hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-29 18:55:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Rust: Give regex injection extendable sources as well.

Browse Source
This commit is contained in:
Geoffrey White
2025-04-04 18:27:16 +01:00
parent 0db551032c
commit 47ee6c6b81
2 changed files with 11 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
rust/ql/src/queries/security/CWE-020/RegexInjection.ql
View File

@@ -17,7 +17,6 @@
private import rust
private import codeql.rust.dataflow.DataFlow
private import codeql.rust.dataflow.TaintTracking
private import codeql.rust.Concepts
private import codeql.rust.security.regex.RegexInjectionExtensions
/**
@@ -26,7 +25,7 @@ private import codeql.rust.security.regex.RegexInjectionExtensions
module RegexInjectionConfig implements DataFlow::ConfigSig {
import RegexInjection
predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }
predicate isSource(DataFlow::Node source) { source instanceof Source }
predicate isSink(DataFlow::Node sink) { sink instanceof Sink }