hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-29 18:55:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #12081 from jcogs33/jcogs33/update-some-Files-sinks

Browse Source 
Java: update `createTempDirectory` and `copy` "create-file" sinks
This commit is contained in:
Jami
2023-02-14 10:53:17 -05:00
committed by GitHub
parent e40bb6ac87 e4c8387815
commit 029e1d47fe
5 changed files with 12 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
java/ql/src/Security/CWE/CWE-022/TaintedPath.ql
View File

@@ -29,7 +29,7 @@ class TaintedPathConfig extends TaintTracking::Configuration {
override predicate isSink(DataFlow::Node sink) {
sink.asExpr() = any(PathCreation p).getAnInput()
or
sinkNode(sink, "create-file")
sinkNode(sink, ["create-file", "read-file"])
}
override predicate isSanitizer(DataFlow::Node sanitizer) {