hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-24 10:53:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
4832dc51edfd122cf82eb424b1b8c4e543f63171
codeql/java/ql/lib/semmle/code/java/security/ImproperValidationOfArrayIndexLocalQuery.qll
Ed Minnix f1886320e5 Sync ImproperValidationOfArrayIndexLocalQuery
2023-10-12 09:58:08 -04:00

27 lines
1003 B
Plaintext
Raw Blame History

/** Provides a taint-tracking configuration to reason about improper validation of local user-provided array index. */
import java
private import semmle.code.java.security.internal.ArraySizing
private import semmle.code.java.dataflow.FlowSources
/**
* A taint-tracking configuration to reason about improper validation of local user-provided array index.
*/
module ImproperValidationOfArrayIndexLocalConfig implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node source) { source instanceof LocalUserInput }
predicate isSink(DataFlow::Node sink) {
any(CheckableArrayAccess caa).canThrowOutOfBounds(sink.asExpr())
}
predicate isBarrier(DataFlow::Node node) { node.getType() instanceof BooleanType }
predicate isBarrierIn(DataFlow::Node node) { isSource(node) }
}
/**
* Taint-tracking flow for improper validation of local user-provided array index.
*/
module ImproperValidationOfArrayIndexLocalFlow =
TaintTracking::Global<ImproperValidationOfArrayIndexLocalConfig>;
Reference in New Issue View Git Blame Copy Permalink