From 06cae621e6605bb07a3781dfe2017a62814c545b Mon Sep 17 00:00:00 2001 From: Alexis Date: Tue, 19 Nov 2024 10:19:40 +0100 Subject: [PATCH] Format query --- java/src/security/Recursion/Recursion.ql | 41 +++++++++++------------- 1 file changed, 19 insertions(+), 22 deletions(-) diff --git a/java/src/security/Recursion/Recursion.ql b/java/src/security/Recursion/Recursion.ql index 931c871..894428e 100644 --- a/java/src/security/Recursion/Recursion.ql +++ b/java/src/security/Recursion/Recursion.ql @@ -23,9 +23,8 @@ class RecursionSource extends MethodCall { RecursionSource() { not isTestPackage(this.getCaller().getDeclaringType()) } override string toString() { - result = this.getCaller().toString() + " clls " + this.getCallee().toString() + result = this.getCaller().toString() + " calls " + this.getCallee().toString() } - } /** @@ -33,12 +32,12 @@ class RecursionSource extends MethodCall { */ class ParameterOperation extends Expr { ParameterOperation() { - this instanceof BinaryExpr or this instanceof UnaryAssignExpr - and exists( - VarAccess va | - va.getVariable() = this.getEnclosingCallable().getAParameter() | - this.getAChildExpr+() = va - ) + this instanceof BinaryExpr + or + this instanceof UnaryAssignExpr and + exists(VarAccess va | va.getVariable() = this.getEnclosingCallable().getAParameter() | + this.getAChildExpr+() = va + ) } } @@ -57,16 +56,14 @@ module RecursiveConfig implements DataFlow::StateConfigSig { } predicate isBarrier(DataFlow::Node node) { - exists(MethodCall ma | - ma = node.asExpr() - and ( - exists(Expr e | e = ma.getAnArgument() and e instanceof ParameterOperation) - // or exists( - // VarAccess e| - // e = ma.getAnArgument() | - // e.getVariable().getAnAssignedValue().getAChildExpr() instanceof ParameterOperation - // ) - ) + exists(MethodCall ma | + ma = node.asExpr() and + exists(Expr e | e = ma.getAnArgument() and e instanceof ParameterOperation) + // or exists( + // VarAccess e| + // e = ma.getAnArgument() | + // e.getVariable().getAnAssignedValue().getAChildExpr() instanceof ParameterOperation + // ) ) } @@ -74,8 +71,9 @@ module RecursiveConfig implements DataFlow::StateConfigSig { * Weird but useful deduplication logic */ predicate isBarrierIn(DataFlow::Node node, FlowState state) { - not node.asExpr() instanceof MethodCall - or node.asExpr().(MethodCall).getCaller().getLocation().getStartLine() > state.getLocation().getStartLine() + not node.asExpr() instanceof MethodCall or + node.asExpr().(MethodCall).getCaller().getLocation().getStartLine() > + state.getLocation().getStartLine() } } @@ -92,5 +90,4 @@ import RecursiveFlow::PathGraph from RecursiveFlow::PathNode source, RecursiveFlow::PathNode sink where RecursiveFlow::flowPath(source, sink) -// TODO(dm): de-duplicate results -select sink.getNode(), source, sink, "Found a recursion: " \ No newline at end of file +select sink.getNode(), source, sink, "Found a recursion: "