Fix bug in sink detection

2026-03-06 07:36:47 +01:00 · 2021-09-30 12:48:27 +02:00
parent c616eb1473
commit 2b2ac82fb7
2 changed files with 3 additions and 3 deletions
--- a/java/ql/src/utils/model-generator/CaptureSinkModels.ql
+++ b/java/ql/src/utils/model-generator/CaptureSinkModels.ql
@@ -28,7 +28,7 @@ class PropagateToSinkConfiguration extends TaintTracking::Configuration {
 string asInputArgument(Expr source) {
  result = "Argument[" + source.(Argument).getPosition() + "]"
  or
-  result = source.(VarAccess).getVariable().toString()
+  result = "Argument[" + source.(VarAccess).getVariable().(Parameter).getPosition() + "]"
 }

 string captureSink(Callable api) {