hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-25 00:27:09 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add an endpoint filter to filter out flow steps

Browse Source
This commit is contained in:
tiferet
2023-01-26 14:55:45 -08:00
parent ec5425d952
commit db9cec6ea6
1 changed files with 16 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
java/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/EndpointCharacteristics.qll
View File

@@ -487,6 +487,22 @@ private class IsExternalCharacteristic extends StandardEndpointFilterCharacteris
not exists(n.getLocation().getFile().getRelativePath())
}
}
private class IsFlowStep extends StandardEndpointFilterCharacteristic {
IsFlowStep() { this = "flow step" }
override predicate appliesToEndpoint(DataFlow::Node n) {
exists(Call call | n.asExpr() = call.getAnArgument() | isKnownStepSrc(n))
}
/**
* Holds if the node `n` is known as the predecessor in a modeled flow step.
*/
private predicate isKnownStepSrc(DataFlow::Node n) {
any(TaintTracking::Configuration c).isAdditionalFlowStep(n, _) or
TaintTracking::localTaintStep(n, _)
}
}
// class IsArgumentToModeledFunctionCharacteristic extends StandardEndpointFilterCharacteristic {
// IsArgumentToModeledFunctionCharacteristic() { this = "argument to modeled function" }
// override predicate appliesToEndpoint(DataFlow::Node n) {