mirror of
https://github.com/github/codeql.git
synced 2026-03-06 07:36:47 +01:00
db0b4fc463
Tests are currently still internal. They will be migrated to `github/codeql` in a subsequent PR.
29 lines
1.3 KiB
Plaintext
29 lines
1.3 KiB
Plaintext
/**
|
|
* TaintedPathATM.ql
|
|
*
|
|
* Version of the boosted path injection query with an output relation ready to plug into the
|
|
* evaluation pipeline.
|
|
*/
|
|
|
|
import ATM::ResultsInfo
|
|
import EndToEndEvaluation as EndToEndEvaluation
|
|
import experimental.adaptivethreatmodeling.TaintedPathATM
|
|
|
|
from
|
|
DataFlow::Configuration cfg, DataFlow::Node source, DataFlow::Node sink, string filePathSink,
|
|
int startLineSink, int endLineSink, int startColumnSink, int endColumnSink, string filePathSource,
|
|
int startLineSource, int endLineSource, int startColumnSource, int endColumnSource, float score
|
|
where
|
|
cfg.hasFlow(source, sink) and
|
|
not EndToEndEvaluation::isFlowExcluded(source, sink) and
|
|
not isFlowLikelyInBaseQuery(source, sink) and
|
|
sink.hasLocationInfo(filePathSink, startLineSink, startColumnSink, endLineSink, endColumnSink) and
|
|
source
|
|
.hasLocationInfo(filePathSource, startLineSource, startColumnSource, endLineSource,
|
|
endColumnSource) and
|
|
getScoreForFlow(source, sink) = score
|
|
select source, startLineSource, startColumnSource, endLineSource, endColumnSource, filePathSource,
|
|
sink, startLineSink, startColumnSink, endLineSink, endColumnSink, filePathSink, score order by
|
|
score desc, startLineSource, startColumnSource, endLineSource, endColumnSource, filePathSource,
|
|
startLineSink, startColumnSink, endLineSink, endColumnSink, filePathSink
|