mirror of
https://github.com/github/codeql.git
synced 2025-12-17 01:03:14 +01:00
18 lines
564 B
Plaintext
18 lines
564 B
Plaintext
import csharp
|
|
|
|
class MyConfiguration extends TaintTracking::Configuration {
|
|
MyConfiguration() { this = "MyConfiguration" }
|
|
|
|
override predicate isSource(DataFlow::Node node) {
|
|
node.asExpr().(StringLiteral).getValue() = "tainted"
|
|
}
|
|
|
|
override predicate isSink(DataFlow::Node node) {
|
|
exists(MethodCall mc | mc.getTarget().hasName("Sink") and node.asExpr() = mc.getArgument(0))
|
|
}
|
|
}
|
|
|
|
from MyConfiguration config, DataFlow::Node source, DataFlow::Node sink
|
|
where config.hasFlow(source, sink)
|
|
select sink, "Data flow from $@.", source, source.toString()
|