forked from github/codeql
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathAvcFlow.qll
More file actions
21 lines (18 loc) · 737 Bytes
/
Copy pathAvcFlow.qll
File metadata and controls
21 lines (18 loc) · 737 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
import semmle.code.cpp.dataflow.new.DataFlow
private import experimental.quantum.OpenSSL.AlgorithmValueConsumers.OpenSSLAlgorithmValueConsumers
/**
* Flows from algorithm values to operations, specific to OpenSsl
*/
module AvcToCallArgConfig implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node source) {
exists(OpenSslAlgorithmValueConsumer c | c.getResultNode() = source)
}
/**
* Trace to any call accepting the algorithm.
* NOTE: users must restrict this set to the operations they are interested in.
*/
predicate isSink(DataFlow::Node sink) {
exists(Call c | c.getAnArgument() = [sink.asIndirectExpr(), sink.asExpr()])
}
}
module AvcToCallArgFlow = DataFlow::Global<AvcToCallArgConfig>;