@@ -27,32 +27,29 @@ class Sink extends DataFlow::Node {
2727
2828 Sink ( ) {
2929 exists (
30- AbstractFunctionDecl funcDecl , CallExpr call , string funcName , string paramName , int arg ,
31- int baseUrlArg
30+ MethodDecl funcDecl , CallExpr call , string className , string funcName , string paramName ,
31+ int arg , int baseUrlArg
3232 |
3333 // arguments to method calls...
34- exists ( string className , ClassOrStructDecl c |
35- (
36- // `loadHTMLString`
37- className = [ "UIWebView" , "WKWebView" ] and
38- funcName = "loadHTMLString(_:baseURL:)" and
39- paramName = "string"
40- or
41- // `UIWebView.load`
42- className = "UIWebView" and
43- funcName = "load(_:mimeType:textEncodingName:baseURL:)" and
44- paramName = "data"
45- or
46- // `WKWebView.load`
47- className = "WKWebView" and
48- funcName = "load(_:mimeType:characterEncodingName:baseURL:)" and
49- paramName = "data"
50- ) and
51- c .getName ( ) = className and
52- c .getAMember ( ) = funcDecl and
53- call .getStaticTarget ( ) = funcDecl
34+ (
35+ // `loadHTMLString`
36+ className = [ "UIWebView" , "WKWebView" ] and
37+ funcName = "loadHTMLString(_:baseURL:)" and
38+ paramName = "string"
39+ or
40+ // `UIWebView.load`
41+ className = "UIWebView" and
42+ funcName = "load(_:mimeType:textEncodingName:baseURL:)" and
43+ paramName = "data"
44+ or
45+ // `WKWebView.load`
46+ className = "WKWebView" and
47+ funcName = "load(_:mimeType:characterEncodingName:baseURL:)" and
48+ paramName = "data"
5449 ) and
50+ call .getStaticTarget ( ) = funcDecl and
5551 // match up `funcName`, `paramName`, `arg`, `node`.
52+ funcDecl .hasQualifiedName ( className , funcName ) and
5653 funcDecl .getName ( ) = funcName and
5754 funcDecl .getParam ( pragma [ only_bind_into ] ( arg ) ) .getName ( ) = paramName and
5855 call .getArgument ( pragma [ only_bind_into ] ( arg ) ) .getExpr ( ) = this .asExpr ( ) and
0 commit comments