Package org.openrewrite.analysis.dataflow

Class TaintFlowSpec

java.lang.Object
org.openrewrite.analysis.dataflow.DataFlowSpec
org.openrewrite.analysis.dataflow.TaintFlowSpec
@Incubating(since="7.25.0") public abstract class TaintFlowSpec extends DataFlowSpec

  • Constructor Details

    • TaintFlowSpec

      public TaintFlowSpec()

  • Method Details

    • isAdditionalFlowStep

      public final boolean isAdditionalFlowStep(DataFlowNode srcNode, DataFlowNode sinkNode)
      Description copied from class: DataFlowSpec
      takes an existing flow-step in the graph and offers a potential next flow step. The method can then decide if the offered potential next flow step should be considered a valid next flow step in the graph. Allows for ad-hoc taint tracking by allowing for additional, non-default flow steps to be added to the flow graph. The following is always true: srcExpression == srcCursor.getValue() && sinkExpression == sinkCursor.getValue().
      Overrides:
      isAdditionalFlowStep in class DataFlowSpec

    • isAdditionalTaintStep

      public boolean isAdditionalTaintStep(DataFlowNode srcNode, DataFlowNode sinkNode)

    • isBarrierGuard

      public final boolean isBarrierGuard(Guard guard, boolean branch)
      Overrides:
      isBarrierGuard in class DataFlowSpec

    • isSanitizerGuard

      public boolean isSanitizerGuard(Guard guard, boolean branch)

    • isBarrier

      public final boolean isBarrier(DataFlowNode node)
      Description copied from class: DataFlowSpec
      Holds if flow through `expression` is prohibited.
      Overrides:
      isBarrier in class DataFlowSpec

    • isSanitizer

      public boolean isSanitizer(DataFlowNode node)