hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-29 18:55:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #520 from esben-semmle/js/clear-text-logging-taint-kinds

Browse Source 
Approved by asger-semmle
This commit is contained in:
semmle-qlci
2018-11-23 12:40:40 +00:00
committed by GitHub
parent 817456ee9f b780f82869
commit 04c2b23abd
4 changed files with 35 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
javascript/ql/src/semmle/javascript/security/dataflow/CleartextLogging.qll
View File

@@ -52,7 +52,7 @@ module CleartextLogging {
}
override predicate isAdditionalFlowStep(DataFlow::Node src, DataFlow::Node trg) {
any (TaintTracking::StringConcatenationTaintStep s).step(src, trg)
StringConcatenation::taintStep(src, trg)
or
exists (string name | name = "toString" or name = "valueOf" |
src.(DataFlow::SourceNode).getAMethodCall(name) = trg