File tree Expand file tree Collapse file tree 1 file changed +8
-7
lines changed
java/ql/lib/semmle/code/java/security Expand file tree Collapse file tree 1 file changed +8
-7
lines changed Original file line number Diff line number Diff line change @@ -44,10 +44,10 @@ private class DefaultXssSink extends XssSink {
4444 DefaultXssSink ( ) {
4545 sinkNode ( this , [ "html-injection" , "js-injection" ] )
4646 or
47- exists ( MethodCall ma |
48- ma . getMethod ( ) instanceof WritingMethod and
49- XssVulnerableWriterSourceToWritingMethodFlow :: flowToExpr ( ma . getQualifier ( ) ) and
50- this . asExpr ( ) = ma . getArgument ( _ )
47+ exists ( DataFlow :: Node n |
48+ XssVulnerableWriterSourceToWritingMethodFlow :: flowTo ( n ) and
49+ XssVulnerableWriterSourceToWritingMethodFlowSecondaryConfig :: getPrimaryOfSecondaryNode ( _ , n ) =
50+ this
5151 )
5252 }
5353}
@@ -80,9 +80,10 @@ private module XssVulnerableWriterSourceToWritingMethodFlowSecondaryConfig imple
8080 DataFlow:: IsSourceOrSink sourceOrSink , DataFlow:: Node sink
8181 ) {
8282 sourceOrSink instanceof DataFlow:: IsSink and
83- // This code mirrors `DefaultXssSink()`.
84- exists ( MethodCall ma | result .asExpr ( ) = ma .getAnArgument ( ) |
85- sink .asExpr ( ) = ma .getQualifier ( ) and ma .getMethod ( ) instanceof WritingMethod
83+ exists ( MethodCall ma |
84+ XssVulnerableWriterSourceToWritingMethodFlowConfig:: isSink ( sink ) and
85+ sink .asExpr ( ) = ma .getQualifier ( ) and
86+ result .asExpr ( ) = ma .getAnArgument ( )
8687 )
8788 }
8889}
You can’t perform that action at this time.
0 commit comments