hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #8401 from jketema/taint-flow

Browse Source 
Extend taint tracking interface with flow states
This commit is contained in:
Jeroen Ketema
2022-03-14 12:06:10 +01:00
committed by GitHub
parent 2f4a22c86c c832b21fbe
commit 4c2081b7fc
28 changed files with 825 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
python/ql/src/experimental/semmle/python/security/injection/NoSQLInjection.qll
View File

@@ -19,13 +19,13 @@ module NoSqlInjection {
state instanceof ConvertedToDict
}
override predicate isBarrier(DataFlow::Node node, DataFlow::FlowState state) {
override predicate isSanitizer(DataFlow::Node node, DataFlow::FlowState state) {
// Block `RemoteInput` paths here, since they change state to `ConvertedToDict`
exists(Decoding decoding | decoding.getFormat() = "JSON" and node = decoding.getOutput()) and
state instanceof RemoteInput
}
override predicate isAdditionalFlowStep(
override predicate isAdditionalTaintStep(
DataFlow::Node nodeFrom, DataFlow::FlowState stateFrom, DataFlow::Node nodeTo,
DataFlow::FlowState stateTo
) {