hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-28 18:25:24 +02:00
Code Issues Packages Projects Releases Wiki Activity

Apply suggestions from code review

Browse Source 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
This commit is contained in:
Tony Torralba
2021-08-03 09:46:32 +02:00
committed by GitHub
parent 3248f458a5
commit 8852f69d36
1 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
java/ql/src/semmle/code/java/security/GroovyInjection.qll
View File

@@ -1,8 +1,8 @@
/** Provides classes to reason about Groovy code injection attacks. */
import semmle.code.java.dataflow.DataFlow
import semmle.code.java.dataflow.ExternalFlow
import semmle.code.java.frameworks.Networking
private import semmle.code.java.dataflow.DataFlow
private import semmle.code.java.dataflow.ExternalFlow
private import semmle.code.java.frameworks.Networking
/** A data flow sink for Groovy expression injection vulnerabilities. */
abstract class GroovyInjectionSink extends DataFlow::ExprNode { }
@@ -98,7 +98,7 @@ private predicate groovyCompilationUnitTaintStep(DataFlow::Node fromNode, DataFl
m.getDeclaringType() instanceof TypeGroovyCompilationUnit
|
fromNode.asExpr() = ma.getArgument(ma.getNumArgument() - 1) and
toNode.asExpr() = ma.getQualifier()
toNode.(PostUpdateNode).getPreUpdateNode().asExpr() = ma.getQualifier()
)
}
@@ -136,7 +136,7 @@ private predicate groovySourceUnitTaintStep(DataFlow::Node fromNode, DataFlow::N
/**
* Holds if `fromNode` to `toNode` is a dataflow step from a tainted object to
* a `ReaderSource` instance by calling `new *ReaderSource(tainted, ...)`
* a `ReaderSource` instance by calling `new ReaderSource(tainted, ...)`.
*/
private predicate groovyReaderSourceTaintStep(DataFlow::Node fromNode, DataFlow::Node toNode) {
exists(ClassInstanceExpr cie | cie.getConstructedType() instanceof TypeReaderSource |