hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-28 21:03:50 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1802 from aschackmull/java/taint-step-extension-point

Browse Source 
Java: Add a global extension point for taint steps.
This commit is contained in:
yh-semmle
2019-08-30 17:19:58 -04:00
committed by GitHub
parent f54545522e ae98d4fd8e
commit c359675fa9
1 changed files with 22 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
java/ql/src/semmle/code/java/dataflow/internal/TaintTrackingUtil.qll
View File

@@ -48,12 +48,33 @@ predicate localAdditionalTaintStep(DataFlow::Node src, DataFlow::Node sink) {
)
}
private newtype TUnit = TMkUnit()
class Unit extends TUnit {
string toString() { result = "unit" }
}
/**
* A unit class for adding additional taint steps.
*
* Extend this class to add additional taint steps that should apply to all
* taint configurations.
*/
class AdditionalTaintStep extends Unit {
/**
* Holds if the step from `node1` to `node2` should be considered a taint
* step for all configurations.
*/
abstract predicate step(DataFlow::Node node1, DataFlow::Node node2);
}
/**
* Holds if the additional step from `src` to `sink` should be included in all
* global taint flow configurations.
*/
predicate defaultAdditionalTaintStep(DataFlow::Node src, DataFlow::Node sink) {
localAdditionalTaintStep(src, sink)
localAdditionalTaintStep(src, sink) or
any(AdditionalTaintStep a).step(src, sink)
}
/**