hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-04 22:56:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #13426 from jketema/inline-3

Browse Source 
Update inline flow tests to use parameterized module
This commit is contained in:
Jeroen Ketema
2023-06-19 17:39:29 +02:00
committed by GitHub
parent 61a3f86f0f 00fe8adc09
commit 9c774ac97f
208 changed files with 2065 additions and 499 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
java/ql/lib/semmle/code/java/security/SensitiveLoggingQuery.qll
View File

@@ -5,7 +5,6 @@ private import semmle.code.java.dataflow.ExternalFlow
import semmle.code.java.dataflow.TaintTracking
import semmle.code.java.security.SensitiveActions
import semmle.code.java.frameworks.android.Compose
import DataFlow
/** A variable that may hold sensitive information, judging by its name. */
class CredentialExpr extends Expr {
@@ -45,7 +44,7 @@ deprecated class SensitiveLoggerConfiguration extends TaintTracking::Configurati
sanitizer.getType() instanceof TypeType
}
override predicate isSanitizerIn(Node node) { this.isSource(node) }
override predicate isSanitizerIn(DataFlow::Node node) { this.isSource(node) }
}
/** A data-flow configuration for identifying potentially-sensitive data flowing to a log output. */
@@ -62,7 +61,7 @@ module SensitiveLoggerConfig implements DataFlow::ConfigSig {
sanitizer.getType() instanceof TypeType
}
predicate isBarrierIn(Node node) { isSource(node) }
predicate isBarrierIn(DataFlow::Node node) { isSource(node) }
}
module SensitiveLoggerFlow = TaintTracking::Global<SensitiveLoggerConfig>;