CodeQL library for JavaScript/TypeScript
codeql/javascript-all 1.0.3-dev (changelog, source)
Search

Predicate TaintedPath::isAdditionalTaintedPathFlowStep

Holds if there is a step src -> dst mapping srclabel to dstlabel relevant for path traversal vulnerabilities.

Import path

import semmle.javascript.security.dataflow.TaintedPathCustomizations
predicate isAdditionalTaintedPathFlowStep(Node src, Node dst, FlowLabel srclabel, FlowLabel dstlabel)