
4246
}
47+
48+
function something() {}
49+
50+
f("some string");
51+
f("someotherstring");

0 commit comments

Comments
 (0)