-
Notifications
You must be signed in to change notification settings - Fork 1.9k
Expand file tree
/
Copy pathDoubleCompilation.ql
More file actions
30 lines (28 loc) · 970 Bytes
/
DoubleCompilation.ql
File metadata and controls
30 lines (28 loc) · 970 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
/**
* @name Double compilation
* @description Recompiling an already compiled part of the DOM can lead to
* unexpected behavior of directives, performance problems, and memory leaks.
* @kind problem
* @problem.severity warning
* @security-severity 8.8
* @id js/angular/double-compilation
* @tags reliability
* frameworks/angularjs
* security
* external/cwe/cwe-1176
* @precision very-high
*/
import javascript
from AngularJS::ServiceReference compile, DataFlow::ParameterNode elem, DataFlow::CallNode c
where
compile.getName() = "$compile" and
elem =
any(AngularJS::CustomDirective d)
.getALinkFunction()
.(AngularJS::LinkFunction)
.getElementParameter() and
c = compile.getACall() and
elem.flowsTo(c.getArgument(0)) and
// don't flag $compile calls that specify a `maxPriority`
c.getNumArgument() < 3
select c, "This call to $compile may cause double compilation of '" + elem + "'."