Merge pull request #2634 from MathiasVP/overrideable-taint-sources

jbj · web-flow · commit 53e10e4c7fe1 · 2020-01-17T13:01:03.000+01:00
C++: Overrideable taint sources in DefaultTaintTracking
diff --git a/cpp/ql/src/semmle/code/cpp/ir/dataflow/DefaultTaintTracking.qll b/cpp/ql/src/semmle/code/cpp/ir/dataflow/DefaultTaintTracking.qll
@@ -28,6 +28,8 @@ private predicate userInputInstruction(Instruction instr) {
   or
   userInputReturned(instr.getConvertedResultExpression())
   or
+  isUserInput(instr.getConvertedResultExpression(), _)
+  or
   instr.getConvertedResultExpression() instanceof EnvironmentRead
   or
   instr
