hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-02 04:05:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

C#: Move the isRelevantTaintStep and isRelevantContent into the shared utils.

Browse Source
This commit is contained in:
Michael Nebel
2022-03-09 15:43:27 +01:00
parent 665e3c9326
commit 2476e716a2
4 changed files with 43 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
java/ql/src/utils/model-generator/ModelGeneratorUtils.qll
View File

@@ -1,5 +1,25 @@
import ModelGeneratorUtilsSpecific
predicate isRelevantTaintStep(DataFlow::Node node1, DataFlow::Node node2) {
exists(DataFlow::Content f |
readStep(node1, f, node2) and
if f instanceof DataFlow::FieldContent
then isRelevantType(f.(DataFlow::FieldContent).getField().getType())
else
if f instanceof DataFlow::SyntheticFieldContent
then isRelevantType(f.(DataFlow::SyntheticFieldContent).getField().getType())
else any()
)
or
exists(DataFlow::Content f | storeStep(node1, f, node2) | DataFlow::containerContent(f))
}
predicate isRelevantContent(DataFlow::Content f) {
isRelevantType(f.(DataFlow::FieldContent).getField().getType()) or
isRelevantType(f.(DataFlow::FieldContent).getField().getType()) or
DataFlow::containerContent(f)
}
bindingset[input, output, kind]
string asSummaryModel(TargetApi api, string input, string output, string kind) {
result =

24
java/ql/src/utils/model-generator/ModelGeneratorUtilsSpecific.qll
View File

@@ -1,9 +1,9 @@
import java
import semmle.code.java.dataflow.internal.DataFlowPrivate
import semmle.code.java.dataflow.DataFlow
private import semmle.code.java.dataflow.ExternalFlow
private import semmle.code.java.dataflow.internal.ContainerFlow
private import semmle.code.java.dataflow.internal.DataFlowImplCommon
private import semmle.code.java.dataflow.DataFlow
private import semmle.code.java.dataflow.internal.DataFlowPrivate
Method superImpl(Method m) {
result = m.getAnOverride() and
@@ -111,26 +111,6 @@ predicate isRelevantType(Type t) {
)
}
predicate isRelevantTaintStep(DataFlow::Node node1, DataFlow::Node node2) {
exists(DataFlow::Content f |
readStep(node1, f, node2) and
if f instanceof DataFlow::FieldContent
then isRelevantType(f.(DataFlow::FieldContent).getField().getType())
else
if f instanceof DataFlow::SyntheticFieldContent
then isRelevantType(f.(DataFlow::SyntheticFieldContent).getField().getType())
else any()
)
or
exists(DataFlow::Content f | storeStep(node1, f, node2) | DataFlow::containerContent(f))
}
predicate isRelevantContent(DataFlow::Content f) {
isRelevantType(f.(DataFlow::FieldContent).getField().getType()) or
isRelevantType(f.(DataFlow::FieldContent).getField().getType()) or
DataFlow::containerContent(f)
}
private string parameterAccess(Parameter p) {
if
p.getType() instanceof Array and