Rust: Abstractions then implementations.

This commit is contained in:
Geoffrey White
2025-04-04 18:33:27 +01:00
parent 47ee6c6b81
commit ff78c45e50

View File

@@ -32,6 +32,17 @@ module RegexInjection {
*/
abstract class Barrier extends DataFlow::Node { }
/**
* A unit class for adding additional flow steps.
*/
class AdditionalFlowStep extends Unit {
/**
* Holds if the step from `node1` to `node2` should be considered a flow
* step for paths related to regular expression injection vulnerabilities.
*/
abstract predicate step(DataFlow::Node node1, DataFlow::Node node2);
}
/**
* An active threat-model source, considered as a flow source.
*/
@@ -59,17 +70,6 @@ module RegexInjection {
ModelsAsDataSink() { sinkNode(this, "regex-use") }
}
/**
* A unit class for adding additional flow steps.
*/
class AdditionalFlowStep extends Unit {
/**
* Holds if the step from `node1` to `node2` should be considered a flow
* step for paths related to regular expression injection vulnerabilities.
*/
abstract predicate step(DataFlow::Node node1, DataFlow::Node node2);
}
/**
* An escape barrier for regular expression injection vulnerabilities.
*/