codeql icon indicating copy to clipboard operation
codeql copied to clipboard

Published 20 hours ago verified publisher icon github

Improve data flow in the `async` package

Open Vasco-jofra opened this issue 5 months ago • 1 comments
trafficstars

This PR makes these changes:

  1. In FlowSummaryPrivate.qll: Added support for anyProperty content set in flow summaries:
    • Please confirm this is the correct way to support this. I needed this to find the async_.map({a: source()}, call_sink) case. Let me know if there's a better way to do it
    • As a note, I was also unable to use Element, which, according to the documentation, should select "an element of an array, iterator, or set object."
  2. In AsyncPackage.qll: Improve taint tracking through functions from the async package:
    • Improve tracking of the callback arguments
    • Implemented flow summaries for more robust taint tracking
    • Updated tests

Vasco-jofra avatar Jun 15 '25 16:06 Vasco-jofra