hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-06 15:49:08 +01:00
Code Issues Packages Projects Releases Wiki Activity

remove test predicate

Browse Source
This commit is contained in:
Alvaro Muñoz
2023-05-17 16:18:46 +02:00
parent 8cd85a5676
commit 7baf244ac6
1 changed files with 2 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
java/ql/lib/semmle/code/java/frameworks/google/GsonSerializability.qll
View File

@@ -39,10 +39,6 @@ private class ExplicitlyReadGsonDeserializableType extends GsonDeserializableTyp
}
}
predicate test(MethodAccess ma) {
ma.getMethod() instanceof GsonReadValueMethod
}
/** A type used in a `GsonDeserializableField` declaration. */
private class FieldReferencedGsonDeserializableType extends GsonDeserializableType {
FieldReferencedGsonDeserializableType() {
@@ -56,7 +52,7 @@ class GsonDeserializableField extends DeserializableField {
GsonDeserializableField() {
exists(GsonDeserializableType superType |
superType = this.getDeclaringType().getAnAncestor() and
not superType instanceof TypeObject and
not superType instanceof TypeObject and
// TODO: if we have the source, can we just track the flow through the backing fields?
//superType.fromSource()
not superType.(RefType).getPackage().getName().matches("java%")
@@ -65,7 +61,5 @@ class GsonDeserializableField extends DeserializableField {
}
private class GsonInheritTaint extends DataFlow::FieldContent, TaintInheritingContent {
GsonInheritTaint() {
this.getField() instanceof GsonDeserializableField
}
GsonInheritTaint() { this.getField() instanceof GsonDeserializableField }
}