CodeQL library for Java
codeql/java-all 0.4.4 (changelog, source)
Search

Module Private::Steps

Provides a compilation of flow summaries to atomic data-flow steps.

Import path

import semmle.code.java.dataflow.internal.FlowSummaryImpl

Predicates

prohibitsUseUseFlow

Holds if use-use flow starting from arg should be prohibited.

summaryClearsContent

Holds if values stored inside content c are cleared at n. n is a synthesized summary node, so in order for values to be cleared at calls to the relevant method, it is important that flow does not pass over the argument, either via use-use flow or def-use flow.

summaryExpectsContent

Holds if the value that is being tracked is expected to be stored inside content c at n.

summaryGetterStep

Holds if there is a read(+taint) of c from arg to out using a flow summary.

summaryJumpStep

Holds if there is a jump step from pred to succ, which is synthesized from a flow summary.

summaryLocalStep

Holds if there is a local step from pred to succ, which is synthesized from a flow summary.

summaryReadStep

Holds if there is a read step of content c from pred to succ, which is synthesized from a flow summary.

summarySetterStep

Holds if there is a (taint+)store of arg into content c of out using a flow summary.

summaryStoreStep

Holds if there is a store step of content c from pred to succ, which is synthesized from a flow summary.

summaryThroughStepTaint

Holds if arg flows to out using a simple flow summary involving taint step, that is, a flow summary without reads and stores.

summaryThroughStepValue

Holds if arg flows to out using a simple value-preserving flow summary, that is, a flow summary without reads and stores.