hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-06 14:07:06 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
7524d70e5d5d8d07d57700e6bea390ba201a2778
codeql/javascript/ql/lib/semmle/javascript/security/dataflow/InsecureTemporaryFileQuery.qll
Erik Krogh Kristensen 2433eafef2 add query for detecting insecure temprary files
2022-01-18 14:54:56 +01:00

28 lines
878 B
Plaintext
Raw Blame History

/**
* Provides a taint tracking configuration for reasoning about insecure temporary
* file creation.
*
* Note, for performance reasons: only import this file if
* `InsecureTemporaryFile::Configuration` is needed, otherwise
* `InsecureTemporaryFileCustomizations` should be imported instead.
*/
import javascript
import InsecureTemporaryFileCustomizations::InsecureTemporaryFile
/**
* A taint-tracking configuration for reasoning about insecure temporary file creation.
*/
class Configuration extends TaintTracking::Configuration {
Configuration() { this = "InsecureTemporaryFile" }
override predicate isSource(DataFlow::Node source) { source instanceof Source }
override predicate isSink(DataFlow::Node sink) { sink instanceof Sink }
override predicate isSanitizer(DataFlow::Node node) {
super.isSanitizer(node) or
node instanceof Sanitizer
}
}
Reference in New Issue View Git Blame Copy Permalink