hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-28 10:15:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add test for a pattern-switch guard acting as a data-flow guard

Browse Source
This commit is contained in:
Chris Smowton
2023-11-01 09:58:39 +00:00
parent 144218e2f7
commit 8406ee7ed5
2 changed files with 15 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
java/ql/test/library-tests/pattern-switch/dfg/test.expected
View File

@@ -1,3 +1,4 @@
| GuardTest.java:6:27:6:34 | o | GuardTest.java:11:14:11:14 | s |
| Test.java:11:23:11:25 | "A" | Test.java:15:14:15:20 | get(...) |
| Test.java:11:23:11:25 | "A" | Test.java:25:24:25:30 | get(...) |
| Test.java:11:23:11:25 | "A" | Test.java:32:20:32:26 | get(...) |

15
java/ql/test/library-tests/pattern-switch/dfg/test.ql
View File

@@ -1,11 +1,24 @@
import java
import semmle.code.java.controlflow.Guards
import semmle.code.java.dataflow.DataFlow
private predicate isSafe(Guard g, Expr checked, boolean branch) {
exists(MethodCall mc | g = mc |
mc.getMethod().hasName("isSafe") and
checked = mc.getAnArgument() and
branch = true
)
}
module TestConfig implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node source) { source.asExpr() instanceof StringLiteral }
predicate isSource(DataFlow::Node source) { source.asExpr() instanceof StringLiteral or source.asParameter().getCallable().hasName("test") }
predicate isSink(DataFlow::Node sink) { sink.asExpr() = any(MethodCall mc | mc.getMethod().getName() = "sink").getAnArgument() }
predicate isBarrier(DataFlow::Node node) {
node = DataFlow::BarrierGuard<isSafe/3>::getABarrierNode()
}
}
module Flow = DataFlow::Global<TestConfig>;