Module DataFlow

DEPRECATED: Use the new data flow library instead.

Provides a class DataFlowNode for working with a data flow graph-based program representation.

We distinguish between local flow and non-local flow.

Local flow only considers three kinds of data flow:

  1. Flow within an expression, for example from the operands of a && expression to the expression itself.
  2. Flow through local variables, that is, from definitions to uses. Captured variables are treated flow-insensitively, that is, all definitions are considered to flow to all uses, while for non-captured variables only definitions that can actually reach a use are considered.
  3. Flow into and out of immediately invoked function expressions, that is, flow from arguments to parameters, and from returned expressions to the function expression itself.

Non-local flow additionally tracks data flow through global variables.

Flow through object properties or function calls is not modelled (except for immediately invoked functions as explained above).

Import path

semmle.javascript.DataFlow

Imports

javascript

Provides classes for working with JavaScript programs, as well as JSON, YAML and HTML.

Classes

DataFlowIncompleteness

A classification of flows that are not modeled, or only modeled incompletely, by DataFlowNode.

DataFlowNode

DEPRECATED: Use DataFlow::Node instead.

PropReadNode

A data flow node that reads an object property.

PropRefNode

A data flow node that reads or writes an object property.

PropWriteNode

A data flow node that writes to an object property.