hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-27 01:35:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Kotlin: Track Kotlin's Array.set when tracking taint

Browse Source
This commit is contained in:
Ian Lynagh
2023-12-05 14:41:00 +00:00
parent 124487c57c
commit babf1d6648
1 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
java/ql/lib/semmle/code/java/dataflow/internal/ContainerFlow.qll
View File

@@ -450,6 +450,14 @@ predicate arrayStoreStep(Node node1, Node node2) {
exists(Assignment assign | assign.getSource() = node1.asExpr() |
node2.(PostUpdateNode).getPreUpdateNode().asExpr() = assign.getDest().(ArrayAccess).getArray()
)
or
exists(Expr arr, Call call |
arr = node2.asExpr() and
call.getArgument(1) = node1.asExpr() and
call.getQualifier() = arr and
arr.getType() instanceof ArrayType and
call.getCallee().getName() = "set"
)
}
private predicate enhancedForStmtStep(Node node1, Node node2, Type containerType) {