Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 2b77f7d

Browse files
haby0haby0
committed
Modify isAdditionalTaintStep
1 parent a71757f commit 2b77f7d

1 file changed

Lines changed: 6 additions & 7 deletions

File tree

java/ql/src/experimental/Security/CWE/CWE-094/JShellInjection.ql

Lines changed: 6 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,6 @@
1212

1313
import java
1414
import JShellInjection
15-
import semmle.code.java.dataflow.DataFlow2
1615
import semmle.code.java.dataflow.FlowSources
1716
import DataFlow::PathGraph
1817

@@ -24,12 +23,12 @@ class JShellInjectionConfiguration extends TaintTracking::Configuration {
2423
override predicate isSink(DataFlow::Node sink) { sink instanceof JShellInjectionSink }
2524

2625
override predicate isAdditionalTaintStep(DataFlow::Node pred, DataFlow::Node succ) {
27-
exists(
28-
SourceCodeAnalysisAnalyzeCompletionCall scaacc, CompletionInfoSourceOrRemainingCall cisorc
29-
|
30-
scaacc.getArgument(0) = pred.asExpr() and
31-
cisorc = succ.asExpr() and
32-
DataFlow2::localExprFlow(scaacc, cisorc.getQualifier())
26+
exists(SourceCodeAnalysisAnalyzeCompletionCall scaacc |
27+
scaacc.getArgument(0) = pred.asExpr() and scaacc = succ.asExpr()
28+
)
29+
or
30+
exists(CompletionInfoSourceOrRemainingCall cisorc |
31+
cisorc.getQualifier() = pred.asExpr() and cisorc = succ.asExpr()
3332
)
3433
}
3534
}

0 commit comments

Comments
 (0)