hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-23 15:55:18 +02:00
Code Issues Packages Projects Releases Wiki Activity

Java: Exclude qualifier argument for existing models

Browse Source 
Excludes candadites for `Argument[this]` where we already have a model that covers a
different argument of the containing call.
This commit is contained in:
Taus
2023-07-14 14:26:21 +02:00
parent 9193de6898
commit 6793bc6c6b
1 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
java/ql/src/Telemetry/AutomodelApplicationModeCharacteristics.qll
View File

@@ -329,9 +329,10 @@ private class OtherArgumentToModeledMethodCharacteristic extends Characteristics
override predicate appliesToEndpoint(Endpoint e) {
not ApplicationCandidatesImpl::isSink(e, _) and
exists(DataFlow::Node otherSink |
exists(DataFlow::Node otherSink, Call c |
ApplicationCandidatesImpl::isSink(otherSink, _) and
e.asExpr() = otherSink.asExpr().(Argument).getCall().getAnArgument() and
c = otherSink.asExpr().(Argument).getCall() and
e.asExpr() in [c.getQualifier(), c.getAnArgument()] and
e != otherSink
)
}