hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 11:15:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Move private helper method out of module

Browse Source
This commit is contained in:
Ed Minnix
2023-03-28 23:48:31 -04:00
parent a119b99f92
commit d24c5071d8
1 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
java/ql/lib/semmle/code/java/frameworks/SnakeYaml.qll
View File

@@ -28,16 +28,16 @@ class Yaml extends RefType {
Yaml() { this.getAnAncestor().hasQualifiedName("org.yaml.snakeyaml", "Yaml") }
}
private DataFlow::ExprNode yamlClassInstanceExprArgument(ClassInstanceExpr cie) {
cie.getConstructedType() instanceof Yaml and
result.getExpr() = cie.getArgument(0)
}
private module SafeYamlConstructionFlowConfig implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node src) { src.asExpr() instanceof SafeSnakeYamlConstruction }
predicate isSink(DataFlow::Node sink) { sink = yamlClassInstanceExprArgument(_) }
additional DataFlow::ExprNode yamlClassInstanceExprArgument(ClassInstanceExpr cie) {
cie.getConstructedType() instanceof Yaml and
result.getExpr() = cie.getArgument(0)
}
additional ClassInstanceExpr getSafeYaml() {
SafeYamlConstructionFlow::flowTo(yamlClassInstanceExprArgument(result))
}