hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-26 17:25:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

C#: Exclude fields that are created

Browse Source
This commit is contained in:
Calum Grant
2020-01-21 10:27:48 +00:00
parent 80997a3323
commit 7caae01ad1
2 changed files with 42 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
csharp/ql/src/Security Features/CWE-020/RuntimeChecksBypass.ql
View File

@@ -14,6 +14,7 @@
import semmle.code.csharp.serialization.Serialization
import semmle.code.csharp.controlflow.Guards
import semmle.code.csharp.dataflow.DataFlow
/**
* The result is a write to the field `f`, assigning it the value
@@ -32,7 +33,9 @@ GuardedExpr checkedWrite(Field f, Variable v, IfStmt check) {
Expr uncheckedWrite(Callable callable, Field f) {
result = f.getAnAssignedValue() and
result.getEnclosingCallable() = callable and
not callable.calls*(checkedWrite(f, _, _).getEnclosingCallable())
not callable.calls*(checkedWrite(f, _, _).getEnclosingCallable()) and
// Exclude object creations because they were not deserialized
not exists(ObjectCreation src | DataFlow::localExprFlow(src, result))
}
from BinarySerializableType t, Field f, IfStmt check, Expr write, Expr unsafeWrite