hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-26 09:15:12 +02:00
Code Issues Packages Projects Releases Wiki Activity

Refactor SensitiveResultReceiver

Browse Source
This commit is contained in:
Ed Minnix
2023-04-03 14:01:54 -04:00
parent 735a7383c6
commit cd661f1d9f
2 changed files with 23 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
java/ql/src/Security/CWE/CWE-927/SensitiveResultReceiver.ql
View File

@@ -13,9 +13,11 @@
import java
import semmle.code.java.security.SensitiveResultReceiverQuery
import DataFlow::PathGraph
import SensitiveResultReceiverFlow::PathGraph
from DataFlow::PathNode src, DataFlow::PathNode sink, DataFlow::Node recSrc
from
SensitiveResultReceiverFlow::PathNode src, SensitiveResultReceiverFlow::PathNode sink,
DataFlow::Node recSrc
where sensitiveResultReceiver(src, sink, recSrc)
select sink, src, sink, "This $@ is sent to a ResultReceiver obtained from $@.", src,
"sensitive information", recSrc, "this untrusted source"