Add Hash.Write and similar as sanitizers

owen-mc · owen-mc · commit 336eba1be496 · 2020-06-16T12:48:43.000+01:00
diff --git a/ql/src/Security/CWE-640/EmailInjection.qll b/ql/src/Security/CWE-640/EmailInjection.qll
@@ -24,6 +24,19 @@ module EmailInjection {
 
     override predicate isSource(DataFlow::Node source) { source instanceof Source }
 
+    override predicate isSanitizerOut(DataFlow::Node node) {
+      exists(DataFlow::CallNode call |
+        call.getTarget().hasQualifiedName("hash.Hash", "Write") and
+        (
+          call.getReceiver().getType().getName() = "Hash" or
+          call.getReceiver().getType().getName() = "Hash32" or
+          call.getReceiver().getType().getName() = "Hash64"
+        )
+      |
+        node = call.getArgument(0)
+      )
+    }
+
     override predicate isSink(DataFlow::Node sink) { sink instanceof Sink }
   }
 }
