Add defaultImplicitTaintRead

2025-12-23 20:26:32 +01:00 · 2021-07-15 15:52:59 +00:00
parent dc4d353a01
commit 258f85d6d0
1 changed files with 7 additions and 0 deletions
--- a/ql/src/codeql_ruby/dataflow/internal/TaintTrackingPrivate.qll
+++ b/ql/src/codeql_ruby/dataflow/internal/TaintTrackingPrivate.qll
@@ -9,6 +9,13 @@ private import codeql_ruby.DataFlow
 */
 predicate defaultTaintSanitizer(DataFlow::Node node) { none() }

+/**
+ * Holds if default `TaintTracking::Configuration`s should allow implicit reads
+ * of `c` at sinks and inputs to additional taint steps.
+ */
+bindingset[node]
+predicate defaultImplicitTaintRead(DataFlow::Node node, DataFlow::Content c) { none() }
+
 /**
 * Holds if the additional step from `nodeFrom` to `nodeTo` should be included
 * in all global taint flow configurations.