hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-23 10:23:41 +01:00
Code Issues Packages Projects Releases Wiki Activity

Java: Allow flow out of FieldValueNodes for non-static fields

Browse Source
This commit is contained in:
Tony Torralba
2023-07-25 15:37:41 +02:00
parent aedd073dad
commit b8b38e4bbe
1 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
java/ql/lib/semmle/code/java/dataflow/internal/DataFlowPrivate.qll
View File

@@ -33,17 +33,17 @@ OutNode getAnOutNode(DataFlowCall call, ReturnKind kind) {
}
/**
* Holds if data can flow from `node1` to `node2` through a static field.
* Holds if data can flow from `node1` to `node2` through a field.
*/
private predicate staticFieldStep(Node node1, Node node2) {
private predicate fieldStep(Node node1, Node node2) {
exists(Field f |
// Taint fields through assigned values only if they're static
f.isStatic() and
f.getAnAssignedValue() = node1.asExpr() and
node2.(FieldValueNode).getField() = f
)
or
exists(Field f, FieldRead fr |
f.isStatic() and
node1.(FieldValueNode).getField() = f and
fr.getField() = f and
fr = node2.asExpr() and
@@ -72,11 +72,11 @@ private predicate variableCaptureStep(Node node1, ExprNode node2) {
}
/**
* Holds if data can flow from `node1` to `node2` through a static field or
* Holds if data can flow from `node1` to `node2` through a field or
* variable capture.
*/
predicate jumpStep(Node node1, Node node2) {
staticFieldStep(node1, node2)
fieldStep(node1, node2)
or
variableCaptureStep(node1, node2)
or