JS: Handle spread/rest in API graphs #19108
Conversation
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
asgerf
force-pushed
the
js/api-graph-spread-rest
branch
from
fa40ba8 to
fa8e886
Compare
asgerf
force-pushed
the
js/api-graph-spread-rest
branch
from
3a30bc5 to
b834ffe
Compare
| /** The argument index at which the spread argument appears. */ | ||
| int getIndex() { result = index } | ||
|
|
||
| override string toString() { result = "getSpreadArgument(" + index + ")" } |
There was a problem hiding this comment.
There is no getSpreadArgument() method on API::Node, which is what the toString() usually refers to.
I think it's fine here, but maybe add a small comment that this method is only used internally. (I'm counting the Label:: module as internal).
| or | ||
| exists(Function fun, DataFlow::InvokeNode invoke, int argIndex, Parameter rest | | ||
| fun.getRestParameter() = rest and | ||
| rest.flow() = pred and |
There was a problem hiding this comment.
.getALocalUse() on pred?
There was a problem hiding this comment.
Not needed. It would be equivalent to getALocalSource() on the rest parameter, but parameters are already a source.
| pred = trackUseNode(use, _, bound, "") and | ||
| invoke = pred.getAnInvocation().asExpr() and | ||
| i = firstSpreadIndex(invoke) and | ||
| spreadArray = invoke.getArgument(i - bound).(SpreadElement).getOperand().flow() |
There was a problem hiding this comment.
I having a hard time figuring out whether the arithmetic here is correct.
Could you add a test with some bound arguments?
There was a problem hiding this comment.
Good catch, there was indeed a bug here. Added a test and made the code easier to read.
| @@ -860,6 +865,15 @@ module API { | |||
| .getStaticMember(name, DataFlow::MemberKind::getter()) | |||
| .getAReturn() | |||
| ) | |||
| or | |||
| exists(Function fun, DataFlow::InvokeNode invoke, int argIndex, Parameter rest | | |||
There was a problem hiding this comment.
So this is modelling the parameters at (or after) the rest parameter, and modelling each entry as an array store into the spread argument.
And this is then only used for the getParameter method to be able to retrieve the correct parameter when there are spread arguments?
There was a problem hiding this comment.
Yes. Added a comment to clarify.
There was a problem hiding this comment.
And this is then only used for the getParameter method to be able to retrieve the correct parameter when there are spread arguments?
Ah, actually no, it's more than that. If a library model expects an argument to contain array elements, this will allow the model to find those array elements when the array was created by passing arguments into a rest parameter.
Co-authored-by: Erik Krogh Kristensen <[email protected]>
Makes sure API graphs can look through spread/rest parameters. An important situation where this occurs is in default constructors, where spread/rest are inserted automatically.
For example, the class below
is desugared into this:
We have a model that looks for arguments passed to the
ApolloServerconstructor,["@apollo/server", "Member[ApolloServer,ApolloServerBase].Argument[0].AnyMember.AnyMember.AnyMember.Parameter[1]", "remote"]This ought to pick up on calls to
new CustomApollobecause the arguments are forwarded toApolloServer:But evaluation got stuck at
Argument[0]because of two issues:supercall targeting theApolloServerconstructor was not being considered at all, and...argswere not understood by API graphsThis PR fixes the above two issues, and fixes the FN from the test case.