Simplify CredentialExpr as the AddExpr step is included by TaintTracking::localTaintStep(node1, node2)

This commit is contained in:
Bt2018
2020-05-13 07:55:32 -04:00
committed by GitHub
parent d9cc3c6f8d
commit 632cb8b666

View File

@@ -20,14 +20,10 @@ private string getACredentialRegex() {
result = "(?i)(.*username|url).*"
}
/** The variable or concatenated string with the variable that keeps sensitive information judging by its name * */
/** Variable keeps sensitive information judging by its name * */
class CredentialExpr extends Expr {
CredentialExpr() {
exists(Variable v |
(this.(AddExpr).getAnOperand() = v.getAnAccess() or this = v.getAnAccess())
|
v.getName().regexpMatch(getACredentialRegex())
)
exists(Variable v | this = v.getAnAccess() | v.getName().regexpMatch(getACredentialRegex()))
}
}