Skip to content

JS: Add model of d3 selections #5379

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 8 commits into from
Mar 12, 2021
Merged

JS: Add model of d3 selections #5379

merged 8 commits into from
Mar 12, 2021

Conversation

asgerf
Copy link
Contributor

@asgerf asgerf commented Mar 11, 2021
edited
Loading

Adds a model of d3 selections, which is the only part of d3 where I could find anything relevant for our security queries.

d3 selections are a bit like jQuery objects, in that they contain a collection of DOM elements, and have methods for interacting with them. The model just contributes news ways of interacting with the DOM via d3 selections.

Evaluations: (internal links)

@asgerf asgerf added JS Awaiting evaluation Do not merge yet, this PR is waiting for an evaluation to finish labels Mar 11, 2021
@asgerf asgerf requested a review from a team as a code owner March 11, 2021 10:16
erik-krogh
erik-krogh reviewed Mar 11, 2021
View reviewed changes
Copy link
Contributor

@erik-krogh erik-krogh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice.

What is the status of recognizing the source of CVE-2017-1000006?
I guess we don't recognize it.

javascript/ql/src/semmle/javascript/frameworks/D3.qll Outdated
Comment on lines 8 to 12
API::Node d3() {
result = API::moduleImport("d3")
or
result = API::moduleImport("d3-node").getInstance().getMember("d3")
}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I had expected that d3 would also be used as a global variable.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good point, we should totally recognize that.

@asgerf
Copy link
Contributor Author

asgerf commented Mar 11, 2021

What is the status of recognizing the source of CVE-2017-1000006?

Oh thanks for brining that up. Added a few things that I missed from the model. We do find the sources now.

@asgerf
Copy link
Contributor Author

asgerf commented Mar 12, 2021

New evaluations on d3 slugs and on default slugs look mostly OK, but I'll take a bit of time to investigate the slowest ones.

@asgerf asgerf removed the Awaiting evaluation Do not merge yet, this PR is waiting for an evaluation to finish label Mar 12, 2021
@asgerf
Copy link
Contributor Author

asgerf commented Mar 12, 2021

As far as I can tell the outliers are just noise.

@codeql-ci codeql-ci merged commit cb6ee54 into github:main Mar 12, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@erik-krogh erik-krogh erik-krogh approved these changes

Assignees
No one assigned
Labels
documentation JS
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@asgerf @erik-krogh @codeql-ci