hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 11:15:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Deprecate execTainted

Browse Source
This commit is contained in:
Ed Minnix
2023-03-28 13:18:48 -04:00
parent dcd703f1a9
commit 25359d2218
4 changed files with 23 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
java/ql/lib/change-notes/2023-03-28-deprecated-exectainted.md Normal file
View File

@@ -0,0 +1,5 @@
---
category: deprecated
---
* The `execTainted` predicate in `CommandLineQuery.qll` has been deprecated and replaced with the predicate `execIsTainted`.

17
java/ql/lib/semmle/code/java/security/CommandLineQuery.qll
View File

@@ -55,11 +55,26 @@ module RemoteUserInputToArgumentToExecFlow =
TaintTracking::Global<RemoteUserInputToArgumentToExecFlowConfig>;
/**
* DEPRECATED: Use `execIsTainted` instead.
*
* Implementation of `ExecTainted.ql`. It is extracted to a QLL
* so that it can be excluded from `ExecUnescaped.ql` to avoid
* reporting overlapping results.
*/
predicate execTainted(
deprecated predicate execTainted(
DataFlow::PathNode source, DataFlow::PathNode sink, ArgumentToExec execArg
) {
exists(RemoteUserInputToArgumentToExecFlowConfig conf |
conf.hasFlowPath(source, sink) and sink.getNode() = DataFlow::exprNode(execArg)
)
}
/**
* Implementation of `ExecTainted.ql`. It is extracted to a QLL
* so that it can be excluded from `ExecUnescaped.ql` to avoid
* reporting overlapping results.
*/
predicate execIsTainted(
RemoteUserInputToArgumentToExecFlow::PathNode source,
RemoteUserInputToArgumentToExecFlow::PathNode sink, ArgumentToExec execArg
) {

2
java/ql/src/Security/CWE/CWE-078/ExecTainted.ql
View File

@@ -21,6 +21,6 @@ import RemoteUserInputToArgumentToExecFlow::PathGraph
from
RemoteUserInputToArgumentToExecFlow::PathNode source,
RemoteUserInputToArgumentToExecFlow::PathNode sink, ArgumentToExec execArg
where execTainted(source, sink, execArg)
where execIsTainted(source, sink, execArg)
select execArg, source, sink, "This command line depends on a $@.", source.getNode(),
"user-provided value"

2
java/ql/src/experimental/Security/CWE/CWE-078/ExecTainted.ql
View File

@@ -23,6 +23,6 @@ import RemoteUserInputToArgumentToExecFlow::PathGraph
from
RemoteUserInputToArgumentToExecFlow::PathNode source,
RemoteUserInputToArgumentToExecFlow::PathNode sink, ArgumentToExec execArg
where execTainted(source, sink, execArg)
where execIsTainted(source, sink, execArg)
select execArg, source, sink, "This command line depends on a $@.", source.getNode(),
"user-provided value"