add flow with module boilerplate

2025-12-16 18:23:05 +01:00 · 2025-03-03 11:21:04 -08:00
parent ea0311f339
commit 00bd07be2b
1 changed files with 25 additions and 4 deletions
--- a/session.ql
+++ b/session.ql
@@ -32,8 +32,8 @@ class DataSink extends Expr {
    }
  }

-from DataSource ds
-select ds
+// from DataSource ds
+// select ds


 // from FunctionCall exec, Expr query 
@@ -52,3 +52,24 @@ select ds
 // DFG Data flow graph
 // Type hierarchy
 //
+
+
+import semmle.code.cpp.dataflow.new.TaintTracking
+
+
+module SqliFlowConfig implements DataFlow::ConfigSig {
+    predicate isSource(DataFlow::Node source) {
+    }
+
+    predicate isSink(DataFlow::Node sink) {
+    }
+    
+}
+
+
+module MyFlow = TaintTracking::Global<SqliFlowConfig>;
+import MyFlow::PathGraph
+
+from  MyFlow::PathNode source, MyFlow::PathNode sink
+where MyFlow::flowPath(source, sink)
+select sink, source, sink, "Possible SQL injection"