hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-28 02:05:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

C#: Disable field flow for cs/inappropriate-encoding

Browse Source
This commit is contained in:
Tom Hvitved
2019-08-20 13:59:46 +02:00
parent 14378ee41a
commit 80e91cceb1
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
csharp/ql/src/Security Features/CWE-838/InappropriateEncoding.ql
View File

@@ -62,6 +62,8 @@ abstract class RequiresEncodingConfiguration extends TaintTracking2::Configurati
override predicate isSink(Node sink) { this.requiresEncoding(sink) }
override predicate isSanitizer(Node sanitizer) { this.isPossibleEncodedValue(sanitizer.asExpr()) }
override int fieldFlowBranchLimit() { result = 0 }
}
/** An encoded value, for example a call to `HttpServerUtility.HtmlEncode`. */