hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-21 14:47:10 +02:00
Code Issues Packages Projects Releases Wiki Activity

Improvements to ExtractSinkCandidatesWithFlow.ql

Browse Source
This commit is contained in:
tiferet
2023-01-03 11:58:55 -08:00
parent 4db0dec82e
commit fd75952c1e
1 changed files with 5 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
java/ql/experimental/adaptivethreatmodeling/src/ExtractSinkCandidatesWithFlow.ql
View File

@@ -18,18 +18,15 @@ private import experimental.adaptivethreatmodeling.SqlInjectionATM as SqlInjecti
private import experimental.adaptivethreatmodeling.TaintedPathATM as TaintedPathAtm
private import experimental.adaptivethreatmodeling.RequestForgeryATM as RequestForgeryAtm
// private import experimental.adaptivethreatmodeling.XssATM as XssAtm
// private import experimental.adaptivethreatmodeling.XssThroughDomATM as XssThroughDomAtm
from DataFlow::PathNode sink, string message
from DataFlow::Node sink, string message
where
// The message is the concatenation of all relevant configs, and we surface only sinks that have at least one relevant
// config.
message =
strictconcat(AtmConfig::AtmConfig config |
config.isSinkCandidateWithFlow(sink)
strictconcat(AtmConfig::AtmConfig config, DataFlow::PathNode sinkPathNode |
config.isSinkCandidateWithFlow(sinkPathNode) and
sinkPathNode.getNode() = sink
|
config.getASinkEndpointType().getDescription(), ", "
order by
config.getASinkEndpointType().getDescription()
)
select sink.getNode(), message
select sink, message