diff --git a/powershell/ql/lib/semmle/code/powershell/ast/internal/Attribute.qll b/powershell/ql/lib/semmle/code/powershell/ast/internal/Attribute.qll index 87d70a7f18c0..753cd977c290 100644 --- a/powershell/ql/lib/semmle/code/powershell/ast/internal/Attribute.qll +++ b/powershell/ql/lib/semmle/code/powershell/ast/internal/Attribute.qll @@ -1,7 +1,10 @@ private import AstImport class Attribute extends AttributeBase, TAttribute { - string getName() { result = getRawAst(this).(Raw::Attribute).getName() } + string getLowerCaseName() { result = getRawAst(this).(Raw::Attribute).getName().toLowerCase() } + + bindingset[result] + string getAName() { result.toLowerCase() = this.getLowerCaseName() } NamedAttributeArgument getNamedArgument(int i) { exists(ChildIndex index, Raw::Ast r | index = attributeNamedArg(i) and r = getRawAst(this) | @@ -41,7 +44,7 @@ class Attribute extends AttributeBase, TAttribute { result = this.toStringSpecific() or not exists(this.toStringSpecific()) and - result = this.getName() + result = this.getLowerCaseName() } final override Ast getChild(ChildIndex i) { diff --git a/powershell/ql/lib/semmle/code/powershell/controlflow/CfgNodes.qll b/powershell/ql/lib/semmle/code/powershell/controlflow/CfgNodes.qll index 9c9eb0fd5ffb..4716cc746042 100644 --- a/powershell/ql/lib/semmle/code/powershell/controlflow/CfgNodes.qll +++ b/powershell/ql/lib/semmle/code/powershell/controlflow/CfgNodes.qll @@ -180,6 +180,11 @@ class AttributeCfgNode extends AttributeBaseCfgNode { ExprCfgNode getPositionalArgument(int i) { attr.hasCfgChild(attr.getPositionalArgument(i), this, result) } + + string getLowerCaseName() { result = attr.getLowerCaseName() } + + bindingset[result] + string getAName() { result = attr.getAName() } } private class ScriptBlockChildMapping extends NonExprChildMapping, ScriptBlock { diff --git a/powershell/ql/lib/semmle/code/powershell/security/CommandInjectionCustomizations.qll b/powershell/ql/lib/semmle/code/powershell/security/CommandInjectionCustomizations.qll index 5ed0c2d0b671..316e203013ee 100644 --- a/powershell/ql/lib/semmle/code/powershell/security/CommandInjectionCustomizations.qll +++ b/powershell/ql/lib/semmle/code/powershell/security/CommandInjectionCustomizations.qll @@ -240,7 +240,7 @@ module CommandInjection { exists(Function f, Attribute a, Parameter p | p = f.getAParameter() and p.getAnAttribute() = a and - a.getName() = ["ValidateScript", "ValidateSet", "ValidatePattern"] and + a.getAName() = ["ValidateScript", "ValidateSet", "ValidatePattern"] and this.asParameter() = p ) } diff --git a/powershell/ql/src/queries/security/cwe-078/CommandInjectionCritical.ql b/powershell/ql/src/queries/security/cwe-078/CommandInjectionCritical.ql index c83fb4ed98d6..0b965c885ff8 100644 --- a/powershell/ql/src/queries/security/cwe-078/CommandInjectionCritical.ql +++ b/powershell/ql/src/queries/security/cwe-078/CommandInjectionCritical.ql @@ -26,7 +26,7 @@ abstract class CriticalSource extends