hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity

Filter out sources from test directories

Browse Source
This commit is contained in:
Josh Brown
2024-03-25 11:10:13 -07:00
parent a3eecc33a8
commit 720285f724
1 changed files with 6 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
cpp/ql/src/Security/CWE/CWE-129/ImproperArrayIndexValidation.ql
View File

@@ -66,7 +66,10 @@ predicate predictableInstruction(Instruction instr) {
}
module ImproperArrayIndexValidationConfig implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node source) { isFlowSource(source, _) }
predicate isSource(DataFlow::Node source) {
isFlowSource(source, _) and
not source.asExpr().getFile().getRelativePath().regexpMatch("/tests?/")
}
predicate isBarrier(DataFlow::Node node) {
hasUpperBound(node.asExpr())
@@ -116,15 +119,11 @@ module ImproperArrayIndexValidationConfig implements DataFlow::ConfigSig {
module ImproperArrayIndexValidation = TaintTracking::Global<ImproperArrayIndexValidationConfig>;
predicate isInTestFile(ImproperArrayIndexValidation::PathNode node){
node.getNode().asExpr().getFile().getRelativePath().regexpMatch("/tests?/")
}
from
ImproperArrayIndexValidation::PathNode source, ImproperArrayIndexValidation::PathNode sink,
ImproperArrayIndexValidation::PathNode source,
ImproperArrayIndexValidation::PathNode sink,
string sourceType
where
not isInTestFile(source) and
ImproperArrayIndexValidation::flowPath(source, sink) and
isFlowSource(source.getNode(), sourceType)
select sink.getNode(), source, sink,