CodeQL library for JavaScript/TypeScript
codeql/javascript-all 0.8.15-dev (changelog, source)
Search

Predicate ArrayTaintTracking::arrayFunctionTaintStep

Holds if there is a taint propagating data flow edge from pred to succ caused by a call call to a builtin array functions.

Import path

import javascript
predicate arrayFunctionTaintStep(Node pred, Node succ, CallNode call)