hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 19:26:31 +01:00
Code Issues Packages Projects Releases Wiki Activity

First draft of sinks for unsafe deserialization with Jackson

Browse Source
This commit is contained in:
Artem Smotrakov
2021-05-02 18:47:24 +02:00
parent 1d56748eed
commit 3eb2af1bc2
2 changed files with 148 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
java/ql/src/Security/CWE/CWE-502/UnsafeDeserialization.ql
View File

@@ -40,6 +40,10 @@ class UnsafeDeserializationConfig extends TaintTracking::Configuration {
ma.getArgument(0) = pred.asExpr() and
ma.getQualifier() = succ.asExpr()
)
or
createJacksonJsonParserStep(pred, succ)
or
createJacksonTreeNodeStep(pred, succ)
}
override predicate isSanitizer(DataFlow::Node node) {