Refactor ReceivedItemAsRemoteFlow to handle data from both client and server WebSocket sources

Author: Napalys

javascript/ql/lib/semmle/javascript/frameworks/WebSocket.qll

@@ -344,15 +344,18 @@ module ServerWebSocket {
       result = this.getCallback(1).getParameter(0)
     }
   }
+}
 
-  /**
-   * A data flow node representing data received from a client, viewed as remote user input.
-   */
-  private class ReceivedItemAsRemoteFlow extends RemoteFlowSource {
-    ReceivedItemAsRemoteFlow() { this = any(ReceiveNode rercv).getReceivedItem(_) }
+/**
+ * A data flow node representing data received from a client or server, viewed as remote user input.
+ */
+private class ReceivedItemAsRemoteFlow extends RemoteFlowSource {
+  ReceivedItemAsRemoteFlow() {
+    this = any(ClientWebSocket::ReceiveNode rercv).getReceivedItem(_) or
+    this = any(ServerWebSocket::ReceiveNode rercv).getReceivedItem(_)
+  }
 
-    override string getSourceType() { result = "WebSocket client data" }
+  override string getSourceType() { result = "WebSocket transmitted data" }
 
-    override predicate isUserControlledObject() { any() }
-  }
+  override predicate isUserControlledObject() { any() }
 }

javascript/ql/test/library-tests/frameworks/WebSocket/browser-custom.js

@@ -8,11 +8,11 @@ import { MyWebSocket, MySockJS, myWebSocketInstance, mySockJSInstance } from './
 	});
 
 	socket.addEventListener('message', function (event) {
-		console.log('Message from server ', event.data);
+		console.log('Message from server ', event.data); // $ remoteFlow
 	}); // $ clientReceive
 
 	socket.onmessage = function (event) {
-		console.log("Message from server 2", event.data)
+		console.log("Message from server 2", event.data); // $ remoteFlow
 	}; // $ clientReceive
 })();
 
@@ -24,12 +24,12 @@ import { MyWebSocket, MySockJS, myWebSocketInstance, mySockJSInstance } from './
 	};
 
 	sock.onmessage = function (e) {
-		console.log('message', e.data);
+		console.log('message', e.data); // $ remoteFlow
 		sock.close();
 	}; // $ clientReceive
 
 	sock.addEventListener('message', function (event) {
-		console.log('Using addEventListener ', event.data);
+		console.log('Using addEventListener ', event.data); // $ remoteFlow
 	}); // $ clientReceive
 })();
 
@@ -40,11 +40,11 @@ import { MyWebSocket, MySockJS, myWebSocketInstance, mySockJSInstance } from './
     });
 
     myWebSocketInstance.addEventListener('message', function (event) {
-        console.log('Message from server ', event.data);
+        console.log('Message from server ', event.data); // $ remoteFlow
     }); // $ clientReceive
 
     myWebSocketInstance.onmessage = function (event) {
-        console.log("Message from server 2", event.data)
+        console.log("Message from server 2", event.data); // $ remoteFlow
     }; // $ clientReceive
 })();
 
@@ -55,18 +55,18 @@ import { MyWebSocket, MySockJS, myWebSocketInstance, mySockJSInstance } from './
     };
 
     mySockJSInstance.onmessage = function (e) {
-        console.log('message', e.data);
+        console.log('message', e.data); // $ remoteFlow
         mySockJSInstance.close();
     }; // $ clientReceive
 
     mySockJSInstance.addEventListener('message', function (event) {
-        console.log('Using addEventListener ', event.data);
+        console.log('Using addEventListener ', event.data); // $ remoteFlow
     }); // $ clientReceive
 })();
 
 
 const recv_message = function (e) {
-    console.log('Received message:', e.data);
+    console.log('Received message:', e.data); // $ remoteFlow
 }; // $ clientReceive
 
 (function () {

javascript/ql/test/library-tests/frameworks/WebSocket/browser.js

@@ -6,11 +6,11 @@
 	});
 
 	socket.addEventListener('message', function (event) {
-		console.log('Message from server ', event.data);
+		console.log('Message from server ', event.data); // $ remoteFlow
 	}); // $clientReceive
 
 	socket.onmessage = function (event) {
-		console.log("Message from server 2", event.data)
+		console.log("Message from server 2", event.data); // $ remoteFlow
 	}; // $clientReceive
 })();
 
@@ -22,12 +22,12 @@
 	};
 
 	sock.onmessage = function (e) {
-		console.log('message', e.data);
+		console.log('message', e.data); // $ remoteFlow
 		sock.close();
 	}; // $clientReceive
 
 	sock.addEventListener('message', function (event) {
-		console.log('Using addEventListener ', event.data);
+		console.log('Using addEventListener ', event.data); // $ remoteFlow
 	}); // $clientReceive
 })();
 

javascript/ql/test/library-tests/frameworks/WebSocket/client-custom.js

@@ -7,7 +7,7 @@ const { MyWebSocketWS, myWebSocketWSInstance } = require('./client.js');
 		ws.send('Hi from client!'); // $ clientSend
 	});
 
