mirror of
https://github.com/github/codeql.git
synced 2025-12-23 20:26:32 +01:00
19 lines
581 B
Plaintext
19 lines
581 B
Plaintext
import javascript
|
|
|
|
class ArrayTaintFlowConfig extends TaintTracking::Configuration {
|
|
ArrayTaintFlowConfig() { this = "ArrayTaintFlowConfig" }
|
|
|
|
override predicate isSource(DataFlow::Node source) {
|
|
source.asExpr().getStringValue() = "source" or
|
|
source.(DataFlow::CallNode).getCalleeName() = "source"
|
|
}
|
|
|
|
override predicate isSink(DataFlow::Node sink) {
|
|
sink = any(DataFlow::CallNode call | call.getCalleeName() = "sink").getAnArgument()
|
|
}
|
|
}
|
|
|
|
from ArrayTaintFlowConfig config, DataFlow::Node src, DataFlow::Node snk
|
|
where config.hasFlow(src, snk)
|
|
select src, snk
|