hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-27 20:33:42 +01:00
Code Issues Packages Projects Releases Wiki Activity

Java: Convert PlayRequestGetMethod to CSV based flow source

Browse Source
This commit is contained in:
Tamas Vajk
2021-03-09 12:20:35 +01:00
parent e0b1a86038
commit 0d405c293a
2 changed files with 6 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
java/ql/src/semmle/code/java/dataflow/ExternalFlow.qll
View File

@@ -172,7 +172,12 @@ private predicate sourceModelCsv(string row) {
"org.springframework.web.client;RestTemplate;false;getForEntity;;;ReturnValue;remote",
"org.springframework.web.client;RestTemplate;false;postForEntity;;;ReturnValue;remote",
// WebSocketMessageParameterSource
"java.net.http;WebSocket$Listener;true;onText;(WebSocket,CharSequence,boolean);;Parameter[1];remote"
"java.net.http;WebSocket$Listener;true;onText;(WebSocket,CharSequence,boolean);;Parameter[1];remote",
// PlayRequestGetMethod
"play.mvc;Http$RequestHeader;false;queryString;;;ReturnValue;remote",
"play.mvc;Http$RequestHeader;false;getQueryString;;;ReturnValue;remote",
"play.mvc;Http$RequestHeader;false;header;;;ReturnValue;remote",
"play.mvc;Http$RequestHeader;false;getHeader;;;ReturnValue;remote"
]
}

19
java/ql/src/semmle/code/java/dataflow/FlowSources.qll
View File

@@ -39,14 +39,6 @@ private class ExternalRemoteFlowSource extends RemoteFlowSource {
override string getSourceType() { result = "external" }
}
private class RemoteTaintedMethodAccessSource extends RemoteFlowSource {
RemoteTaintedMethodAccessSource() {
this.asExpr().(MethodAccess).getMethod() instanceof RemoteTaintedMethod
}
override string getSourceType() { result = "network data source" }
}
private class RmiMethodParameterSource extends RemoteFlowSource {
RmiMethodParameterSource() {
exists(RemoteCallableMethod method |
@@ -204,17 +196,6 @@ class DatabaseInput extends LocalUserInput {
DatabaseInput() { this.asExpr().(MethodAccess).getMethod() instanceof ResultSetGetStringMethod }
}
private class RemoteTaintedMethod extends Method {
RemoteTaintedMethod() { this instanceof PlayRequestGetMethod }
}
private class PlayRequestGetMethod extends Method {
PlayRequestGetMethod() {
this.getDeclaringType() instanceof PlayMvcHttpRequestHeader and
this.hasName(["queryString", "getQueryString", "header", "getHeader"])
}
}
/** A method that reads from the environment, such as `System.getProperty` or `System.getenv`. */
class EnvReadMethod extends Method {
EnvReadMethod() {