hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-25 00:35:20 +02:00
Code Issues Packages Projects Releases Wiki Activity

Update MaD Declarations after Triage

Browse Source
This commit is contained in:
Tony Torralba
2023-10-31 16:52:02 +01:00
parent 8f58685b38
commit 107a05af71
12 changed files with 63 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
java/ql/lib/change-notes/2023-10-31-new-models.md Normal file
View File

@@ -0,0 +1,17 @@
---
category: minorAnalysis
---
* Added models for the following packages:
* com.google.common.io
* hudson
* hudson.console
* java.lang
* java.net
* java.rmi.server
* java.util.logging
* javax.imageio.stream
* org.apache.commons.io
* org.apache.hadoop.hive.ql.exec
* org.apache.hadoop.hive.ql.metadata
* org.apache.tools.ant.taskdefs

2
java/ql/lib/ext/com.google.common.io.model.yml
View File

@@ -3,9 +3,11 @@ extensions:
pack: codeql/java-all
extensible: sinkModel
data:
- ["com.google.common.io", "Files", False, "asByteSink", "(File,FileWriteMode[])", "", "Argument[0]", "path-injection", "ai-manual"]
- ["com.google.common.io", "Files", False, "asCharSink", "(File,Charset,FileWriteMode[])", "", "Argument[0]", "path-injection", "ai-manual"]
- ["com.google.common.io", "Files", False, "asCharSource", "(File,Charset)", "", "Argument[0]", "path-injection", "ai-manual"]
- ["com.google.common.io", "Files", False, "copy", "(File,OutputStream)", "", "Argument[0]", "path-injection", "ai-manual"]
- ["com.google.common.io", "Files", False, "newWriter", "(File,Charset)", "", "Argument[0]", "path-injection", "ai-manual"]
- ["com.google.common.io", "Files", False, "readLines", "(File,Charset)", "", "Argument[0]", "path-injection", "ai-manual"]
- ["com.google.common.io", "Files", False, "toByteArray", "(File)", "", "Argument[0]", "path-injection", "ai-manual"]
- ["com.google.common.io", "Files", False, "toString", "(File,Charset)", "", "Argument[0]", "path-injection", "ai-manual"]

6
java/ql/lib/ext/hudson.console.model.yml Normal file
View File

@@ -0,0 +1,6 @@
extensions:
- addsTo:
pack: codeql/java-all
extensible: summaryModel
data:
- ["hudson.console", "AnnotatedLargeText", True, "AnnotatedLargeText", "(File,Charset,boolean,Object)", "", "Argument[0]", "Argument[this]", "taint", "ai-manual"]

3
java/ql/lib/ext/hudson.model.yml
View File

@@ -3,6 +3,8 @@ extensions:
pack: codeql/java-all
extensible: sinkModel
data:
- ["hudson", "FilePath", False, "tar", "(OutputStream,String)", "", "Argument[0]", "path-injection", "ai-manual"]
- ["hudson", "FilePath", False, "unzipFrom", "(InputStream)", "", "Argument[0]", "path-injection", "ai-manual"]
- ["hudson", "FilePath", True, "copyFrom", "", "", "Argument[this]", "path-injection", "manual"]
- ["hudson", "FilePath", True, "copyFrom", "(FilePath)", "", "Argument[0]", "path-injection", "manual"]
- ["hudson", "FilePath", True, "copyFrom", "(URL)", "", "Argument[0]", "path-injection", "manual"]
@@ -32,6 +34,7 @@ extensions:
- ["hudson", "Launcher$ProcStarter", False, "cmdAsSingleString", "", "", "Argument[0]", "command-injection", "manual"]
- ["hudson", "Launcher", True, "launch", "", "", "Argument[0]", "command-injection", "manual"]
- ["hudson", "Launcher", True, "launchChannel", "", "", "Argument[0]", "command-injection", "manual"]
- ["hudson", "XmlFile", False, "XmlFile", "(XStream,File)", "", "Argument[1]", "path-injection", "ai-manual"]
- addsTo:
pack: codeql/java-all
extensible: sourceModel

