|
195 | 195 | "", |
196 | 196 | " /** Gets a reference to an instance of `${TM_SELECTED_TEXT}`. */", |
197 | 197 | " DataFlow::Node instance() { instance(DataFlow::TypeTracker::end()).flowsTo(result) }", |
| 198 | + "", |
| 199 | + " /**", |
| 200 | + " * Taint propagation for `${TM_SELECTED_TEXT}`.", |
| 201 | + " */", |
| 202 | + " private class AdditionalTaintStep extends TaintTracking::AdditionalTaintStep {", |
| 203 | + " override predicate step(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) {", |
| 204 | + " // Methods", |
| 205 | + " //", |
| 206 | + " // TODO: When we have tools that make it easy, model these properly to handle", |
| 207 | + " // `meth = obj.meth; meth()`. Until then, we'll use this more syntactic approach", |
| 208 | + " // (since it allows us to at least capture the most common cases).", |
| 209 | + " nodeFrom = instance() and", |
| 210 | + " exists(DataFlow::AttrRead attr | attr.getObject() = nodeFrom |", |
| 211 | + " // normal (non-async) methods", |
| 212 | + " attr.getAttributeName() in [\"TODO\"] and", |
| 213 | + " nodeTo.(DataFlow::CallCfgNode).getFunction() = attr", |
| 214 | + " or", |
| 215 | + " // async methods", |
| 216 | + " exists(Await await, DataFlow::CallCfgNode call |", |
| 217 | + " attr.getAttributeName() in [\"TODO\"] and", |
| 218 | + " call.getFunction() = attr and", |
| 219 | + " await.getValue() = call.asExpr() and", |
| 220 | + " nodeTo.asExpr() = await", |
| 221 | + " )", |
| 222 | + " )", |
| 223 | + " or", |
| 224 | + " // Attributes", |
| 225 | + " nodeFrom = instance() and", |
| 226 | + " nodeTo.(DataFlow::AttrRead).getObject() = nodeFrom and", |
| 227 | + " nodeTo.(DataFlow::AttrRead).getAttributeName() in [\"TODO\"]", |
| 228 | + " }", |
| 229 | + " }", |
198 | 230 | "}", |
199 | 231 | ], |
200 | 232 | "description": "Type tracking class (select full class path before inserting)", |
201 | 233 | }, |
202 | | - |
203 | 234 | "API graph .getMember chain": { |
204 | 235 | "scope": "ql", |
205 | 236 | "prefix": "api graph .getMember chain", |
|
0 commit comments