CodeQl Java to detect flows from some input to a Class member #12744
-
| Hi, I am trying to write a codeql flow query to detect if and when some user input is reaching a specific Field in a class. (the calls to setMyField(value) I am interested in) However it is possible to set fields not via setters and I would like to capture these instances too, I tried using this : but it doesn't return anything, what am I doing wrong? | 
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 1 reply
-
| Hi @yuval-piiano, That  Have you read the "Checking sources and sinks" section of https://codeql.github.com/docs/writing-codeql-queries/debugging-data-flow-queries-using-partial-flow/#checking-sources-and-sinks? | 
Beta Was this translation helpful? Give feedback.
Hi @yuval-piiano,
That
isSinkdefinition looks right to me. Of course, you still need to restrict thewriteto be a write to themyFieldfield, but if you're getting 0 results with this definition already it leads me to think something else is wrong.Have you read the "Checking sources and sinks" section of https://codeql.github.com/docs/writing-codeql-queries/debugging-data-flow-queries-using-partial-flow/#checking-sources-and-sinks?