1
java/ql/lib/ext/java.lang.model.yml
View File

@@ -13,6 +13,7 @@ extensions:
- ["java.lang", "ProcessBuilder", False, "directory", "(File)", "", "Argument[0]", "command-injection", "ai-manual"]
- ["java.lang", "ProcessBuilder", False, "ProcessBuilder", "(List)", "", "Argument[0]", "command-injection", "ai-manual"]
- ["java.lang", "ProcessBuilder", False, "ProcessBuilder", "(String[])", "", "Argument[0]", "command-injection", "ai-manual"]
- ["java.lang", "ProcessBuilder", False, "redirectError", "(File)", "", "Argument[0]", "path-injection", "ai-manual"]
- ["java.lang", "Runtime", True, "exec", "(String)", "", "Argument[0]", "command-injection", "ai-manual"]
- ["java.lang", "Runtime", True, "exec", "(String[])", "", "Argument[0]", "command-injection", "ai-manual"]
- ["java.lang", "Runtime", True, "exec", "(String[],String[])", "", "Argument[0]", "command-injection", "ai-manual"]

1
java/ql/lib/ext/java.net.model.yml
View File

@@ -9,6 +9,7 @@ extensions:
pack: codeql/java-all
extensible: sinkModel
data:
- ["java.net", "DatagramPacket", False, "DatagramPacket", "(byte[],int,InetAddress,int)", "", "Argument[2]", "request-forgery", "ai-manual"]
- ["java.net", "DatagramSocket", True, "connect", "(SocketAddress)", "", "Argument[0]", "request-forgery", "ai-manual"]
- ["java.net", "Socket", True, "Socket", "(String,int)", "", "Argument[0]", "request-forgery", "ai-manual"]
- ["java.net", "URL", False, "openConnection", "", "", "Argument[this]", "request-forgery", "manual"]

3
java/ql/lib/ext/java.util.logging.model.yml
View File

@@ -3,6 +3,8 @@ extensions:
pack: codeql/java-all
extensible: sinkModel
data:
- ["java.util.logging", "FileHandler", True, "FileHandler", "(String,boolean)", "", "Argument[0]", "path-injection", "ai-manual"]
- ["java.util.logging", "FileHandler", True, "FileHandler", "(String,int,int)", "", "Argument[0]", "path-injection", "ai-manual"]
- ["java.util.logging", "Logger", True, "config", "", "", "Argument[0]", "log-injection", "manual"]
- ["java.util.logging", "Logger", True, "entering", "(String,String)", "", "Argument[0..1]", "log-injection", "manual"]
- ["java.util.logging", "Logger", True, "entering", "(String,String,Object)", "", "Argument[0..2]", "log-injection", "manual"]
@@ -44,7 +46,6 @@ extensions:
- ["java.util.logging", "Logger", False, "getLogger", "(String)", "", "Argument[0]", "ReturnValue.SyntheticField[java.util.logging.Logger.name]", "value", "manual"]
- ["java.util.logging", "Logger", False, "getName", "()", "", "Argument[this].SyntheticField[java.util.logging.Logger.name]", "ReturnValue", "value", "manual"]
- ["java.util.logging", "LogRecord", False, "LogRecord", "", "", "Argument[1]", "Argument[this]", "taint", "manual"]
- addsTo:
pack: codeql/java-all
extensible: neutralModel

6
java/ql/lib/ext/javax.imageio.stream.model.yml
View File

@@ -1,7 +1,11 @@
extensions:
- addsTo:
pack: codeql/java-all
extensible: summaryModel
data:
- ["javax.imageio.stream", "FileCacheImageInputStream", True, "FileCacheImageInputStream", "(InputStream,File)", "", "Argument[0]", "Argument[this].Element", "taint", "ai-manual"]
- addsTo:
pack: codeql/java-all
extensible: sinkModel
data:
- ["javax.imageio.stream", "FileImageOutputStream", True, "FileImageOutputStream", "(File)", "", "Argument[0]", "path-injection", "ai-manual"]

