hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-01 05:13:41 +01:00
Code Issues Packages Projects Releases Wiki Activity

Java: add name-based heuristic

Browse Source
This commit is contained in:
Jami Cogswell
2024-12-15 20:53:27 -05:00
parent 286c655264
commit 39ccde0c9d
4 changed files with 62 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
java/ql/src/Security/CWE/CWE-352/CsrfUnprotectedRequestType.ql
View File

@@ -17,8 +17,8 @@ import semmle.code.java.security.CsrfUnprotectedRequestTypeQuery
query predicate edges(CallPathNode pred, CallPathNode succ) { CallGraph::edges(pred, succ) }
from CallPathNode source, CallPathNode reachable, CallPathNode callsReachable
where unprotectedStateChange(source, reachable, callsReachable)
select source.asMethod(), source, callsReachable,
from CallPathNode source, CallPathNode sink
where unprotectedStateChange(source, sink)
select source.asMethod(), source, sink,
"Potential CSRF vulnerability due to using an HTTP request type which is not default-protected from CSRF for an apparent $@.",
callsReachable, "state-changing action"
sink, "state-changing action"