hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-22 23:35:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Rust: Abstractions then implementations.

Browse Source
This commit is contained in:
Geoffrey White
2025-04-04 18:33:27 +01:00
parent 47ee6c6b81
commit ff78c45e50
1 changed files with 11 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
rust/ql/lib/codeql/rust/security/regex/RegexInjectionExtensions.qll
View File

@@ -32,6 +32,17 @@ module RegexInjection {
*/
abstract class Barrier extends DataFlow::Node { }
/**
* A unit class for adding additional flow steps.
*/
class AdditionalFlowStep extends Unit {
/**
* Holds if the step from `node1` to `node2` should be considered a flow
* step for paths related to regular expression injection vulnerabilities.
*/
abstract predicate step(DataFlow::Node node1, DataFlow::Node node2);
}
/**
* An active threat-model source, considered as a flow source.
*/
@@ -59,17 +70,6 @@ module RegexInjection {
ModelsAsDataSink() { sinkNode(this, "regex-use") }
}
/**
* A unit class for adding additional flow steps.
*/
class AdditionalFlowStep extends Unit {
/**
* Holds if the step from `node1` to `node2` should be considered a flow
* step for paths related to regular expression injection vulnerabilities.
*/
abstract predicate step(DataFlow::Node node1, DataFlow::Node node2);
}
/**
* An escape barrier for regular expression injection vulnerabilities.
*/