Skip to content

JS: track flow through class fields in some cases #989

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
semmle-qlci merged 2 commits into from
Mar 1, 2019
Merged

JS: track flow through class fields in some cases #989

semmle-qlci merged 2 commits into from
Mar 1, 2019

Conversation

@asger-semmle
Copy link
Contributor

@asger-semmle asger-semmle commented Feb 26, 2019

Revives a part of #760: field flow directly from constructors to instance members.

This avoids the potential for FPs by restricting the flow to cases where the flow source is in the constructor or one of its callees, as opposed to coming in through a parameter.

It also adds DataFlow::localFieldStep to make it easier for custom queries to relax the above constraint and track things freely through fields.

@asger-semmle asger-semmle requested a review from a team as a code owner February 26, 2019 13:13
@asger-semmle asger-semmle added JS WIP This is a work-in-progress, do not merge yet! labels Feb 26, 2019
xiemaisi
xiemaisi reviewed Mar 1, 2019
View reviewed changes
Copy link

@xiemaisi xiemaisi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

General approach looks good, but I'll wait for evaluation results before approving.

@asger-semmle
Copy link
Contributor Author

asger-semmle commented Mar 1, 2019

Evaluation shows some perf issues. I suspect the new exploratory flow steps are to blame, but I'll investigate further after feature freeze.

@asger-semmle asger-semmle force-pushed the class-node-get-this-access branch from ccc499f to 9497199 Compare March 1, 2019 12:53
@asger-semmle
Copy link
Contributor Author

asger-semmle commented Mar 1, 2019

@xiemaisi PTAL. I have removed the last commit which added the data flow step to our default suite. I'll try and land it later.

For now, only the commits that add DataFlow::localFieldStep and ClassNode::getAReceiverNode remain. I'd like to land those in 1.20 if possible.

These should not have any impact on perf, but I've re-run the evaluation on the slowest projects from the prior revaluation just as a sanity check.

@asger-semmle asger-semmle removed the WIP This is a work-in-progress, do not merge yet! label Mar 1, 2019
@semmle-qlci semmle-qlci merged commit 4c3ecf0 into github:master Mar 1, 2019
@asger-semmle asger-semmle mentioned this pull request Mar 4, 2019
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@xiemaisi xiemaisi xiemaisi approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

JS

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@asger-semmle @xiemaisi @semmle-qlci