@@ -86,18 +86,12 @@ private predicate localTaintFlowToPathGuard(Expr e, PathGuard g) {
8686}
8787
8888private class AllowedPrefixGuard extends PathGuard instanceof MethodAccess {
89- Expr checkedExpr ;
90-
9189 AllowedPrefixGuard ( ) {
92- (
93- isStringPrefixMatch ( this , checkedExpr )
94- or
95- isPathPrefixMatch ( this , checkedExpr )
96- ) and
90+ ( isStringPrefixMatch ( this ) or isPathPrefixMatch ( this ) ) and
9791 not isDisallowedWord ( super .getAnArgument ( ) )
9892 }
9993
100- override Expr getCheckedExpr ( ) { result = checkedExpr }
94+ override Expr getCheckedExpr ( ) { result = getVisualQualifier ( this ) . getUnderlyingExpr ( ) }
10195}
10296
10397/**
@@ -159,18 +153,12 @@ private class DotDotCheckSanitizer extends PathInjectionSanitizer {
159153}
160154
161155private class BlockListGuard extends PathGuard instanceof MethodAccess {
162- Expr checkedExpr ;
163-
164156 BlockListGuard ( ) {
165- (
166- isStringPartialMatch ( this , checkedExpr )
167- or
168- isPathPrefixMatch ( this , checkedExpr )
169- ) and
157+ ( isStringPartialMatch ( this ) or isPathPrefixMatch ( this ) ) and
170158 isDisallowedWord ( super .getAnArgument ( ) )
171159 }
172160
173- override Expr getCheckedExpr ( ) { result = checkedExpr }
161+ override Expr getCheckedExpr ( ) { result = getVisualQualifier ( this ) . getUnderlyingExpr ( ) }
174162}
175163
176164/**
@@ -216,12 +204,11 @@ private class ConstantOrRegex extends Expr {
216204 }
217205}
218206
219- private predicate isStringPrefixMatch ( MethodAccess ma , Expr checkedExpr ) {
207+ private predicate isStringPrefixMatch ( MethodAccess ma ) {
220208 exists ( Method m , RefType t |
221209 m .getDeclaringType ( ) = t and
222210 ( t instanceof TypeString or t instanceof StringsKt ) and
223- m = ma .getMethod ( ) and
224- checkedExpr = getVisualQualifier ( ma ) .getUnderlyingExpr ( )
211+ m = ma .getMethod ( )
225212 |
226213 getSourceMethod ( m ) .hasName ( "startsWith" )
227214 or
@@ -234,28 +221,26 @@ private predicate isStringPrefixMatch(MethodAccess ma, Expr checkedExpr) {
234221}
235222
236223/**
237- * Holds if `ma` is a call to a method that checks a partial string match on `checkedExpr` .
224+ * Holds if `ma` is a call to a method that checks a partial string match.
238225 */
239- private predicate isStringPartialMatch ( MethodAccess ma , Expr checkedExpr ) {
240- isStringPrefixMatch ( ma , checkedExpr )
226+ private predicate isStringPartialMatch ( MethodAccess ma ) {
227+ isStringPrefixMatch ( ma )
241228 or
242229 exists ( RefType t | t = ma .getMethod ( ) .getDeclaringType ( ) |
243230 t instanceof TypeString or t instanceof StringsKt
244231 ) and
245232 getSourceMethod ( ma .getMethod ( ) )
246- .hasName ( [ "contains" , "matches" , "regionMatches" , "indexOf" , "lastIndexOf" ] ) and
247- checkedExpr = getVisualQualifier ( ma ) .getUnderlyingExpr ( )
233+ .hasName ( [ "contains" , "matches" , "regionMatches" , "indexOf" , "lastIndexOf" ] )
248234}
249235
250236/**
251- * Holds if `ma` is a call to a method that checks whether `checkedExpr` starts with a prefix.
237+ * Holds if `ma` is a call to a method that checks whether a path starts with a prefix.
252238 */
253- private predicate isPathPrefixMatch ( MethodAccess ma , Expr checkedExpr ) {
239+ private predicate isPathPrefixMatch ( MethodAccess ma ) {
254240 exists ( RefType t | t = ma .getMethod ( ) .getDeclaringType ( ) |
255241 t instanceof TypePath or t instanceof FilesKt
256242 ) and
257- getSourceMethod ( ma .getMethod ( ) ) .hasName ( "startsWith" ) and
258- checkedExpr = getVisualQualifier ( ma )
243+ getSourceMethod ( ma .getMethod ( ) ) .hasName ( "startsWith" )
259244}
260245
261246private predicate isDisallowedWord ( ConstantOrRegex word ) {
0 commit comments