mirror of
https://github.com/github/codeql.git
synced 2026-03-01 05:13:41 +01:00
Java: Add localExprFlow and localExprTaint.
This commit is contained in:
@@ -334,6 +334,12 @@ private module ThisFlow {
|
||||
*/
|
||||
predicate localFlow(Node node1, Node node2) { localFlowStep*(node1, node2) }
|
||||
|
||||
/**
|
||||
* Holds if data can flow from `e1` to `e2` in zero or more
|
||||
* local (intra-procedural) steps.
|
||||
*/
|
||||
predicate localExprFlow(Expr e1, Expr e2) { localFlow(exprNode(e1), exprNode(e2)) }
|
||||
|
||||
/**
|
||||
* Holds if the `FieldRead` is not completely determined by explicit SSA
|
||||
* updates.
|
||||
|
||||
@@ -17,6 +17,14 @@ private import semmle.code.java.dataflow.internal.ContainerFlow
|
||||
*/
|
||||
predicate localTaint(DataFlow::Node src, DataFlow::Node sink) { localTaintStep*(src, sink) }
|
||||
|
||||
/**
|
||||
* Holds if taint can flow from `src` to `sink` in zero or more
|
||||
* local (intra-procedural) steps.
|
||||
*/
|
||||
predicate localExprTaint(Expr src, Expr sink) {
|
||||
localTaint(DataFlow::exprNode(src), DataFlow::exprNode(sink))
|
||||
}
|
||||
|
||||
/**
|
||||
* Holds if taint can flow in one local step from `src` to `sink`.
|
||||
*/
|
||||
|
||||
Reference in New Issue
Block a user