hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-01 11:45:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

TokenBuiltFromUuid isAdditionalTaintStep refactor

Browse Source
This commit is contained in:
Daniel Santos
2022-10-25 09:51:07 -05:00
parent 375edf7455
commit b8d60edb49
1 changed files with 4 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
python/ql/src/experimental/Security/CWE-340/TokenBuiltFromUUID.ql
View File

@@ -50,11 +50,10 @@ class TokenBuiltFromUuidConfig extends TaintTracking::Configuration {
override predicate isSink(DataFlow::Node sink) { sink instanceof TokenAssignmentValueSink }
override predicate isAdditionalTaintStep(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) {
exists(Call call, Name name |
call.getFunc() = name and
name.getId() = "str" and
nodeFrom = DataFlow::exprNode(call.getArg(0)) and
nodeTo = DataFlow::exprNode(call)
exists(DataFlow::CallCfgNode call |
call = API::builtin("str").getACall() and
nodeFrom = call.getArg(0) and
nodeTo = call
)
}
}