hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-21 22:57:11 +02:00
Code Issues Packages Projects Releases Wiki Activity

Bug fixes for things that interfere with using the codex model

Browse Source
This commit is contained in:
tiferet
2022-12-08 12:45:58 -08:00
parent 9a21539fca
commit 9aba7a0bca
1 changed files with 2 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/EndpointScoring.qll
View File

@@ -88,9 +88,7 @@ private float getScoreForSink(DataFlow::Node sink) {
}
class EndpointScoringResults extends ScoringResults {
EndpointScoringResults() {
this = "EndpointScoringResults" and exists(getACompatibleModelChecksum())
}
EndpointScoringResults() { this = "EndpointScoringResults" }
/**
* Get ATM's confidence that a path between `source` and `sink` represents a security
@@ -143,15 +141,7 @@ class EndpointScoringResults extends ScoringResults {
// This restriction on `sink` has no semantic effect but improves performance.
getCfg().isEffectiveSink(sink) and
exists(float sinkScore |
ModelScoring::endpointScores(sink, getCfg().getASinkEndpointType().getEncoding(), sinkScore) and
// Include the endpoint if (a) the query endpoint type scores higher than all other
// endpoint types, or (b) the query endpoint type scores at least
// 0.5 - (getCfg().getScoreCutoff() / 2).
sinkScore >=
[
max(float s | ModelScoring::endpointScores(sink, _, s)),
0.5 - getCfg().getScoreCutoff() / 2
]
ModelScoring::endpointScores(sink, getCfg().getASinkEndpointType().getEncoding(), sinkScore)
)
)
}