hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-22 07:15:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add the SimpleScalarSanitizer class

Browse Source 
The `SimpleScalarSanitizer` class represents common scalar types which
cannot realistically carry taint (e.g. primitives/numbers, and
eventually UUIDs and Dates)
This commit is contained in:
Ed Minnix
2024-01-09 12:07:30 -05:00
parent 24b37ffd36
commit 7f7c49d6ce
1 changed files with 15 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
java/ql/lib/semmle/code/java/security/dataflow/CommonSanitizers.qll Normal file
View File

@@ -0,0 +1,15 @@
/** Classes to represent sanitizers commonly used in dataflow and taint tracking configurations. */
import java
import semmle.code.java.dataflow.DataFlow
/**
* A node whose type is a common scalar type, such as primitives or their boxed counterparts.
*/
class SimpleScalarSanitizer extends DataFlow::Node {
SimpleScalarSanitizer() {
this.getType() instanceof PrimitiveType or
this.getType() instanceof BoxedType or
this.getType() instanceof NumberType
}
}