hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 19:26:02 +02:00
Code Issues Packages Projects Releases Wiki Activity

Remove specified value step from additional taint step

Browse Source
This commit is contained in:
luchua-bc
2022-02-14 15:42:54 +00:00
parent 35a924292b
commit 2b5982fd9d
1 changed files with 0 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
java/ql/src/experimental/Security/CWE/CWE-073/FilePathInjection.ql
View File

@@ -28,10 +28,6 @@ class InjectFilePathConfig extends TaintTracking::Configuration {
not sink instanceof NormalizedPathNode
}
override predicate isAdditionalTaintStep(DataFlow::Node pred, DataFlow::Node succ) {
any(AdditionalValueStep r).step(pred, succ)
}
override predicate isSanitizer(DataFlow::Node node) {
exists(Type t | t = node.getType() | t instanceof BoxedType or t instanceof PrimitiveType)
}