hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-29 02:35:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Update java/ql/lib/semmle/code/java/dataflow/internal/TaintTrackingUtil.qll

Browse Source 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
This commit is contained in:
Tony Torralba
2021-12-09 09:51:04 +01:00
parent a3b25f0eb5
commit e2022f467c
1 changed files with 7 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
java/ql/lib/semmle/code/java/dataflow/internal/TaintTrackingUtil.qll
View File

@@ -596,12 +596,13 @@ private MethodAccess callReturningSameType(Expr ref) {
}
private SrcRefType entrypointType() {
result =
pragma[only_bind_out](any(RemoteFlowSource s | s instanceof DataFlow::ExplicitParameterNode))
.getType()
.(RefType)
.getASubtype*()
.getSourceDeclaration() or
exists(RemoteFlowSource s, RefType t |
s instanceof DataFlow::ExplicitParameterNode and
t = pragma[only_bind_out](s).getType() and
not t instanceof TypeObject and
result = t.getASubtype*().getSourceDeclaration()
)
or
result = entrypointType().getAField().getType().(RefType).getSourceDeclaration()
}