@@ -62,6 +62,26 @@ module TaintTracking {
6262 */
6363 predicate isSanitizer ( DataFlow:: Node node ) { none ( ) }
6464
65+ /**
66+ * Holds if flow into `node` is prohibited.
67+ */
68+ predicate isSanitizerIn ( DataFlow:: Node node ) { none ( ) }
69+
70+ /**
71+ * Holds if flow out `node` is prohibited.
72+ */
73+ predicate isSanitizerOut ( DataFlow:: Node node ) { none ( ) }
74+
75+ /**
76+ * Holds if flow into `node` is prohibited for the flow label `lbl`.
77+ */
78+ predicate isSanitizerIn ( DataFlow:: Node node , DataFlow:: FlowLabel lbl ) { none ( ) }
79+
80+ /**
81+ * Holds if flow out `node` is prohibited for the flow label `lbl`.
82+ */
83+ predicate isSanitizerOut ( DataFlow:: Node node , DataFlow:: FlowLabel lbl ) { none ( ) }
84+
6585 /** Holds if the edge from `pred` to `succ` is a taint sanitizer. */
6686 predicate isSanitizerEdge ( DataFlow:: Node pred , DataFlow:: Node succ ) { none ( ) }
6787
@@ -108,6 +128,22 @@ module TaintTracking {
108128 this .isSanitizerEdge ( source , sink ) and lbl .isTaint ( )
109129 }
110130
131+ final override predicate isBarrierIn ( DataFlow:: Node node ) { none ( ) }
132+
133+ final override predicate isBarrierOut ( DataFlow:: Node node ) { none ( ) }
134+
135+ final override predicate isBarrierIn ( DataFlow:: Node node , DataFlow:: FlowLabel lbl ) {
136+ this .isSanitizerIn ( node , lbl )
137+ or
138+ this .isSanitizerIn ( node ) and lbl .isTaint ( )
139+ }
140+
141+ final override predicate isBarrierOut ( DataFlow:: Node node , DataFlow:: FlowLabel lbl ) {
142+ this .isSanitizerOut ( node , lbl )
143+ or
144+ this .isSanitizerOut ( node ) and lbl .isTaint ( )
145+ }
146+
111147 final override predicate isBarrierGuard ( DataFlow:: BarrierGuardNode guard ) {
112148 super .isBarrierGuard ( guard ) or
113149 guard .( AdditionalSanitizerGuardNode ) .appliesTo ( this ) or
0 commit comments