hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 11:15:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Suggestions from code review

Browse Source
This commit is contained in:
tiferet
2022-11-18 15:57:46 -08:00
parent 4a1382925e
commit 8d22fd25f1
1 changed files with 3 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/EndpointCharacteristics.qll
View File

@@ -552,8 +552,7 @@ private class InIrrelevantFileCharacteristic extends StandardEndpointFilterChara
override predicate getEndpoints(DataFlow::Node n) {
// Ignore candidate sinks within externs, generated, library, and test code
ClassifyFiles::classify(n.getFile(), category) and
this = "in " + category + " file"
ClassifyFiles::classify(n.getFile(), category)
}
}
@@ -575,10 +574,9 @@ private class DatabaseAccessCallHeuristicCharacteristic extends NosqlInjectionSi
DatabaseAccessCallHeuristicCharacteristic() { this = "matches database access call heuristic" }
override predicate getEndpoints(DataFlow::Node n) {
exists(DataFlow::CallNode call | n = call.getAnArgument() |
exists(DataFlow::MethodCallNode call | n = call.getAnArgument() |
// additional databases accesses that aren't modeled yet
call.(DataFlow::MethodCallNode).getMethodName() =
["create", "createCollection", "createIndexes"]
call.getMethodName() = ["create", "createCollection", "createIndexes"]
)
}
}