hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 03:05:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Enhance the query

Browse Source
This commit is contained in:
luchua-bc
2020-07-27 18:50:47 +00:00
parent 01fb51829c
commit 3a23451395
8 changed files with 211 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
java/ql/test/experimental/query-tests/security/CWE-522/UnsecureBasicAuth.expected
View File

@@ -1,13 +1,16 @@
edges
| UnsecureBasicAuth.java:41:19:41:68 | "http://www.example.com/rest/getuser.do?uid=abcdx" : String | UnsecureBasicAuth.java:46:3:46:6 | conn |
| UnsecureBasicAuth.java:41:19:41:68 | "http://www.example.com/rest/getuser.do?uid=abcdx" : String | UnsecureBasicAuth.java:47:3:47:6 | conn |
| UnsecureBasicAuth.java:41:19:41:68 | "http://www.example.com/rest/getuser.do?uid=abcdx" : String | UnsecureBasicAuth.java:48:3:48:6 | conn |
| UnsecureBasicAuth.java:94:19:94:68 | "http://www.example.com/rest/getuser.do?uid=abcdx" : String | UnsecureBasicAuth.java:99:3:99:6 | conn |
| UnsecureBasicAuth.java:94:19:94:68 | "http://www.example.com/rest/getuser.do?uid=abcdx" : String | UnsecureBasicAuth.java:100:3:100:6 | conn |
| UnsecureBasicAuth.java:94:19:94:68 | "http://www.example.com/rest/getuser.do?uid=abcdx" : String | UnsecureBasicAuth.java:101:3:101:6 | conn |
nodes
| UnsecureBasicAuth.java:41:19:41:68 | "http://www.example.com/rest/getuser.do?uid=abcdx" : String | semmle.label | "http://www.example.com/rest/getuser.do?uid=abcdx" : String |
| UnsecureBasicAuth.java:46:3:46:6 | conn | semmle.label | conn |
| UnsecureBasicAuth.java:47:3:47:6 | conn | semmle.label | conn |
| UnsecureBasicAuth.java:48:3:48:6 | conn | semmle.label | conn |
| UnsecureBasicAuth.java:94:19:94:68 | "http://www.example.com/rest/getuser.do?uid=abcdx" : String | semmle.label | "http://www.example.com/rest/getuser.do?uid=abcdx" : String |
| UnsecureBasicAuth.java:99:3:99:6 | conn | semmle.label | conn |
| UnsecureBasicAuth.java:100:3:100:6 | conn | semmle.label | conn |
| UnsecureBasicAuth.java:101:3:101:6 | conn | semmle.label | conn |
#select
| UnsecureBasicAuth.java:24:3:24:59 | addHeader(...) | Unsafe basic authentication |
| UnsecureBasicAuth.java:34:3:34:108 | setHeader(...) | Unsafe basic authentication |
| UnsecureBasicAuth.java:48:3:48:63 | setRequestProperty(...) | Unsafe basic authentication |
| UnsecureBasicAuth.java:28:3:28:59 | addHeader(...) | Insecure basic authentication |
| UnsecureBasicAuth.java:38:3:38:108 | setHeader(...) | Insecure basic authentication |
| UnsecureBasicAuth.java:54:3:54:59 | addHeader(...) | Insecure basic authentication |
| UnsecureBasicAuth.java:70:3:70:59 | addHeader(...) | Insecure basic authentication |
| UnsecureBasicAuth.java:87:3:87:59 | addHeader(...) | Insecure basic authentication |
| UnsecureBasicAuth.java:101:3:101:63 | setRequestProperty(...) | Insecure basic authentication |

55
java/ql/test/experimental/query-tests/security/CWE-522/UnsecureBasicAuth.java
View File

@@ -1,7 +1,11 @@
import org.apache.http.RequestLine;
import org.apache.http.client.methods.HttpRequestBase;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.message.BasicHttpRequest;
import org.apache.http.message.BasicRequestLine;
import java.net.URI;
import java.net.URL;
import java.net.HttpURLConnection;
import java.net.URLConnection;
@@ -9,7 +13,7 @@ import java.util.Base64;
public class UnsecureBasicAuth {
/**
* Test basic authentication with Apache HTTP POST request.
* Test basic authentication with Apache HTTP POST request using string constructor.
*/
public void testApacheHttpRequest(String username, String password) {
String host = "www.example.com";
@@ -34,6 +38,55 @@ public class UnsecureBasicAuth {
get.setHeader("Authorization", "Basic " + new String(Base64.getEncoder().encode("admin:test".getBytes())));
}
/**
* Test basic authentication with Apache HTTP POST request using URI constructor.
*/
public void testApacheHttpRequest3(String username, String password) {
String uriStr = "http://www.example.com/rest/getuser.do?uid=abcdx";
HttpRequestBase post = new HttpPost(new URI(uriStr));
post.setHeader("Accept", "application/json");
post.setHeader("Content-type", "application/json");
String authString = username + ":" + password;
byte[] authEncBytes = Base64.getEncoder().encode(authString.getBytes());
String authStringEnc = new String(authEncBytes);
post.addHeader("Authorization", "Basic " + authStringEnc);
}
/**
* Test basic authentication with Apache HTTP `BasicHttpRequest` using string constructor.
*/
public void testApacheHttpRequest4(String username, String password) {
String uriStr = "http://www.example.com/rest/getuser.do?uid=abcdx";
BasicHttpRequest post = new BasicHttpRequest("POST", uriStr);
post.setHeader("Accept", "application/json");
post.setHeader("Content-type", "application/json");
String authString = username + ":" + password;
byte[] authEncBytes = Base64.getEncoder().encode(authString.getBytes());
String authStringEnc = new String(authEncBytes);
post.addHeader("Authorization", "Basic " + authStringEnc);
}
/**
* Test basic authentication with Apache HTTP `BasicHttpRequest` using `RequestLine`.
*/
public void testApacheHttpRequest5(String username, String password) {
String uriStr = "http://www.example.com/rest/getuser.do?uid=abcdx";
RequestLine requestLine = new BasicRequestLine("POST", uriStr, null);
BasicHttpRequest post = new BasicHttpRequest(requestLine);
post.setHeader("Accept", "application/json");
post.setHeader("Content-type", "application/json");
String authString = username + ":" + password;
byte[] authEncBytes = Base64.getEncoder().encode(authString.getBytes());
String authStringEnc = new String(authEncBytes);
post.addHeader("Authorization", "Basic " + authStringEnc);
}
/**
* Test basic authentication with Java HTTP URL connection.
*/