Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 3b43577

Browse files
pwntesterpwntester
committed
Remove sanitizing condition which does not prevent
vulnerability.
1 parent 26288ad commit 3b43577

1 file changed

Lines changed: 1 addition & 11 deletions

File tree

java/ql/src/semmle/code/java/frameworks/SnakeYaml.qll

Lines changed: 1 addition & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -7,13 +7,6 @@ import semmle.code.java.dataflow.DataFlow
77
import semmle.code.java.dataflow.DataFlow2
88
import semmle.code.java.dataflow.DataFlow3
99

10-
/**
11-
* The class `org.yaml.snakeyaml.constructor.Constructor`.
12-
*/
13-
class SnakeYamlConstructor extends RefType {
14-
SnakeYamlConstructor() { this.hasQualifiedName("org.yaml.snakeyaml.constructor", "Constructor") }
15-
}
16-
1710
/**
1811
* The class `org.yaml.snakeyaml.constructor.SafeConstructor`.
1912
*/
@@ -24,14 +17,11 @@ class SnakeYamlSafeConstructor extends RefType {
2417
}
2518

2619
/**
27-
* An instance of `SafeConstructor` or a `Constructor` that only allows the type that is passed into its argument.
20+
* An instance of `SafeConstructor`
2821
*/
2922
class SafeSnakeYamlConstruction extends ClassInstanceExpr {
3023
SafeSnakeYamlConstruction() {
3124
this.getConstructedType() instanceof SnakeYamlSafeConstructor
32-
or
33-
this.getConstructedType() instanceof SnakeYamlConstructor and
34-
this.getNumArgument() > 0
3525
}
3626
}
3727

0 commit comments

Comments
 (0)