hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-22 03:36:30 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add RequestForgerySanitizer

Browse Source
This commit is contained in:
Tony Torralba
2021-06-17 14:58:27 +02:00
parent 0c71393171
commit 3ec2c1308e
3 changed files with 12 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
java/ql/src/Security/CWE/CWE-749/UnsafeAndroidAccess.ql
View File

@@ -13,6 +13,7 @@
import java
import semmle.code.java.dataflow.FlowSources
import semmle.code.java.security.RequestForgeryConfig
import semmle.code.java.security.UnsafeAndroidAccess
import DataFlow::PathGraph
@@ -25,6 +26,10 @@ class FetchUntrustedResourceConfiguration extends TaintTracking::Configuration {
override predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource }
override predicate isSink(DataFlow::Node sink) { sink instanceof UrlResourceSink }
override predicate isSanitizer(DataFlow::Node sanitizer) {
sanitizer instanceof RequestForgerySanitizer
}
}
from DataFlow::PathNode source, DataFlow::PathNode sink, FetchUntrustedResourceConfiguration conf