hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-27 01:35:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

C#: Use the same types as sanitizers for source and sink model as we use for summary model generation.

Browse Source
This commit is contained in:
Michael Nebel
2024-06-11 09:38:34 +02:00
parent 031e44b157
commit b5d6a6db7e
1 changed files with 9 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
csharp/ql/src/utils/modelgenerator/internal/CaptureModels.qll
View File

@@ -225,6 +225,10 @@ module FromSourceConfig implements DataFlow::ConfigSig {
DataFlow::FlowFeature getAFeature() { result instanceof DataFlow::FeatureHasSinkCallContext }
predicate isBarrier(DataFlow::Node n) {
exists(Type t | t = n.getType() and not isRelevantType(t))
}
predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) {
isRelevantTaintStep(node1, node2)
}
@@ -257,7 +261,11 @@ module PropagateToSinkConfig implements DataFlow::ConfigSig {
predicate isSink(DataFlow::Node sink) { ExternalFlow::sinkNode(sink, _) }
predicate isBarrier(DataFlow::Node node) { sinkModelSanitizer(node) }
predicate isBarrier(DataFlow::Node node) {
exists(Type t | t = node.getType() and not isRelevantType(t))
or
sinkModelSanitizer(node)
}
DataFlow::FlowFeature getAFeature() { result instanceof DataFlow::FeatureHasSourceCallContext }