hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-04 22:56:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

Apply suggestions from code review

Browse Source 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
This commit is contained in:
Tony Torralba
2023-07-21 11:18:55 +02:00
parent 3a6665b0ed
commit 0156fcc381
2 changed files with 21 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
java/ql/lib/semmle/code/java/JDK.qll
View File

@@ -232,10 +232,10 @@ private class InputStreamWrapperAnonymousStep extends AdditionalTaintStep {
*/
private class InputStreamWrapperConstructorStep extends AdditionalTaintStep {
override predicate step(DataFlow::Node n1, DataFlow::Node n2) {
exists(ClassInstanceExpr cc, Argument a, AssignExpr ae |
exists(ClassInstanceExpr cc, Argument a, AssignExpr ae, int pos |
cc.getConstructedType().getASourceSupertype+() instanceof TypeInputStream and
cc.getAnArgument() = a and
cc.getCallee().getParameter(a.getParameterPos()).getAnAccess() = ae.getRhs() and
cc.getArgument(pragma[only_bind_into](pos)) = a and
cc.getCallee().getParameter(pragma[only_bind_into](pos)).getAnAccess() = ae.getRhs() and
ae.getDest().(FieldWrite).getField().getType().(RefType).getASourceSupertype*() instanceof
TypeInputStream
|