Skip to content

Commit ff1c6ca

Browse files
committed
Java: Fix join-order.
1 parent e5eef51 commit ff1c6ca

File tree

1 file changed

+2
-5
lines changed

1 file changed

+2
-5
lines changed

java/ql/lib/semmle/code/java/security/Validation.qll

Lines changed: 2 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -2,9 +2,6 @@ import semmle.code.java.Expr
22
import semmle.code.java.dataflow.SSA
33
import semmle.code.java.controlflow.Guards
44

5-
bindingset[result, i]
6-
private int unbindInt(int i) { i <= result and i >= result }
7-
85
/** Holds if the method `method` validates its `arg`-th argument in some way. */
96
predicate validationMethod(Method method, int arg) {
107
// The method examines the contents of the string argument.
@@ -22,8 +19,8 @@ predicate validationMethod(Method method, int arg) {
2219
// The method calls another one that verifies the argument.
2320
exists(Parameter param, MethodAccess call, int recursiveArg |
2421
method.getParameter(arg) = param and
25-
call.getArgument(recursiveArg) = param.getAnAccess() and
26-
validationMethod(call.getMethod(), unbindInt(recursiveArg))
22+
call.getArgument(pragma[only_bind_into](recursiveArg)) = param.getAnAccess() and
23+
validationMethod(pragma[only_bind_into](call.getMethod()), pragma[only_bind_into](recursiveArg))
2724
)
2825
}
2926

0 commit comments

Comments
 (0)