pullrequests Search Results · repo:github/codeql path:docs/codeql "ClassInstanceExpr"
Filter by
14 results (144 ms)
14 results
ingithub/codeql (press backspace or delete to remove)Quick question: since ClassInstanceExpr is a subclass of ConstructorCall, we only have to make these things barriers
because we included them in isAdditionalFlowStep, right? If so, I think it would be slightly simpler to exclude them
from isAdditionalFlowStep instead.
documentation
Java
joefarebrother
The type arguments which these predicates have as result are for the type of the created instance.
Previously the documentation said provided to the constructor , which is misleading / incorrect. Type ...
Java
no-change-note-required
Marcono1234
Relates to #14277
MemberRefExpr inherits predicates such as getQualifier() from ClassInstanceExpr. However, these are often not useful
because they apply to the synthetic anonymous class instead of ...
documentation
Java
Let s preempt potential performance issues with spurious joins on position:
exists(ClassInstanceExpr cc, Argument a, AssignExpr ae, int pos |
cc.getConstructedType().getASourceSupertype ...
documentation
Java
atorralba
@tamasvajk the isAnonymClass relation is supposed to be a bijection, meaning a one-to-one ClassInstanceExpr -
AnonymousType relationship. If we extract the default value in both the $default function ...
Kotlin
smowton
... example use-site per library (probably flagging an import statement not a
ClassInstanceExpr), we can avoid excessive noise and produce one warning per insecure library per project. You could
achieve ...
documentation
Java
phenggeler
... ::ClassInstanceExpr::getArgument#dispred#f0820431#fff ON FIRST 2 OUTPUT Rhs.2, Lhs.2 n1
4 ~0% {2} r16 = JOIN r15 WITH Expr::Expr::getType#dispred#f0820431#bf ON FIRST 1 OUTPUT Rhs.1 ...
documentation
Java
... MyBatisAbstractSQLAnonymousClassStep extends TaintTracking::AdditionalTaintStep {
override predicate step(DataFlow::Node node1, DataFlow::Node node2) {
exists(MethodAccess ma, ClassInstanceExpr c ...
documentation
Java
jorgectf
Adds the class QualifiableMemberAccess which covers FieldAccess, MemberAccess and ClassInstanceExpr.
I have marked this pull request as draft because I am note sure whether it makes sense to use inheritance here, and
because I would like to hear what you think about this proposed change.
Java
Once the not exists(SafeJsonIo sji | sji.hasFlowToExpr(cie.getArgument(1))) has been moved to isSanitizer, you can
factor this like
exists(ClassInstanceExpr cie |
cie.getArgument(0 ...
documentation
Java
haby0