hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-25 08:37:20 +02:00
Code Issues Packages Projects Releases Wiki Activity

PS: Implicitly read any element content at sinks when doing taint flow.

Browse Source
This commit is contained in:
Mathias Vorreiter Pedersen
2024-10-14 16:49:48 +01:00
parent 1ec0f53a18
commit a0e17ee37b
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
powershell/ql/lib/semmle/code/powershell/dataflow/internal/TaintTrackingPrivate.qll
View File

@@ -15,7 +15,10 @@ predicate defaultTaintSanitizer(DataFlow::Node node) { none() }
* of `c` at sinks and inputs to additional taint steps.
*/
bindingset[node]
predicate defaultImplicitTaintRead(DataFlow::Node node, DataFlow::ContentSet c) { none() }
predicate defaultImplicitTaintRead(DataFlow::Node node, DataFlow::ContentSet c) {
node instanceof ArgumentNode and
c.isAnyElement()
}
cached
private module Cached {