hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity

Java/NumericCastTaintedQuery

Browse Source 
java/ql/src/Security/CWE/CWE-681/NumericCastTainted.ql
This commit is contained in:
Nora Dimitrijević
2025-10-09 14:01:26 +02:00
parent 247ae1d23c
commit 72a97773b1
1 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
java/ql/lib/semmle/code/java/security/NumericCastTaintedQuery.qll
View File

@@ -106,8 +106,9 @@ module NumericCastFlowConfig implements DataFlow::ConfigSig {
predicate observeDiffInformedIncrementalMode() { any() } predicate observeDiffInformedIncrementalMode() { any() }
Location getASelectedSinkLocation(DataFlow::Node sink) { Location getASelectedSinkLocation(DataFlow::Node sink) {
exists(NumericNarrowingCastExpr cast | exists(NumericNarrowingCastExpr cast | cast.getExpr() = sink.asExpr() |
cast.getExpr() = sink.asExpr() and result = sink.getLocation()
or
result = cast.getLocation() result = cast.getLocation()
) )
} }