hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity

Restrict param2return value features

Browse Source
This commit is contained in:
Benjamin Muskalla
2021-11-15 09:57:23 +01:00
parent a0b7f267ff
commit cce3780481
2 changed files with 5 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
java/ql/src/utils/model-generator/CaptureSummaryModels.ql
View File

@@ -192,6 +192,10 @@ class ParameterToReturnValueTaintConfig extends TaintTracking::Configuration {
override predicate isAdditionalTaintStep(DataFlow::Node node1, DataFlow::Node node2) {
node2.asExpr().(ConstructorCall).getAnArgument() = node1.asExpr()
}
override DataFlow::FlowFeature getAFeature() {
result instanceof DataFlow::FeatureEqualSourceSinkCallContext
}
}
predicate paramFlowToReturnValueExists(Parameter p) {

2
java/ql/src/utils/model-generator/GenerateFlowModel.py
View File

@@ -80,7 +80,7 @@ def runQuery(infoMessage, query):
__file__), query)
resultBqrs = os.path.join(workDir, "out.bqrs")
cmd = ['codeql', 'query', 'run', queryFile, '--database',
database, '--output', resultBqrs]
database, '--output', resultBqrs, '--threads', '8']
ret = subprocess.call(cmd)
if ret != 0: