hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-29 02:35:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Update and rename UnsafecsrfComparison.java to csrfComparison.java

Browse Source
This commit is contained in:
ahmed532009
2022-02-10 22:36:52 +01:00
committed by Chris Smowton
parent c6c67b907b
commit 39e07cbc9c
2 changed files with 45 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
java/ql/src/experimental/Security/CWE/CWE-208/UnsafecsrfComparison.java
View File

@@ -1,21 +0,0 @@
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.Cookie;
public boolean validateCsrfTokenInRequest(HttpServletRequest request) {
if (cookies != null) {
for (Cookie cookie : cookies) {
if (cookie.getName().equals(CSRF-TOKEN){
csrfCookieValue = cookie.getValue();
}
}
}
if (compareCsrfTokens(csrfCookieValue)) {
return true;
}
}
private boolean compareCsrfTokens(String csrfTokenInCookie) {
if(csrfTokenInCookie == null || !csrfTokenInCookie.equals(request.getHeader("X-CSRF-TOKEN"))) {
return false;
}
}

45
java/ql/src/experimental/Security/CWE/CWE-208/csrfComparison.java Normal file
View File

@@ -0,0 +1,45 @@
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.Cookie;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
public boolean validateCsrfTokenInRequest(HttpServletRequest request) {
if (cookies != null) {
for (Cookie cookie : cookies) {
if (cookie.getName().equals(CSRF-TOKEN){
csrfCookieValue = cookie.getValue();
}
}
}
if (UnsafecsrfComparison(csrfCookieValue)) { // BAD
return true;
}
}
private boolean UnsafecsrfComparison(String csrfTokenInCookie) {
if(csrfTokenInCookie == null || !csrfTokenInCookie.equals(request.getHeader("X-CSRF-TOKEN"))) { // BAD
return false;
}
}
public boolean validateCsrfTokenInRequest(HttpServletRequest request) {
if (cookies != null) {
for (Cookie cookie : cookies) {
if (cookie.getName().equals(CSRF-TOKEN){
csrfCookieValue = cookie.getValue();
}
}
}
if (safecsrfComparison(csrfCookieValue)) { // GOOD
return true;
}
}
private boolean safecsrfComparison(String csrfTokenInCookie) {
String csrfTokenInRequest = request.getHeader("X-CSRF-TOKEN");
if (csrfTokenInRequest == null || !MessageDigest.isEqual(
csrfTokenInCookie.getBytes(StandardCharsets.UTF_8),
csrfTokenInRequest.getBytes(StandardCharsets.UTF_8))) { // GOOD
return false;
}
}