Formatting with auto-format

2026-04-26 01:05:15 +02:00 · 2020-05-12 15:53:29 -04:00
parent d75841d6a7
commit 106c181ab1
1 changed files with 57 additions and 29 deletions
--- a/java/ql/src/experimental/CWE-939/IncorrectURLVerification.ql
+++ b/java/ql/src/experimental/CWE-939/IncorrectURLVerification.ql
@@ -1,7 +1,7 @@
 /**
 * @id java/incorrect-url-verification
 * @name Insertion of sensitive information into log files
- * @description Apps that rely on URL parsing to verify that a given URL is pointing to a trusted server are susceptible to wrong ways of URL parsing and verification. 
+ * @description Apps that rely on URL parsing to verify that a given URL is pointing to a trusted server are susceptible to wrong ways of URL parsing and verification.
 * @kind problem
 * @tags security
 *       external/cwe-939
@@ -9,26 +9,25 @@

 import java

-
 /**
 * The Java class `android.net.Uri` and `java.net.URL`.
 */
 class Uri extends RefType {
-    Uri() {
-        hasQualifiedName("android.net", "Uri") or
-        hasQualifiedName("java.net", "URL")
-    }
+  Uri() {
+    hasQualifiedName("android.net", "Uri") or
+    hasQualifiedName("java.net", "URL")
+  }
 }

 /**
 * The method `getHost()` declared in `android.net.Uri` and `java.net.URL`.
 */
 class UriGetHostMethod extends Method {
-    UriGetHostMethod() {
-        getDeclaringType() instanceof Uri and
-        hasName("getHost") and
-        getNumberOfParameters() = 0
-    }
+  UriGetHostMethod() {
+    getDeclaringType() instanceof Uri and
+    hasName("getHost") and
+    getNumberOfParameters() = 0
+  }
 }

 /**
@@ -36,25 +35,54 @@ class UriGetHostMethod extends Method {
 * its arguments according to a format string.
 */
 class HostVerificationMethodAccess extends MethodAccess {
-    HostVerificationMethodAccess() {
-        (
-
-            this.getMethod().hasName("endsWith") or
-            this.getMethod().hasName("contains") or
-            this.getMethod().hasName("indexOf")
-        ) and
-        this.getMethod().getNumberOfParameters() = 1 and 
-        (
-            this.getArgument(0).(StringLiteral).getRepresentedString().charAt(0) != "." or  //string constant comparison e.g. uri.getHost().endsWith("example.com")
-            this.getArgument(0).(AddExpr).getLeftOperand().(VarAccess).getVariable().getAnAssignedValue().(StringLiteral).getRepresentedString().charAt(0) != "." or   //var1+var2, check var1 starts with "." e.g. String domainName = "example"; Uri.parse(url).getHost().endsWith(domainName+".com")
-            this.getArgument(0).(AddExpr).getLeftOperand().(StringLiteral).getRepresentedString().charAt(0) != "." or  //"."+var2, check string constant "." e.g. String domainName = "example.com";  Uri.parse(url).getHost().endsWith("www."+domainName)
-            exists (MethodAccess ma | this.getArgument(0) = ma and ma.getMethod().hasName("getString") and ma.getArgument(0).toString().indexOf("R.string") = 0) or  //Check resource properties in /res/values/strings.xml in Android mobile applications using res.getString(R.string.key)
-            this.getArgument(0).(VarAccess).getVariable().getAnAssignedValue().(StringLiteral).getRepresentedString().charAt(0) != "."  //check variable starts with "." e.g. String domainName = "example.com";  Uri.parse(url).getHost().endsWith(domainName)
-        )
-    }
+  HostVerificationMethodAccess() {
+    (
+      this.getMethod().hasName("endsWith") or
+      this.getMethod().hasName("contains") or
+      this.getMethod().hasName("indexOf")
+    ) and
+    this.getMethod().getNumberOfParameters() = 1 and
+    (
+      this.getArgument(0).(StringLiteral).getRepresentedString().charAt(0) != "." //string constant comparison e.g. uri.getHost().endsWith("example.com")
+      or
+      this
+          .getArgument(0)
+          .(AddExpr)
+          .getLeftOperand()
+          .(VarAccess)
+          .getVariable()
+          .getAnAssignedValue()
+          .(StringLiteral)
+          .getRepresentedString()
+          .charAt(0) != "." //var1+var2, check var1 starts with "." e.g. String domainName = "example"; Uri.parse(url).getHost().endsWith(domainName+".com")
+      or
+      this
+          .getArgument(0)
+          .(AddExpr)
+          .getLeftOperand()
+          .(StringLiteral)
+          .getRepresentedString()
+          .charAt(0) != "." //"."+var2, check string constant "." e.g. String domainName = "example.com";  Uri.parse(url).getHost().endsWith("www."+domainName)
+      or
+      exists(MethodAccess ma |
+        this.getArgument(0) = ma and
+        ma.getMethod().hasName("getString") and
+        ma.getArgument(0).toString().indexOf("R.string") = 0
+      ) //Check resource properties in /res/values/strings.xml in Android mobile applications using res.getString(R.string.key)
+      or
+      this
+          .getArgument(0)
+          .(VarAccess)
+          .getVariable()
+          .getAnAssignedValue()
+          .(StringLiteral)
+          .getRepresentedString()
+          .charAt(0) != "." //check variable starts with "." e.g. String domainName = "example.com";  Uri.parse(url).getHost().endsWith(domainName)
+    )
+  }
 }

 from UriGetHostMethod um, MethodAccess uma, HostVerificationMethodAccess hma
 where hma.getQualifier() = uma and uma.getMethod() = um
-select "Potentially improper URL verification with $@ in $@ having $@.",
-  hma, hma.getFile(), hma.getArgument(0), "user-provided value"
+select "Potentially improper URL verification with $@ in $@ having $@.", hma, hma.getFile(),
+  hma.getArgument(0), "user-provided value"