Skip to content

Commit 93a0da7

Browse files
committed
Fix taint tracking configurations that broke due to interface change
1 parent cd28f09 commit 93a0da7

File tree

4 files changed

+6
-6
lines changed

4 files changed

+6
-6
lines changed

java/ql/lib/semmle/code/java/security/ImplicitPendingIntentsQuery.qll

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -29,7 +29,7 @@ class ImplicitPendingIntentStartConf extends TaintTracking::Configuration {
2929
any(ImplicitPendingIntentAdditionalTaintStep c).step(node1, node2)
3030
}
3131

32-
override predicate isAdditionalFlowStep(
32+
override predicate isAdditionalTaintStep(
3333
DataFlow::Node node1, DataFlow::FlowState state1, DataFlow::Node node2,
3434
DataFlow::FlowState state2
3535
) {

java/ql/src/utils/model-generator/CaptureSummaryModels.ql

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -61,7 +61,7 @@ class ThroughFlowConfig extends TaintTracking::Configuration {
6161
(state instanceof TaintRead or state instanceof TaintStore)
6262
}
6363

64-
override predicate isAdditionalFlowStep(
64+
override predicate isAdditionalTaintStep(
6565
DataFlow::Node node1, DataFlow::FlowState state1, DataFlow::Node node2,
6666
DataFlow::FlowState state2
6767
) {

python/ql/lib/semmle/python/security/dataflow/PathInjection.qll

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -47,7 +47,7 @@ module PathInjection {
4747

4848
override predicate isSanitizer(DataFlow::Node node) { node instanceof Sanitizer }
4949

50-
override predicate isBarrier(DataFlow::Node node, DataFlow::FlowState state) {
50+
override predicate isSanitizer(DataFlow::Node node, DataFlow::FlowState state) {
5151
// Block `NotNormalized` paths here, since they change state to `NormalizedUnchecked`
5252
node instanceof Path::PathNormalization and
5353
state instanceof NotNormalized
@@ -60,7 +60,7 @@ module PathInjection {
6060
guard instanceof SanitizerGuard
6161
}
6262

63-
override predicate isAdditionalFlowStep(
63+
override predicate isAdditionalTaintStep(
6464
DataFlow::Node nodeFrom, DataFlow::FlowState stateFrom, DataFlow::Node nodeTo,
6565
DataFlow::FlowState stateTo
6666
) {

python/ql/src/experimental/semmle/python/security/injection/NoSQLInjection.qll

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -19,13 +19,13 @@ module NoSQLInjection {
1919
state instanceof ConvertedToDict
2020
}
2121

22-
override predicate isBarrier(DataFlow::Node node, DataFlow::FlowState state) {
22+
override predicate isSanitizer(DataFlow::Node node, DataFlow::FlowState state) {
2323
// Block `RemoteInput` paths here, since they change state to `ConvertedToDict`
2424
exists(Decoding decoding | decoding.getFormat() = "JSON" and node = decoding.getOutput()) and
2525
state instanceof RemoteInput
2626
}
2727

28-
override predicate isAdditionalFlowStep(
28+
override predicate isAdditionalTaintStep(
2929
DataFlow::Node nodeFrom, DataFlow::FlowState stateFrom, DataFlow::Node nodeTo,
3030
DataFlow::FlowState stateTo
3131
) {

0 commit comments

Comments
 (0)