hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-22 23:49:43 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
b671ef504da698483cd2e9dcccec2bc4e5d75bd3
codeql/java/ql/test/query-tests/security/CWE-089/semmle/examples/taintedString.ql
Anders Schack-Mulligen dd5a8f0c14 Java: Autoformat most queries.
2018-10-11 11:31:37 +02:00

14 lines
517 B
Plaintext
Raw Blame History

import semmle.code.java.dataflow.FlowSources
class Conf extends TaintTracking::Configuration {
Conf() { this = "qltest:cwe-089:taintedString" }
override predicate isSource(DataFlow::Node source) { source instanceof UserInput }
override predicate isSink(DataFlow::Node sink) { any() }
}
from Conf conf, Expr tainted, Method method
where conf.hasFlowToExpr(tainted) and tainted.getEnclosingCallable() = method
select method, tainted.getLocation().getStartLine() - method.getLocation().getStartLine(), tainted
Reference in New Issue View Git Blame Copy Permalink