Move and convert URL redirect sinks

Adds for them as well
2026-02-23 18:33:42 +01:00 · 2021-05-20 12:15:30 +01:00
parent f2ff2aa3e1
commit 1ae9d68409
7 changed files with 48 additions and 16 deletions
--- a/java/ql/src/semmle/code/java/frameworks/JaxWS.qll
+++ b/java/ql/src/semmle/code/java/frameworks/JaxWS.qll
@@ -308,6 +308,20 @@ class JaxRSConsumesAnnotation extends JaxRSAnnotation {
  JaxRSConsumesAnnotation() { this.getType().hasQualifiedName(getAJaxRsPackage(), "Consumes") }
 }

+/** A URL redirection sink from JAX-RS */
+private class JaxRsUrlRedirectSink extends SinkModelCsv {
+  override predicate row(string row) {
+    row =
+      [
+        //`namespace; type; subtypes; name; signature; ext; input; kind`
+        "javax.ws.rs.core;Response;true;seeOther;;;Argument[0];url-redirect",
+        "javax.ws.rs.core;Response;true;temporaryRedirect;;;Argument[0];url-redirect",
+        "jakarta.ws.rs.core;Response;true;seeOther;;;Argument[0];url-redirect",
+        "jakarta.ws.rs.core;Response;true;temporaryRedirect;;;Argument[0];url-redirect"
+      ]
+  }
+}
+
 /**
 * Model Response:
 *
--- a/java/ql/src/semmle/code/java/security/UrlRedirect.qll
+++ b/java/ql/src/semmle/code/java/security/UrlRedirect.qll
@@ -36,17 +36,3 @@ private class ApacheUrlRedirectSink extends UrlRedirectSink {
    )
  }
 }
-
-/** A URL redirection sink from JAX-RS */
-private class JaxRsUrlRedirectSink extends UrlRedirectSink {
-  JaxRsUrlRedirectSink() {
-    exists(MethodAccess ma |
-      ma.getMethod()
-          .getDeclaringType()
-          .getAnAncestor()
-          .hasQualifiedName(getAJaxRsPackage("core"), "Response") and
-      ma.getMethod().getName() in ["seeOther", "temporaryRedirect"] and
-      this.asExpr() = ma.getArgument(0)
-    )
-  }
-}