mirror of
https://github.com/github/codeql.git
synced 2026-02-23 18:33:42 +01:00
Add XMLParser concept
This commit is contained in:
@@ -36,7 +36,7 @@ module XMLParsing {
|
||||
}
|
||||
|
||||
/**
|
||||
* A data-flow node that collects functions setting HTTP Headers' content.
|
||||
* A data-flow node that collects functions parsing XML.
|
||||
*
|
||||
* Extend this class to model new APIs. If you want to refine existing API models,
|
||||
* extend `XMLParsing` instead.
|
||||
@@ -56,3 +56,46 @@ class XMLParsing extends DataFlow::Node {
|
||||
*/
|
||||
predicate mayBeDangerous() { range.mayBeDangerous() }
|
||||
}
|
||||
|
||||
/** Provides classes for modeling XML parsers. */
|
||||
module XMLParser {
|
||||
/**
|
||||
* A data-flow node that collects XML parsers.
|
||||
*
|
||||
* Extend this class to model new APIs. If you want to refine existing API models,
|
||||
* extend `XMLParser` instead.
|
||||
*/
|
||||
abstract class Range extends DataFlow::Node {
|
||||
/**
|
||||
* Gets the argument containing the content to parse.
|
||||
*/
|
||||
abstract DataFlow::Node getAnInput();
|
||||
|
||||
/**
|
||||
* Holds if the parser may be dangerously configured.
|
||||
*/
|
||||
abstract predicate mayBeDangerous();
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* A data-flow node that collects XML parsers.
|
||||
*
|
||||
* Extend this class to model new APIs. If you want to refine existing API models,
|
||||
* extend `XMLParser` instead.
|
||||
*/
|
||||
class XMLParser extends DataFlow::Node {
|
||||
XMLParser::Range range;
|
||||
|
||||
XMLParser() { this = range }
|
||||
|
||||
/**
|
||||
* Gets the argument containing the content to parse.
|
||||
*/
|
||||
DataFlow::Node getAnInput() { result = range.getAnInput() }
|
||||
|
||||
/**
|
||||
* Holds if the parser may be dangerously configured.
|
||||
*/
|
||||
predicate mayBeDangerous() { range.mayBeDangerous() }
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user