hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-23 10:23:41 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #13713 from pwntester/java/struts2_source_taint_inheriting

Browse Source 
[Java] Implement field taint inheritance for Struts2 unmarshalled objects
This commit is contained in:
Tony Torralba
2023-07-28 16:46:27 +02:00
committed by GitHub
parent a020189895 c3a2ae2943
commit 08cba7dc5f
4 changed files with 62 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
java/ql/lib/semmle/code/java/dataflow/FlowSources.qll
View File

@@ -143,11 +143,10 @@ private class GuiceRequestParameterSource extends RemoteFlowSource {
override string getSourceType() { result = "Guice request parameter" }
}
private class Struts2ActionSupportClassFieldReadSource extends RemoteFlowSource {
Struts2ActionSupportClassFieldReadSource() {
exists(Struts2ActionSupportClass c |
c.getASetterMethod().getField() = this.asExpr().(FieldRead).getField()
)
private class Struts2ActionSupportClassFieldSource extends RemoteFlowSource {
Struts2ActionSupportClassFieldSource() {
this.(DataFlow::FieldValueNode).getField() =
any(Struts2ActionSupportClass c).getASetterMethod().getField()
}
override string getSourceType() { result = "Struts2 ActionSupport field" }