Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 2ae15f9

Browse files
aschackmullaschackmull
committed
Java: Remove list, map, and StringReplaceMethod flow steps.
1 parent a41c2d8 commit 2ae15f9

1 file changed

Lines changed: 0 additions & 13 deletions

File tree

java/ql/src/semmle/code/java/dataflow/internal/TaintTrackingUtil.qll

Lines changed: 0 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -377,19 +377,6 @@ private predicate taintPreservingQualifierToMethod(Method m) {
377377
or
378378
m = any(ProtobufMessageLite p).getAGetterMethod()
379379
or
380-
m instanceof MapMethod and
381-
(
382-
m.getName().regexpMatch("get|entrySet|keySet|values")
383-
)
384-
or
385-
m.getDeclaringType().getSourceDeclaration().getASourceSupertype*().hasQualifiedName("java.util", "List") and
386-
(
387-
m.getName().regexpMatch("get|toArray|subList|spliterator|set|iterator|listIterator") or
388-
(m.getName().regexpMatch("remove") and not m.getReturnType() instanceof BooleanType)
389-
)
390-
or
391-
m instanceof StringReplaceMethod
392-
or
393380
exists(SpringUntrustedDataType dt |
394381
m.(GetterMethod) = dt.getAMethod()
395382
)

0 commit comments

Comments
 (0)