hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-28 18:25:24 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #4867 from RasmusWL/java-externalapis-taint-step

Browse Source 
Java: Fix taint-step handling for untrusted-data-external-api
This commit is contained in:
Anders Schack-Mulligen
2021-01-11 13:36:59 +01:00
committed by GitHub
parent b794fcb841 00c253a710
commit 3a2dd8f1ed
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
java/ql/src/semmle/code/java/security/ExternalAPIs.qll
View File

@@ -75,8 +75,9 @@ class ExternalAPIDataNode extends DataFlow::Node {
m.getASourceOverriddenMethod() = call.getCallee().getSourceDeclaration() and
m.fromSource()
) and
// Not already modeled as a taint step
// Not already modeled as a taint step (we need both of these to handle `AdditionalTaintStep` subclasses as well)
not exists(DataFlow::Node next | TaintTracking::localTaintStep(this, next)) and
not exists(DataFlow::Node next | TaintTracking::defaultAdditionalTaintStep(this, next)) and
// Not a call to a known safe external API
not call.getCallee() instanceof SafeExternalAPIMethod
}