hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity

Make summaryThroughStepValue include param outputs

Browse Source 
This matches summaryThroughStepTaint.
This commit is contained in:
Owen Mansel-Chan
2024-05-07 13:55:42 +01:00
parent 8198b1a6ef
commit c11fac81fd
1 changed files with 2 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
shared/dataflow/codeql/dataflow/internal/FlowSummaryImpl.qll
View File

@@ -1286,10 +1286,8 @@ module Make<
* be useful to include in the exposed local data-flow/taint-tracking relations.
*/
predicate summaryThroughStepValue(ArgNode arg, Node out, SummarizedCallable sc) {
exists(ReturnKind rk, SummaryNode ret, DataFlowCall call |
summaryLocalStep(summaryArgParam(call, arg, sc), ret, true, _) and
summaryReturnNode(ret, pragma[only_bind_into](rk)) and
out = getAnOutNode(call, pragma[only_bind_into](rk))
exists(SummaryNode ret |
summaryLocalStep(summaryArgParamRetOut(arg, ret, out, sc), ret, true, _)
)
}