Java: Add taint step for InputStream wrappers

2026-02-23 02:13:41 +01:00 · 2023-07-19 11:36:09 +02:00
parent 69ea7d92cd
commit 00e0e5a61a
5 changed files with 140 additions and 1 deletions
--- a/java/ql/lib/semmle/code/java/dataflow/RangeAnalysis.qll
+++ b/java/ql/lib/semmle/code/java/dataflow/RangeAnalysis.qll
@@ -757,7 +757,7 @@ private predicate baseBound(Expr e, int b, boolean upper) {
  or
  exists(Method read |
    e.(MethodAccess).getMethod().overrides*(read) and
-    read.getDeclaringType().hasQualifiedName("java.io", "InputStream") and
+    read.getDeclaringType() instanceof TypeInputStream and
    read.hasName("read") and
    read.getNumberOfParameters() = 0
  |