improve alert message - and autoformat

erik-krogh · erik-krogh · commit 3f957103ed0a · 2020-06-12T10:53:19.000+02:00
diff --git a/javascript/ql/src/Security/CWE-829/UnsecureDownload.ql b/javascript/ql/src/Security/CWE-829/UnsecureDownload.ql
@@ -16,4 +16,5 @@ import DataFlow::PathGraph
 
 from Configuration cfg, DataFlow::PathNode source, DataFlow::PathNode sink
 where cfg.hasFlowPath(source, sink)
-select sink.getNode(), source, sink, "Download of file from $@.", source.getNode(), "HTTP source"
+select sink.getNode(), source, sink, "$@ of sensitive file from $@.",
+  sink.getNode().(Sink).getDownloadCall(), "Download", source.getNode(), "HTTP source"
diff --git a/javascript/ql/src/semmle/javascript/security/dataflow/UnsecureDownload.qll b/javascript/ql/src/semmle/javascript/security/dataflow/UnsecureDownload.qll
@@ -17,12 +17,8 @@ module UnsecureDownload {
   class Configuration extends DataFlow::Configuration {
     Configuration() { this = "HTTP/HTTPS" }
 
-    override predicate isSource(DataFlow::Node source) {
-      source instanceof Source
-    }
+    override predicate isSource(DataFlow::Node source) { source instanceof Source }
 
-    override predicate isSink(DataFlow::Node sink) {
-      sink instanceof Sink
-    }
+    override predicate isSink(DataFlow::Node sink) { sink instanceof Sink }
   }
 }
diff --git a/javascript/ql/src/semmle/javascript/security/dataflow/UnsecureDownloadCustomizations.qll b/javascript/ql/src/semmle/javascript/security/dataflow/UnsecureDownloadCustomizations.qll
@@ -59,12 +59,9 @@ module UnsecureDownload {
    */
   class ClientRequestURL extends Sink {
     ClientRequest request;
-    ClientRequestURL() {
-        this = request.getUrl()
-    }
 
-    override DataFlow::Node getDownloadCall() {
-      result = request
-    }
+    ClientRequestURL() { this = request.getUrl() }
+
+    override DataFlow::Node getDownloadCall() { result = request }
   }
 }
diff --git a/javascript/ql/test/query-tests/Security/CWE-829/UnsecureDownload.expected b/javascript/ql/test/query-tests/Security/CWE-829/UnsecureDownload.expected
@@ -27,7 +27,7 @@ edges
 | unsecure-download.js:36:15:36:45 | "http:/ ... fe.APK" | unsecure-download.js:36:9:36:45 | url |
 | unsecure-download.js:36:15:36:45 | "http:/ ... fe.APK" | unsecure-download.js:36:9:36:45 | url |
 #select
-| unsecure-download.js:5:16:5:28 | installer.url | unsecure-download.js:9:27:9:138 | 'http:/ ... ll.exe' | unsecure-download.js:5:16:5:28 | installer.url | Download of file from $@. | unsecure-download.js:9:27:9:138 | 'http:/ ... ll.exe' | HTTP source |
-| unsecure-download.js:30:12:30:42 | "http:/ ... fe.APK" | unsecure-download.js:30:12:30:42 | "http:/ ... fe.APK" | unsecure-download.js:30:12:30:42 | "http:/ ... fe.APK" | Download of file from $@. | unsecure-download.js:30:12:30:42 | "http:/ ... fe.APK" | HTTP source |
-| unsecure-download.js:37:23:37:25 | url | unsecure-download.js:36:15:36:45 | "http:/ ... fe.APK" | unsecure-download.js:37:23:37:25 | url | Download of file from $@. | unsecure-download.js:36:15:36:45 | "http:/ ... fe.APK" | HTTP source |
-| unsecure-download.js:39:26:39:28 | url | unsecure-download.js:36:15:36:45 | "http:/ ... fe.APK" | unsecure-download.js:39:26:39:28 | url | Download of file from $@. | unsecure-download.js:36:15:36:45 | "http:/ ... fe.APK" | HTTP source |
+| unsecure-download.js:5:16:5:28 | installer.url | unsecure-download.js:9:27:9:138 | 'http:/ ... ll.exe' | unsecure-download.js:5:16:5:28 | installer.url | $@ of sensitive file from $@. | unsecure-download.js:5:9:5:44 | nugget( ... => { }) | Download | unsecure-download.js:9:27:9:138 | 'http:/ ... ll.exe' | HTTP source |
+| unsecure-download.js:30:12:30:42 | "http:/ ... fe.APK" | unsecure-download.js:30:12:30:42 | "http:/ ... fe.APK" | unsecure-download.js:30:12:30:42 | "http:/ ... fe.APK" | $@ of sensitive file from $@. | unsecure-download.js:30:5:30:43 | nugget( ... e.APK") | Download | unsecure-download.js:30:12:30:42 | "http:/ ... fe.APK" | HTTP source |
+| unsecure-download.js:37:23:37:25 | url | unsecure-download.js:36:15:36:45 | "http:/ ... fe.APK" | unsecure-download.js:37:23:37:25 | url | $@ of sensitive file from $@. | unsecure-download.js:37:5:37:42 | cp.exec ...  () {}) | Download | unsecure-download.js:36:15:36:45 | "http:/ ... fe.APK" | HTTP source |
+| unsecure-download.js:39:26:39:28 | url | unsecure-download.js:36:15:36:45 | "http:/ ... fe.APK" | unsecure-download.js:39:26:39:28 | url | $@ of sensitive file from $@. | unsecure-download.js:39:5:39:46 | cp.exec ...  () {}) | Download | unsecure-download.js:36:15:36:45 | "http:/ ... fe.APK" | HTTP source |

Original file line number	Diff line number	Diff line change
`@@ -17,12 +17,8 @@ module UnsecureDownload {`
`17`	`17`	`class Configuration extends DataFlow::Configuration {`
`18`	`18`	`Configuration() { this = "HTTP/HTTPS" }`
`19`	`19`
`20`		`- override predicate isSource(DataFlow::Node source) {`
`21`		`- source instanceof Source`
`22`		`- }`
	`20`	`+ override predicate isSource(DataFlow::Node source) { source instanceof Source }`
`23`	`21`
`24`		`- override predicate isSink(DataFlow::Node sink) {`
`25`		`- sink instanceof Sink`
`26`		`- }`
	`22`	`+ override predicate isSink(DataFlow::Node sink) { sink instanceof Sink }`
`27`	`23`	`}`
`28`	`24`	`}`