hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-21 15:05:56 +02:00
Code Issues Packages Projects Releases Wiki Activity

C#: Re-factor to avoid multiple explicit casts.

Browse Source
This commit is contained in:
Michael Nebel
2023-12-04 12:02:34 +01:00
parent 6807fd1569
commit d160890aca
1 changed files with 10 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
csharp/ql/lib/semmle/code/csharp/security/dataflow/UrlRedirectQuery.qll
View File

@@ -115,17 +115,21 @@ class HttpServerTransferSink extends Sink {
}
}
private predicate isLocalUrlSanitizer(Guard g, Expr e, AbstractValue v) {
(
g.(MethodCall).getTarget().hasName("IsLocalUrl") and
e = g.(MethodCall).getArgument(0)
private predicate isLocalUrlSanitizerMethodCall(MethodCall guard, Expr e, AbstractValue v) {
exists(Method m | m = guard.getTarget() |
m.hasName("IsLocalUrl") and
e = guard.getArgument(0)
or
g.(MethodCall).getTarget().hasName("IsUrlLocalToHost") and
e = g.(MethodCall).getArgument(1)
m.hasName("IsUrlLocalToHost") and
e = guard.getArgument(1)
) and
v.(AbstractValues::BooleanValue).getValue() = true
}
private predicate isLocalUrlSanitizer(Guard g, Expr e, AbstractValue v) {
isLocalUrlSanitizerMethodCall(g, e, v)
}
/**
* A URL argument to a call to `UrlHelper.IsLocalUrl()` or `HttpRequestBase.IsUrlLocalToHost()` that
* is a sanitizer for URL redirects.