Drop taint tracking for Arrays.{setAll, parallelSetAll, parallelPrefix}

2026-03-01 05:13:41 +01:00 · 2020-07-07 17:22:30 +02:00
parent 19a481f809
commit 583f7f914e
2 changed files with 1 additions and 5 deletions
--- a/java/ql/src/semmle/code/java/dataflow/internal/ContainerFlow.qll
+++ b/java/ql/src/semmle/code/java/dataflow/internal/ContainerFlow.qll
@@ -204,7 +204,7 @@ private predicate taintPreservingArgToArg(Method method, int input, int output)
  or
  method.getDeclaringType().hasQualifiedName("java.util", "Arrays") and
  (
-    method.hasName(["fill", "parallelPrefix", "parallelSetAll", "setAll"]) and
+    method.hasName("fill") and
    output = 0 and
    input = method.getNumberOfParameters() - 1
  )