mirror of
https://github.com/github/codeql.git
synced 2026-02-16 15:03:41 +01:00
Use flowFrom.
This commit is contained in:
@@ -26,9 +26,7 @@ private module TypeLiteralToParseAsFlowConfig implements DataFlow::ConfigSig {
|
||||
|
||||
private module TypeLiteralToParseAsFlow = DataFlow::Global<TypeLiteralToParseAsFlowConfig>;
|
||||
|
||||
private TypeLiteral getSourceWithFlowToParseAs() {
|
||||
TypeLiteralToParseAsFlow::flow(DataFlow::exprNode(result), _)
|
||||
}
|
||||
private TypeLiteral getSourceWithFlowToParseAs() { TypeLiteralToParseAsFlow::flowFromExpr(result) }
|
||||
|
||||
/** A field that is deserialized by `HttpResponse.parseAs`. */
|
||||
class HttpResponseParseAsDeserializableField extends DeserializableField {
|
||||
|
||||
@@ -110,7 +110,7 @@ private module TypeLiteralToJacksonDatabindFlow =
|
||||
DataFlow::Global<TypeLiteralToJacksonDatabindFlowConfig>;
|
||||
|
||||
private TypeLiteral getSourceWithFlowToJacksonDatabind() {
|
||||
TypeLiteralToJacksonDatabindFlow::flow(DataFlow::exprNode(result), _)
|
||||
TypeLiteralToJacksonDatabindFlow::flowFromExpr(result)
|
||||
}
|
||||
|
||||
/** A type whose values are explicitly deserialized in a call to a Jackson method. */
|
||||
|
||||
@@ -164,7 +164,7 @@ private module RegexFlowConfig implements DataFlow::ConfigSig {
|
||||
private module RegexFlow = DataFlow::Global<RegexFlowConfig>;
|
||||
|
||||
private predicate usedAsRegexImpl(StringLiteral regex, string mode, boolean match_full_string) {
|
||||
RegexFlow::flow(DataFlow::exprNode(regex), _) and
|
||||
RegexFlow::flowFromExpr(regex) and
|
||||
mode = "None" and // TODO: proper mode detection
|
||||
(if matchesFullString(regex) then match_full_string = true else match_full_string = false)
|
||||
}
|
||||
|
||||
@@ -51,7 +51,7 @@ private module VerifiedIntentFlow = DataFlow::Global<VerifiedIntentConfig>;
|
||||
/** An `onReceive` method that doesn't verify the action of the intent it receives. */
|
||||
private class UnverifiedOnReceiveMethod extends OnReceiveMethod {
|
||||
UnverifiedOnReceiveMethod() {
|
||||
not VerifiedIntentFlow::flow(DataFlow::parameterNode(this.getIntentParameter()), _) and
|
||||
not VerifiedIntentFlow::flowFrom(DataFlow::parameterNode(this.getIntentParameter())) and
|
||||
// Empty methods do not need to be verified since they do not perform any actions.
|
||||
this.getBody().getNumStmt() > 0
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user