File tree Expand file tree Collapse file tree 1 file changed +6
-2
lines changed
java/ql/lib/semmle/code/java/security Expand file tree Collapse file tree 1 file changed +6
-2
lines changed Original file line number Diff line number Diff line change @@ -117,16 +117,20 @@ module NumericCastLocalFlowConfig implements DataFlow::ConfigSig {
117117 predicate isSource ( DataFlow:: Node src ) { src instanceof LocalUserInput }
118118
119119 predicate isSink ( DataFlow:: Node sink ) {
120- sink .asExpr ( ) = any ( NumericNarrowingCastExpr cast ) .getExpr ( )
120+ sink .asExpr ( ) = any ( NumericNarrowingCastExpr cast ) .getExpr ( ) and
121+ sink .asExpr ( ) instanceof VarAccess
121122 }
122123
123124 predicate isBarrier ( DataFlow:: Node node ) {
124125 boundedRead ( node .asExpr ( ) ) or
125126 castCheck ( node .asExpr ( ) ) or
126127 node .getType ( ) instanceof SmallType or
127128 smallExpr ( node .asExpr ( ) ) or
128- node .getEnclosingCallable ( ) instanceof HashCodeMethod
129+ node .getEnclosingCallable ( ) instanceof HashCodeMethod or
130+ exists ( RightShiftOp e | e .getShiftedVariable ( ) .getAnAccess ( ) = node .asExpr ( ) )
129131 }
132+
133+ predicate isBarrierIn ( DataFlow:: Node node ) { isSource ( node ) }
130134}
131135
132136/**
You can’t perform that action at this time.
0 commit comments