File tree Expand file tree Collapse file tree 1 file changed +8
-1
lines changed
java/ql/src/Security/CWE/CWE-319 Expand file tree Collapse file tree 1 file changed +8
-1
lines changed Original file line number Diff line number Diff line change @@ -36,7 +36,7 @@ class HTTPStringToURLOpenMethodFlowConfig extends TaintTracking::Configuration {
3636
3737 override predicate isSource ( DataFlow:: Node src ) { src .asExpr ( ) instanceof HTTPString }
3838
39- override predicate isSink ( DataFlow:: Node sink ) { sinkNode ( sink , "open-url" ) }
39+ override predicate isSink ( DataFlow:: Node sink ) { sink instanceof URLOpenSink }
4040
4141 override predicate isAdditionalTaintStep ( DataFlow:: Node node1 , DataFlow:: Node node2 ) {
4242 exists ( UrlConstructorCall u |
@@ -50,6 +50,13 @@ class HTTPStringToURLOpenMethodFlowConfig extends TaintTracking::Configuration {
5050 }
5151}
5252
53+ /**
54+ * A sink that represents a URL opening method call, such as a call to `java.net.URL.openConnection()`.
55+ */
56+ private class URLOpenSink extends DataFlow:: Node {
57+ URLOpenSink ( ) { sinkNode ( this , "open-url" ) }
58+ }
59+
5360from DataFlow:: PathNode source , DataFlow:: PathNode sink , MethodAccess m , HTTPString s
5461where
5562 source .getNode ( ) .asExpr ( ) = s and
You can’t perform that action at this time.
0 commit comments