hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity

Java: Refactor SensitiveInfoLog.ql

Browse Source
This commit is contained in:
Anders Schack-Mulligen
2023-03-07 11:31:31 +01:00
parent 4408482699
commit 35beadc3bb
2 changed files with 28 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
java/ql/lib/semmle/code/java/security/SensitiveLoggingQuery.qll
View File

@@ -25,8 +25,12 @@ private class TypeType extends RefType {
}
}
/** A data-flow configuration for identifying potentially-sensitive data flowing to a log output. */
class SensitiveLoggerConfiguration extends TaintTracking::Configuration {
/**
* DEPRECATED: Use `SensitiveLoggerConfiguration` module instead.
*
* A data-flow configuration for identifying potentially-sensitive data flowing to a log output.
*/
deprecated class SensitiveLoggerConfiguration extends TaintTracking::Configuration {
SensitiveLoggerConfiguration() { this = "SensitiveLoggerConfiguration" }
override predicate isSource(DataFlow::Node source) { source.asExpr() instanceof CredentialExpr }
@@ -43,3 +47,22 @@ class SensitiveLoggerConfiguration extends TaintTracking::Configuration {
override predicate isSanitizerIn(Node node) { this.isSource(node) }
}
/** A data-flow configuration for identifying potentially-sensitive data flowing to a log output. */
module SensitiveLoggerConfiguration implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node source) { source.asExpr() instanceof CredentialExpr }
predicate isSink(DataFlow::Node sink) { sinkNode(sink, "logging") }
predicate isBarrier(DataFlow::Node sanitizer) {
sanitizer.asExpr() instanceof LiveLiteral or
sanitizer.getType() instanceof PrimitiveType or
sanitizer.getType() instanceof BoxedType or
sanitizer.getType() instanceof NumberType or
sanitizer.getType() instanceof TypeType
}
predicate isBarrierIn(Node node) { isSource(node) }
}
module SensitiveLoggerFlow = TaintTracking::Make<SensitiveLoggerConfiguration>;

6
java/ql/src/Security/CWE/CWE-532/SensitiveInfoLog.ql
View File

@@ -13,9 +13,9 @@
import java
import semmle.code.java.security.SensitiveLoggingQuery
import PathGraph
import SensitiveLoggerFlow::PathGraph
from SensitiveLoggerConfiguration cfg, DataFlow::PathNode source, DataFlow::PathNode sink
where cfg.hasFlowPath(source, sink)
from SensitiveLoggerFlow::PathNode source, SensitiveLoggerFlow::PathNode sink
where SensitiveLoggerFlow::hasFlowPath(source, sink)
select sink.getNode(), source, sink, "This $@ is written to a log file.", source.getNode(),
"potentially sensitive information"