DataFlow::Node { class CmdletBindingParam extends CriticalSource { CmdletBindingParam(){ exists(Attribute a, Function f | - a.getName() = "CmdletBinding" and + a.getAName() = "CmdletBinding" and f = a.getEnclosingFunction() and this.asParameter() = f.getAParameter() ) diff --git a/powershell/ql/test/library-tests/ast/parent.expected b/powershell/ql/test/library-tests/ast/parent.expected index 3e1bcf300caa..00622cf4c19c 100644 --- a/powershell/ql/test/library-tests/ast/parent.expected +++ b/powershell/ql/test/library-tests/ast/parent.expected @@ -116,11 +116,11 @@ | Arrays/Arrays.ps1:15:1:15:14 | [Stmt] Call to add | Arrays/Arrays.ps1:1:1:15:14 | {...} | | Arrays/Arrays.ps1:15:9:15:11 | Add | Arrays/Arrays.ps1:15:1:15:14 | Call to add | | Arrays/Arrays.ps1:15:13:15:13 | 1 | Arrays/Arrays.ps1:15:1:15:14 | Call to add | -| Blocks/ParamBlock.ps1:1:1:1:17 | CmdletBinding | Blocks/ParamBlock.ps1:1:1:5:1 | {...} | +| Blocks/ParamBlock.ps1:1:1:1:17 | cmdletbinding | Blocks/ParamBlock.ps1:1:1:5:1 | {...} | | Blocks/ParamBlock.ps1:1:1:5:1 | [synth] pipeline | Blocks/ParamBlock.ps1:1:1:5:1 | {...} | | Blocks/ParamBlock.ps1:1:1:5:1 | {...} | Blocks/ParamBlock.ps1:1:1:5:1 | toplevel function for ParamBlock.ps1 | | Blocks/ParamBlock.ps1:2:1:5:1 | {...} | Blocks/ParamBlock.ps1:1:1:5:1 | {...} | -| Blocks/ParamBlock.ps1:3:5:3:17 | Parameter | Blocks/ParamBlock.ps1:3:5:4:22 | parameter | +| Blocks/ParamBlock.ps1:3:5:3:17 | parameter | Blocks/ParamBlock.ps1:3:5:4:22 | parameter | | Blocks/ParamBlock.ps1:3:5:4:22 | parameter | Blocks/ParamBlock.ps1:1:1:5:1 | {...} | | Blocks/ParamBlock.ps1:4:5:4:12 | string | Blocks/ParamBlock.ps1:3:5:4:22 | parameter | | Dynamic/DynamicExecution.ps1:1:1:1:4 | foo | Dynamic/DynamicExecution.ps1:1:1:1:16 | ...=... | @@ -420,7 +420,7 @@ | Statements/UseProcessBlockForPipelineCommand.ps1:1:1:11:1 | {...} | Statements/UseProcessBlockForPipelineCommand.ps1:1:1:11:1 | toplevel function for UseProcessBlockForPipelineCommand.ps1 | | Statements/UseProcessBlockForPipelineCommand.ps1:1:1:11:1 | {...} | Statements/UseProcessBlockForPipelineCommand.ps1:1:1:11:1 | {...} | | Statements/UseProcessBlockForPipelineCommand.ps1:2:1:11:1 | {...} | Statements/UseProcessBlockForPipelineCommand.ps1:1:1:11:1 | Get-Number | -| Statements/UseProcessBlockForPipelineCommand.ps1:3:5:3:21 | CmdletBinding | Statements/UseProcessBlockForPipelineCommand.ps1:2:1:11:1 | {...} | +| Statements/UseProcessBlockForPipelineCommand.ps1:3:5:3:21 | cmdletbinding | Statements/UseProcessBlockForPipelineCommand.ps1:2:1:11:1 | {...} | | Statements/UseProcessBlockForPipelineCommand.ps1:4:5:10:11 | {...} | Statements/UseProcessBlockForPipelineCommand.ps1:2:1:11:1 | {...} | | Statements/UseProcessBlockForPipelineCommand.ps1:5:9:5:38 | ValueFromPipeline | Statements/UseProcessBlockForPipelineCommand.ps1:5:9:7:15 | number | | Statements/UseProcessBlockForPipelineCommand.ps1:5:9:7:15 | number | Statements/UseProcessBlockForPipelineCommand.ps1:2:1:11:1 | {...} |