hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity

refactor isSanitizerEdge in clear-text-logging

Browse Source
This commit is contained in:
Erik Krogh Kristensen
2019-11-05 10:16:20 +01:00
parent 92dc759cf9
commit 2bd48db8cd
1 changed files with 1 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
javascript/ql/src/semmle/javascript/security/dataflow/CleartextLogging.qll
View File

@@ -36,10 +36,8 @@ module CleartextLogging {
override predicate isSanitizerEdge(DataFlow::Node pred, DataFlow::Node succ, DataFlow::FlowLabel lbl) {
// Only unknown property reads on `process.env` propagate taint.
not lbl instanceof ProcessEnvLabel and
(not lbl instanceof ProcessEnvLabel or exists(succ.(DataFlow::PropRead).getPropertyName())) and
succ.(DataFlow::PropRead).getBase() = pred
or
exists(succ.(DataFlow::PropRead).getPropertyName())
}
override predicate isAdditionalFlowStep(