mirror of
https://github.com/github/codeql.git
synced 2026-02-23 02:13:41 +01:00
Java: Add taint step for InputStream wrappers
This commit is contained in:
@@ -757,7 +757,7 @@ private predicate baseBound(Expr e, int b, boolean upper) {
|
||||
or
|
||||
exists(Method read |
|
||||
e.(MethodAccess).getMethod().overrides*(read) and
|
||||
read.getDeclaringType().hasQualifiedName("java.io", "InputStream") and
|
||||
read.getDeclaringType() instanceof TypeInputStream and
|
||||
read.hasName("read") and
|
||||
read.getNumberOfParameters() = 0
|
||||
|
|
||||
|
||||
Reference in New Issue
Block a user