Java: update path-injection query to use new 'read-file' sink kind

2026-04-30 03:05:15 +02:00 · 2023-02-11 17:10:58 -05:00
parent c87c3e30c7
commit ce1c814daa
1 changed files with 1 additions and 1 deletions
--- a/java/ql/src/Security/CWE/CWE-022/TaintedPath.ql
+++ b/java/ql/src/Security/CWE/CWE-022/TaintedPath.ql
@@ -29,7 +29,7 @@ class TaintedPathConfig extends TaintTracking::Configuration {
  override predicate isSink(DataFlow::Node sink) {
    sink.asExpr() = any(PathCreation p).getAnInput()
    or
-    sinkNode(sink, "create-file")
+    sinkNode(sink, ["create-file", "read-file"])
  }

  override predicate isSanitizer(DataFlow::Node sanitizer) {