hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-30 11:01:24 +02:00
Code Issues Packages Projects Releases Wiki Activity

exclude intermediary data flow nodes from sinks

Browse Source
This commit is contained in:
Esben Sparre Andreasen
2022-03-16 08:03:05 +01:00
parent 3311fedda7
commit 3e4abb0a1d
1 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/StandardEndpointFilters.qll
View File

@@ -11,8 +11,14 @@ private import semmle.javascript.filters.ClassifyFiles as ClassifyFiles
private import semmle.javascript.heuristics.SyntacticHeuristics
private import CoreKnowledge as CoreKnowledge
predicate isIntermediaryDataflowNode(DataFlow::Node n) {
n instanceof DataFlow::ExceptionalInvocationReturnNode
}
/** Provides a set of reasons why a given data flow node should be excluded as a sink candidate. */
string getAReasonSinkExcluded(DataFlow::Node n) {
isIntermediaryDataflowNode(n) and result = "intermediary dataflow node"
or
isArgumentToModeledFunction(n) and result = "argument to modeled function"
or
isArgumentToSinklessLibrary(n) and result = "argument to sinkless library"