Skip to content

discussions Search Results · repo:github/codeql path:docs/codeql "MethodAccess" is:public

Filter by

25 results  (161 ms)

25 results

ingithub/codeql (press backspace or delete to remove)

github/codeql
CodeQl Java to detect flows from some input to a Class member

... - override predicate isSink(DataFlow::Node sink) { exists(MethodAccess call, SetterMethod method , Field field | call.getMethod() = method and sink.asExpr ...

github/codeql
The CodeQL query raises false positive issues when finding a path from a user-invoked public function A to a function B called inside A

... ) { exists(MethodAccess call | sink.asExpr() = call.getAnArgument()) } } from TestTaint config1, DataFlow2::PathNode source1, DataFlow2::PathNode sink1 where config1.hasFlowPath(source1, sink1) select source1, source1, sink1, 123

github/codeql
[RESOLVED] Got result with predicate but not with the whole query

... ) ) ) } from DataFlow::Node node, MethodAccess ma, Method me where isCmdi(node) and node.asExpr() = ma and ma.getMethod() = me select ma.getFile() as file, ma.getEnclosingCallable() as method ...

github/codeql
About codeql query for Apache Commons Text

... predicate isSink(DataFlow::Node sink) { exists(MethodAccess ma | ma.getAnArgument() = sink.asExpr() and ma.getMethod().hasName( eval ) ) } override int explorationLimit() { result = 500 ...

github/codeql
[java] : detecting function within a declared function that has particular name

You can use getEnclosingCallable, e.g. (untested code): predicate test() { exists(MethodAccess equals, Method login | equals.getMethod().hasName( equals ) and login.hasName( login ) and ...

github/codeql
[Java] Why doesn's a method that returns `void` also have a `DataFlow::Node` associated with it?

This query will only return results for MethodAccess with the name render that return some object. predicate testQuery2(MethodAccess ma, Expr qualifier, DataFlow::Node node1) { ma.getMethod ...

github/codeql
[RESOLVED] What does "sink.asExpr() = ma.getArgument(0)" do here?

I found this sink predicate online and it works fine: override predicate isSink(DataFlow::Node sink) { exists(MethodAccess ma | ma.getMethod().getName() = lookup and ma.getMethod ...

github/codeql
[RESOLVED] How do I match the contructor?

... ) { exists(MethodAccess call, Method method | method.hasName( getParameter ) and method.getDeclaringType().getAnAncestor().hasQualifiedName( javax.servlet , ServletRequest ) and ...

github/codeql
[RESOLVED] NVL() equivalent in codeql

I m trying to list all sources, along with it s argument: from DataFlow::Node node, MethodAccess ma, Method me where node instanceof RemoteFlowSource and node.asExpr() = ma and ma.getMethod() = me ...

github/codeql
[RESOLVED] LocalTaint flow from getParameter to File constructor

... ::parameterNode(method.getAParameter()), DataFlow::exprNode(call.getArgument(0))) try TaintTracking::localTaint(DataFlow::exprNode(any(MethodAccess ma | ma.getCallee() = method)), DataFlow::exprNode(call.getArgument(0)))