hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-11 18:14:01 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
b2434950d3b3db7f359c37219526486302012bd1
codeql/ql/lib/codeql/ruby/security/UnsafeDeserializationQuery.qll
Nick Rolfe 9b9fc18605 Add taint step for Base64.decode64
2021-09-08 17:49:23 +01:00

35 lines
1.1 KiB
Plaintext
Raw Blame History

/**
* Provides a taint-tracking configuration for reasoning about unsafe deserialization.
*
* Note, for performance reasons: only import this file if
* `UnsafeDeserialization::Configuration` is needed, otherwise
* `UnsafeDeserializationCustomizations` should be imported instead.
*/
private import ruby
private import codeql.ruby.DataFlow
private import codeql.ruby.TaintTracking
import UnsafeDeserializationCustomizations
/**
* A taint-tracking configuration for reasoning about unsafe deserialization.
*/
class Configuration extends TaintTracking::Configuration {
Configuration() { this = "UnsafeDeserialization" }
override predicate isSource(DataFlow::Node source) {
source instanceof UnsafeDeserialization::Source
}
override predicate isSink(DataFlow::Node sink) { sink instanceof UnsafeDeserialization::Sink }
override predicate isSanitizer(DataFlow::Node node) {
super.isSanitizer(node) or
node instanceof UnsafeDeserialization::Sanitizer
}
override predicate isAdditionalTaintStep(DataFlow::Node fromNode, DataFlow::Node toNode) {
UnsafeDeserialization::isAdditionalTaintStep(fromNode, toNode)
}
}
Reference in New Issue View Git Blame Copy Permalink