hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 19:26:31 +01:00
Code Issues Packages Projects Releases Wiki Activity

Don't require a PathCreation for every tainted-path sink

Browse Source
This commit is contained in:
Chris Smowton
2022-08-02 21:30:06 +01:00
committed by GitHub
parent c95f17fdf2
commit 81f3bcd802
1 changed files with 3 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
java/ql/src/Security/CWE/CWE-022/TaintedPath.ql
View File

@@ -49,9 +49,7 @@ class TaintedPathConfig extends TaintTracking::Configuration {
}
}
from DataFlow::PathNode source, DataFlow::PathNode sink, PathCreation p, TaintedPathConfig conf
where
sink.getNode().asExpr() = p.getAnInput() and
conf.hasFlowPath(source, sink)
select p, source, sink, "$@ flows to here and is used in a path.", source.getNode(),
from DataFlow::PathNode source, DataFlow::PathNode sink, TaintedPathConfig conf
where conf.hasFlowPath(source, sink)
select sink, source, sink, "$@ flows to here and is used in a path.", source.getNode(),
"User-provided value"