Add default sanitizers

2026-03-04 14:46:48 +01:00 · 2023-07-31 00:13:34 -04:00
parent b305962c9a
commit d468ea9e90
1 changed files with 4 additions and 1 deletions
--- a/java/ql/lib/semmle/code/java/security/TrustBoundaryViolationQuery.qll
+++ b/java/ql/lib/semmle/code/java/security/TrustBoundaryViolationQuery.qll
@@ -55,7 +55,10 @@ module TrustBoundaryConfig implements DataFlow::ConfigSig {

  predicate isBarrier(DataFlow::Node node) {
    node instanceof TrustBoundaryValidationSanitizer or
-    node.getType() instanceof HttpServletSession
+    node.getType() instanceof HttpServletSession or
+    node.getType() instanceof NumberType or
+    node.getType() instanceof PrimitiveType or
+    node.getType() instanceof BoxedType
  }

  predicate isSink(DataFlow::Node sink) { sink instanceof TrustBoundaryViolationSink }