hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-22 03:36:30 +01:00
Code Issues Packages Projects Releases Wiki Activity

Refactor taintedString.ql test

Browse Source
This commit is contained in:
Ed Minnix
2023-04-03 14:08:06 -04:00
parent cd661f1d9f
commit 88eb0231c1
1 changed files with 7 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
java/ql/test/query-tests/security/CWE-089/semmle/examples/taintedString.ql
View File

@@ -1,16 +1,16 @@
import semmle.code.java.dataflow.FlowSources
class Conf extends TaintTracking::Configuration {
Conf() { this = "qltest:cwe-089:taintedString" }
module Config implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node source) { source instanceof UserInput }
override predicate isSource(DataFlow::Node source) { source instanceof UserInput }
override predicate isSink(DataFlow::Node sink) { any() }
predicate isSink(DataFlow::Node sink) { any() }
}
from Conf conf, Expr tainted, Method method
module Flow = TaintTracking::Global<Config>;
from Expr tainted, Method method
where
conf.hasFlowToExpr(tainted) and
Flow::flowToExpr(tainted) and
tainted.getEnclosingCallable() = method and
tainted.getFile().getStem() = ["Test", "Validation"]
select method, tainted.getLocation().getStartLine() - method.getLocation().getStartLine(), tainted