File tree Expand file tree Collapse file tree 1 file changed +13
-1
lines changed
java/ql/lib/semmle/code/java/security Expand file tree Collapse file tree 1 file changed +13
-1
lines changed Original file line number Diff line number Diff line change @@ -17,6 +17,14 @@ class CredentialExpr extends Expr {
17
17
}
18
18
}
19
19
20
+ /** An instantiation of a (reflexive, transitive) subtype of `java.lang.reflect.Type`. */
21
+ private class TypeType extends RefType {
22
+ pragma [ nomagic]
23
+ TypeType ( ) {
24
+ this .getSourceDeclaration ( ) .getASourceSupertype * ( ) .hasQualifiedName ( "java.lang.reflect" , "Type" )
25
+ }
26
+ }
27
+
20
28
/** A data-flow configuration for identifying potentially-sensitive data flowing to a log output. */
21
29
class SensitiveLoggerConfiguration extends TaintTracking:: Configuration {
22
30
SensitiveLoggerConfiguration ( ) { this = "SensitiveLoggerConfiguration" }
@@ -26,7 +34,11 @@ class SensitiveLoggerConfiguration extends TaintTracking::Configuration {
26
34
override predicate isSink ( DataFlow:: Node sink ) { sinkNode ( sink , "logging" ) }
27
35
28
36
override predicate isSanitizer ( DataFlow:: Node sanitizer ) {
29
- sanitizer .asExpr ( ) instanceof LiveLiteral
37
+ sanitizer .asExpr ( ) instanceof LiveLiteral or
38
+ sanitizer .getType ( ) instanceof PrimitiveType or
39
+ sanitizer .getType ( ) instanceof BoxedType or
40
+ sanitizer .getType ( ) instanceof NumberType or
41
+ sanitizer .getType ( ) instanceof TypeType
30
42
}
31
43
32
44
override predicate isSanitizerIn ( Node node ) { isSource ( node ) }
You can’t perform that action at this time.
0 commit comments