Skip to content

Comments

JavaScript: Generalise ConstantComparison sanitisers.#1278

Merged
asger-semmle merged 1 commit intogithub:masterfrom
xiemaisi:js/symbolic-constants
Apr 25, 2019
Merged

JavaScript: Generalise ConstantComparison sanitisers.#1278
asger-semmle merged 1 commit intogithub:masterfrom
xiemaisi:js/symbolic-constants

Conversation

@xiemaisi
Copy link

In addition to treating comparisons with literals as sanitisers, we now also treat comparisons with variables that have a single assignment as sanitisers.

Proving that such a variable is actually a constant is not easy, but for this use case a simple approximation works fine.

An evaluation of the security queries on big-apps (internal link) shows barely any performance changes, and a few false positives fixed on gecko-dev. I have verified that this PR also fixes two false positives on customer code which were the motivation for it.

@xiemaisi xiemaisi added the JS label Apr 24, 2019
@xiemaisi xiemaisi requested a review from a team as a code owner April 24, 2019 13:30
asger-semmle
asger-semmle previously approved these changes Apr 24, 2019
Copy link

@ghost ghost left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Typo spotted

ghost
ghost previously approved these changes Apr 25, 2019
In addition to treating comparisons with literals as sanitisers, we now
also treat comparisons with variables that have a single assignment as
sanitisers.

Proving that such a variable is actually a constant is not easy, but for
this use case a simple approximation works fine.
@xiemaisi xiemaisi force-pushed the js/symbolic-constants branch from 82b3eaf to a8470a9 Compare April 25, 2019 06:38
@xiemaisi
Copy link
Author

I've amended one expected test output.

@asger-semmle asger-semmle merged commit 47ba7d3 into github:master Apr 25, 2019
@xiemaisi xiemaisi deleted the js/symbolic-constants branch May 2, 2019 07:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants