-
Notifications
You must be signed in to change notification settings - Fork 2k
Expand file tree
/
Copy pathflow.qll
More file actions
60 lines (43 loc) · 2.06 KB
/
flow.qll
File metadata and controls
60 lines (43 loc) · 2.06 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
import javascript
private import semmle.javascript.dataflow.internal.StepSummary
deprecated import utils.test.LegacyDataFlowDiff
module ValueFlowConfig implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node source) {
source.getEnclosingExpr().getStringValue() = "source"
}
predicate isSink(DataFlow::Node sink) {
any(DataFlow::InvokeNode call | call.getCalleeName() = "sink").getAnArgument() = sink
}
}
module ValueFlow = DataFlow::Global<ValueFlowConfig>;
module TaintConfig implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node source) {
source.getEnclosingExpr().getStringValue() = "source"
}
predicate isSink(DataFlow::Node sink) {
any(DataFlow::InvokeNode call | call.getCalleeName() = "sink").getAnArgument() = sink
}
}
module TaintFlow = TaintTracking::Global<TaintConfig>;
query predicate flow(DataFlow::Node source, DataFlow::Node sink) { ValueFlow::flow(source, sink) }
query predicate exclusiveTaintFlow(DataFlow::Node source, DataFlow::Node sink) {
not ValueFlow::flow(source, sink) and
TaintFlow::flow(source, sink)
}
query predicate typetrack(DataFlow::SourceNode succ, DataFlow::SourceNode pred, StepSummary summary) {
succ = PromiseTypeTracking::promiseStep(pred, summary)
}
deprecated class LegacyValueConfig extends DataFlow::Configuration {
LegacyValueConfig() { this = "LegacyValueConfig" }
override predicate isSource(DataFlow::Node source) { ValueFlowConfig::isSource(source) }
override predicate isSink(DataFlow::Node sink) { ValueFlowConfig::isSink(sink) }
}
deprecated query predicate valueFlowDifference =
DataFlowDiff<ValueFlow, LegacyValueConfig>::legacyDataFlowDifference/3;
deprecated class LegacyTaintConfig extends TaintTracking::Configuration {
LegacyTaintConfig() { this = "LegacyTaintConfig" }
override predicate isSource(DataFlow::Node source) { TaintConfig::isSource(source) }
override predicate isSink(DataFlow::Node sink) { TaintConfig::isSink(sink) }
}
deprecated query predicate taintFlowDifference =
DataFlowDiff<TaintFlow, LegacyTaintConfig>::legacyDataFlowDifference/3;