File tree Expand file tree Collapse file tree 1 file changed +7
-1
lines changed
cpp/ql/src/Security/CWE/CWE-319 Expand file tree Collapse file tree 1 file changed +7
-1
lines changed Original file line number Diff line number Diff line change @@ -51,9 +51,15 @@ class HttpStringLiteral extends StringLiteral {
5151class HttpStringToUrlOpenConfig extends TaintTracking:: Configuration {
5252 HttpStringToUrlOpenConfig ( ) { this = "HttpStringToUrlOpenConfig" }
5353
54- override predicate isSource ( DataFlow:: Node src ) { src .asExpr ( ) instanceof HttpStringLiteral }
54+ override predicate isSource ( DataFlow:: Node src ) {
55+ // Sources are strings containing an HTTP URL not in a private domain.
56+ src .asExpr ( ) instanceof HttpStringLiteral
57+ }
5558
5659 override predicate isSink ( DataFlow:: Node sink ) {
60+ // Sinks can be anything that demonstrates the string is likely to be
61+ // accessed as a URL, for example using it in a network access. Some
62+ // URLs are only ever displayed or used for data processing.
5763 exists ( FunctionCall fc |
5864 fc .getTarget ( ) .hasGlobalOrStdName ( [ "system" , "gethostbyname" , "getaddrinfo" ] ) and
5965 sink .asExpr ( ) = fc .getArgument ( 0 )
You can’t perform that action at this time.
0 commit comments