Drop taint tracking for Arrays.{deepToString,toString}

2026-03-01 05:13:41 +01:00 · 2020-07-07 17:26:49 +02:00
parent 583f7f914e
commit 940fec5669
2 changed files with 1 additions and 3 deletions
--- a/java/ql/src/semmle/code/java/dataflow/internal/ContainerFlow.qll
+++ b/java/ql/src/semmle/code/java/dataflow/internal/ContainerFlow.qll
@@ -183,7 +183,7 @@ private predicate taintPreservingArgumentToMethod(Method method, int arg) {
  or
  method.getDeclaringType().hasQualifiedName("java.util", "Arrays") and
  (
-    method.hasName(["copyOf", "copyOfRange", "deepToString", "spliterator", "stream", "toString"]) and
+    method.hasName(["copyOf", "copyOfRange", "spliterator", "stream"]) and
    arg = 0
  )
 }