-	ws.on('message', function incoming(data) {
+	ws.on('message', function incoming(data) { // $ remoteFlow
 		console.log(data);
 	}); // $ clientReceive
 })();
@@ -17,7 +17,7 @@ const { MyWebSocketWS, myWebSocketWSInstance } = require('./client.js');
 		myWebSocketWSInstance.send('Hi from client!'); // $ clientSend
 	});
 
-	myWebSocketWSInstance.on('message', function incoming(data) {
+	myWebSocketWSInstance.on('message', function incoming(data) { // $ remoteFlow
 		console.log(data);
 	}); // $ clientReceive
 })();

javascript/ql/test/library-tests/frameworks/WebSocket/client.js

@@ -7,7 +7,7 @@ const WebSocket = require('ws');
 		ws.send('Hi from client!'); // $clientSend
 	});
 
-	ws.on('message', function incoming(data) {
+	ws.on('message', function incoming(data) { // $ remoteFlow
 		console.log(data);
 	}); // $clientReceive
 })();

javascript/ql/test/library-tests/frameworks/WebSocket/test.expected

@@ -1,17 +1,17 @@
 clientReceive
-| browser-custom.js:10:37:12:2 | functio ... ta);\\n\\t} |
-| browser-custom.js:14:21:16:2 | functio ... ata)\\n\\t} |
+| browser-custom.js:10:37:12:2 | functio ... Flow\\n\\t} |
+| browser-custom.js:14:21:16:2 | functio ... Flow\\n\\t} |
 | browser-custom.js:26:19:29:2 | functio ... e();\\n\\t} |
-| browser-custom.js:31:35:33:2 | functio ... ta);\\n\\t} |
-| browser-custom.js:42:53:44:5 | functio ... ;\\n    } |
-| browser-custom.js:46:37:48:5 | functio ... )\\n    } |
+| browser-custom.js:31:35:33:2 | functio ... Flow\\n\\t} |
+| browser-custom.js:42:53:44:5 | functio ... w\\n    } |
+| browser-custom.js:46:37:48:5 | functio ... w\\n    } |
 | browser-custom.js:57:34:60:5 | functio ... ;\\n    } |
-| browser-custom.js:62:50:64:5 | functio ... ;\\n    } |
-| browser-custom.js:68:22:70:1 | functio ... ata);\\n} |
-| browser.js:8:37:10:2 | functio ... ta);\\n\\t} |
-| browser.js:12:21:14:2 | functio ... ata)\\n\\t} |
+| browser-custom.js:62:50:64:5 | functio ... w\\n    } |
+| browser-custom.js:68:22:70:1 | functio ... eFlow\\n} |
+| browser.js:8:37:10:2 | functio ... Flow\\n\\t} |
+| browser.js:12:21:14:2 | functio ... Flow\\n\\t} |
 | browser.js:24:19:27:2 | functio ... e();\\n\\t} |
-| browser.js:29:35:31:2 | functio ... ta);\\n\\t} |
+| browser.js:29:35:31:2 | functio ... Flow\\n\\t} |
 | client-custom.js:10:19:12:2 | functio ... ta);\\n\\t} |
 | client-custom.js:20:38:22:2 | functio ... ta);\\n\\t} |
 | client.js:10:19:12:2 | functio ... ta);\\n\\t} |
@@ -102,6 +102,22 @@ flowSteps
 | sockjs.js:11:20:11:50 | JSON.st ... .test)) | browser.js:25:26:25:31 | e.data |
 | sockjs.js:11:20:11:50 | JSON.st ... .test)) | browser.js:30:42:30:51 | event.data |
 remoteFlow
+| browser-custom.js:11:39:11:48 | event.data |
+| browser-custom.js:15:40:15:49 | event.data |
+| browser-custom.js:27:26:27:31 | e.data |
+| browser-custom.js:32:42:32:51 | event.data |
+| browser-custom.js:43:45:43:54 | event.data |
+| browser-custom.js:47:46:47:55 | event.data |
+| browser-custom.js:58:32:58:37 | e.data |
+| browser-custom.js:63:48:63:57 | event.data |
+| browser-custom.js:69:38:69:43 | e.data |
+| browser.js:9:39:9:48 | event.data |
+| browser.js:13:40:13:49 | event.data |
+| browser.js:25:26:25:31 | e.data |
+| browser.js:30:42:30:51 | event.data |
+| client-custom.js:10:37:10:40 | data |
+| client-custom.js:20:56:20:59 | data |
+| client.js:10:37:10:40 | data |
 | server-custom.js:7:38:7:44 | message |
 | server-custom.js:17:38:17:44 | message |
 | server.js:7:38:7:44 | message |