hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-08 22:48:54 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
e39da7d12003849d9d036396da05aa596d1be8da
codeql/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/evaluation/CodeInjectionATM.ql

29 lines
1.3 KiB
Plaintext
Raw Blame History

/**
* CodeInjectionATM.ql
*
* Version of the boosted Code Injection query with an output relation ready to plug into the evaluation
* pipeline.
*/
import ATM::ResultsInfo
import EndToEndEvaluation as EndToEndEvaluation
import experimental.adaptivethreatmodeling.CodeInjectionATM
from
DataFlow::Configuration cfg, DataFlow::Node source, DataFlow::Node sink, string filePathSink,
int startLineSink, int endLineSink, int startColumnSink, int endColumnSink, string filePathSource,
int startLineSource, int endLineSource, int startColumnSource, int endColumnSource, float score
where
cfg.hasFlow(source, sink) and
not EndToEndEvaluation::isFlowExcluded(source, sink) and
not isFlowLikelyInBaseQuery(source, sink) and
sink.hasLocationInfo(filePathSink, startLineSink, startColumnSink, endLineSink, endColumnSink) and
source
.hasLocationInfo(filePathSource, startLineSource, startColumnSource, endLineSource,
endColumnSource) and
getScoreForFlow(source, sink) = score
select source, startLineSource, startColumnSource, endLineSource, endColumnSource, filePathSource,
sink, startLineSink, startColumnSink, endLineSink, endColumnSink, filePathSink, score order by
score desc, startLineSource, startColumnSource, endLineSource, endColumnSource, filePathSource,
startLineSink, startColumnSink, endLineSink, endColumnSink, filePathSink
Reference in New Issue View Git Blame Copy Permalink