mirror of
https://github.com/github/codeql.git
synced 2025-12-16 16:53:25 +01:00
20 lines
706 B
Plaintext
20 lines
706 B
Plaintext
import semmle.code.cpp.dataflow.new.DataFlow
|
|
private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.OpenSSLAlgorithmValueConsumers
|
|
|
|
/**
|
|
* Flows from algorithm values to operations, specific to OpenSsl
|
|
*/
|
|
module AvcToCallArgConfig implements DataFlow::ConfigSig {
|
|
predicate isSource(DataFlow::Node source) {
|
|
exists(OpenSslAlgorithmValueConsumer c | c.getResultNode() = source)
|
|
}
|
|
|
|
/**
|
|
* Trace to any call accepting the algorithm.
|
|
* NOTE: users must restrict this set to the operations they are interested in.
|
|
*/
|
|
predicate isSink(DataFlow::Node sink) { exists(Call c | c.getAnArgument() = sink.asExpr()) }
|
|
}
|
|
|
|
module AvcToCallArgFlow = DataFlow::Global<AvcToCallArgConfig>;
|