hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-25 08:45:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Java: Diff-informed SqlTainted.ql

Browse Source
This commit is contained in:
Jonas Jensen
2024-10-05 21:32:25 +02:00
parent 2561cec80c
commit eac1a4c002
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
java/ql/lib/semmle/code/java/security/SqlInjectionQuery.qll
View File

@@ -24,6 +24,8 @@ module QueryInjectionFlowConfig implements DataFlow::ConfigSig {
predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) {
any(AdditionalQueryInjectionTaintStep s).step(node1, node2)
}
predicate observeDiffInformedIncrementalMode() { any() }
}
/** Tracks flow of unvalidated user input that is used in SQL queries. */