File tree Expand file tree Collapse file tree 1 file changed +8
-5
lines changed
cpp/ql/src/Security/CWE/CWE-319 Expand file tree Collapse file tree 1 file changed +8
-5
lines changed Original file line number Diff line number Diff line change @@ -28,6 +28,11 @@ class PrivateHostName extends string {
2828 }
2929}
3030
31+ pragma [ nomagic]
32+ predicate privateHostNameFlowsToExpr ( Expr e ) {
33+ TaintTracking:: localExprTaint ( any ( StringLiteral p | p .getValue ( ) instanceof PrivateHostName ) , e )
34+ }
35+
3136/**
3237 * A string containing an HTTP URL not in a private domain.
3338 */
@@ -38,11 +43,9 @@ class HttpStringLiteral extends StringLiteral {
3843 or
3944 exists ( string tail |
4045 tail = s .regexpCapture ( "http://(.*)" , 1 ) and not tail instanceof PrivateHostName
41- ) and
42- not TaintTracking:: localExprTaint ( any ( StringLiteral p |
43- p .getValue ( ) instanceof PrivateHostName
44- ) , this .getParent * ( ) )
45- )
46+ )
47+ ) and
48+ not privateHostNameFlowsToExpr ( this .getParent * ( ) )
4649 }
4750}
4851
You can’t perform that action at this time.
0 commit comments