mirror of
https://github.com/github/codeql.git
synced 2026-04-22 23:35:14 +02:00
feat(rust): Add ModelsAsDataSinks for SQL Injection
This commit is contained in:
@@ -6,6 +6,7 @@
|
||||
|
||||
import rust
|
||||
private import codeql.rust.dataflow.DataFlow
|
||||
private import codeql.rust.dataflow.internal.DataFlowImpl
|
||||
private import codeql.rust.Concepts
|
||||
private import codeql.util.Unit
|
||||
|
||||
@@ -47,4 +48,11 @@ module SqlInjection {
|
||||
class SqlExecutionAsSink extends Sink {
|
||||
SqlExecutionAsSink() { this = any(SqlExecution e).getSql() }
|
||||
}
|
||||
|
||||
/** A sink for sql-injection from model data. */
|
||||
private class ModelsAsDataSinks extends Sink {
|
||||
ModelsAsDataSinks() {
|
||||
sinkNode(this, "sql-injection")
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user