Java: Exclude source-to-source flow in 5 queries.

2026-05-10 09:19:27 +02:00 · 2023-07-17 09:06:49 +02:00
parent 1c8297b91b
commit 6770d2a49b
5 changed files with 12 additions and 0 deletions
--- a/java/ql/lib/semmle/code/java/security/RequestForgeryConfig.qll
+++ b/java/ql/lib/semmle/code/java/security/RequestForgeryConfig.qll
@@ -51,6 +51,8 @@ module RequestForgeryConfig implements DataFlow::ConfigSig {
  }

  predicate isBarrier(DataFlow::Node node) { node instanceof RequestForgerySanitizer }
+
+  predicate isBarrierIn(DataFlow::Node node) { isSource(node) }
 }

 module RequestForgeryFlow = TaintTracking::Global<RequestForgeryConfig>;