Skip to content

Commit a3374f2

Browse files
asgerfasgerf
committed
JS: Fix perf issue in data flow step generation
1 parent 2f53101 commit a3374f2

File tree

1 file changed

+13
-3
lines changed

1 file changed

+13
-3
lines changed

javascript/ql/lib/semmle/javascript/Routing.qll

Lines changed: 13 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -901,13 +901,15 @@ module Routing {
901901
/**
902902
* Like `getAnAccessPathRhs` but with `base` mapped to its root node.
903903
*/
904+
pragma[nomagic]
904905
private DataFlow::Node getAnAccessPathRhsUnderRoot(RootNode root, int n, string path) {
905906
result = getAnAccessPathRhs(root.getADescendant(), n, path)
906907
}
907908

908909
/**
909910
* Like `getAnAccessPathRead` but with `base` mapped to its root node.
910911
*/
912+
pragma[nomagic]
911913
private DataFlow::SourceNode getAnAccessPathReadUnderRoot(RootNode root, int n, string path) {
912914
result = getAnAccessPathRead(root.getADescendant(), n, path)
913915
}
@@ -922,7 +924,7 @@ module Routing {
922924
private predicate middlewareApiStep(DataFlow::SourceNode pred, DataFlow::SourceNode succ) {
923925
exists(RootNode root, int n, string path |
924926
pred = getAnAccessPathRhsUnderRoot(root, n, path) and
925-
succ = getAnAccessPathReadUnderRoot(root, n, path)
927+
succ = getAnAccessPathReadUnderRoot(root, n, pragma[only_bind_out](path))
926928
)
927929
or
928930
// We can't augment the call graph as this depends on type tracking, so just
@@ -941,13 +943,21 @@ module Routing {
941943
}
942944
}
943945

946+
pragma[nomagic]
947+
private predicate potentialAccessPathStep(
948+
Node writer, DataFlow::SourceNode pred, Node reader, DataFlow::SourceNode succ, int n,
949+
string path
950+
) {
951+
pred = getAnAccessPathRhs(writer, n, path) and
952+
succ = getAnAccessPathRead(reader, n, pragma[only_bind_out](path))
953+
}
954+
944955
/**
945956
* Holds if `pred -> succ` is a data-flow step between access paths on request input objects.
946957
*/
947958
private predicate middlewareDataFlowStep(DataFlow::Node pred, DataFlow::Node succ) {
948959
exists(Node writer, Node reader, int n, string path |
949-
pred = getAnAccessPathRhs(writer, n, path) and
950-
succ = getAnAccessPathRead(reader, n, path) and
960+
potentialAccessPathStep(writer, pred, reader, succ, n, path) and
951961
pragma[only_bind_out](reader).isGuardedByNode(pragma[only_bind_out](writer))
952962
)
953963
or

0 commit comments

Comments
 (0)