8
java/ql/lib/ext/org.apache.commons.io.model.yml
View File

@@ -3,6 +3,8 @@ extensions:
pack: codeql/java-all
extensible: summaryModel
data:
- ["org.apache.commons.io", "FileUtils", False, "listFiles", "(File,IOFileFilter,IOFileFilter)", "", "Argument[0]", "ReturnValue.Element", "taint", "ai-manual"]
- ["org.apache.commons.io", "FileUtils", False, "listFiles", "(File,String[],boolean)", "", "Argument[0]", "ReturnValue.Element", "taint", "ai-manual"]
# Models that are not yet auto generated or where the generated summaries will
# be ignored.
# Note that if a callable has any handwritten summary, all generated summaries
@@ -16,8 +18,14 @@ extensions:
pack: codeql/java-all
extensible: sinkModel
data:
- ["org.apache.commons.io", "FileUtils", False, "forceMkdir", "(File)", "", "Argument[0]", "path-injection", "ai-manual"]
- ["org.apache.commons.io", "FileUtils", False, "moveDirectory", "(File,File)", "", "Argument[0]", "path-injection", "ai-manual"]
- ["org.apache.commons.io", "FileUtils", False, "readFileToByteArray", "(File)", "", "Argument[0]", "path-injection", "ai-manual"]
- ["org.apache.commons.io", "FileUtils", False, "writeLines", "(File,String,Collection,String)", "", "Argument[3]", "file-content-store", "ai-manual"]
- ["org.apache.commons.io", "FileUtils", False, "writeStringToFile", "(File,String,Charset,boolean)", "", "Argument[1]", "file-content-store", "ai-manual"]
- ["org.apache.commons.io", "FileUtils", True, "copyInputStreamToFile", "(InputStream,File)", "", "Argument[0]", "file-content-store", "ai-manual"]
- ["org.apache.commons.io", "FileUtils", True, "copyInputStreamToFile", "(InputStream,File)", "", "Argument[1]", "path-injection", "manual"]
- ["org.apache.commons.io", "FileUtils", True, "copyToFile", "(InputStream,File)", "", "Argument[0]", "file-content-store", "ai-manual"]
- ["org.apache.commons.io", "FileUtils", True, "copyToFile", "(InputStream,File)", "", "Argument[1]", "path-injection", "manual"]
- ["org.apache.commons.io", "FileUtils", True, "openInputStream", "(File)", "", "Argument[0]", "path-injection", "ai-manual"]
- ["org.apache.commons.io", "IOUtils", False, "resourceToString", "(String,Charset)", "", "Argument[0]", "path-injection", "ai-manual"]

11
java/ql/lib/ext/org.apache.hadoop.hive.ql.exec.model.yml Normal file
View File

@@ -0,0 +1,11 @@
extensions:
- addsTo:
pack: codeql/java-all
extensible: sinkModel
data:
- ["org.apache.hadoop.hive.ql.exec", "Utilities", False, "renameOrMoveFilesInParallel", "(Configuration,FileSystem,Path,Path)", "", "Argument[2]", "path-injection", "ai-manual"]
- addsTo:
pack: codeql/java-all
extensible: summaryModel
data:
- ["org.apache.hadoop.hive.ql.exec", "Utilities", False, "replaceTaskIdFromFilename", "(String,String)", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"]

6
java/ql/lib/ext/org.apache.hadoop.hive.ql.metadata.model.yml Normal file
View File

@@ -0,0 +1,6 @@
extensions:
- addsTo:
pack: codeql/java-all
extensible: sinkModel
data:
- ["org.apache.hadoop.hive.ql.metadata", "Hive", False, "copyFiles", "(HiveConf,Path,Path,FileSystem,boolean,boolean,boolean,List,boolean,boolean,boolean,boolean)", "", "Argument[2]", "path-injection", "ai-manual"]

1
java/ql/lib/ext/org.apache.tools.ant.taskdefs.model.yml
View File

@@ -7,5 +7,6 @@ extensions:
- ["org.apache.tools.ant.taskdefs", "Copy", True, "setFile", "(File)", "", "Argument[0]", "path-injection", "ai-manual"]
- ["org.apache.tools.ant.taskdefs", "Copy", True, "setTodir", "(File)", "", "Argument[0]", "path-injection", "ai-manual"]
- ["org.apache.tools.ant.taskdefs", "Copy", True, "setTofile", "(File)", "", "Argument[0]", "path-injection", "ai-manual"]
- ["org.apache.tools.ant.taskdefs", "Execute", False, "runCommand", "(Task,String[])", "", "Argument[1]", "command-injection", "ai-manual"]
- ["org.apache.tools.ant.taskdefs", "Expand", True, "setDest", "(File)", "", "Argument[0]", "path-injection", "ai-manual"]
- ["org.apache.tools.ant.taskdefs", "Expand", True, "setSrc", "(File)", "", "Argument[0]", "path-injection", "ai-manual"]