hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-01 03:35:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

improve alert message - and autoformat

Browse Source
This commit is contained in:
Erik Krogh Kristensen
2020-06-12 10:53:19 +02:00
parent 056a7e87ff
commit 3f957103ed
4 changed files with 11 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
javascript/ql/src/Security/CWE-829/UnsecureDownload.ql
View File

@@ -16,4 +16,5 @@ import DataFlow::PathGraph
from Configuration cfg, DataFlow::PathNode source, DataFlow::PathNode sink
where cfg.hasFlowPath(source, sink)
select sink.getNode(), source, sink, "Download of file from $@.", source.getNode(), "HTTP source"
select sink.getNode(), source, sink, "$@ of sensitive file from $@.",
sink.getNode().(Sink).getDownloadCall(), "Download", source.getNode(), "HTTP source"

8
javascript/ql/src/semmle/javascript/security/dataflow/UnsecureDownload.qll
View File

@@ -17,12 +17,8 @@ module UnsecureDownload {
class Configuration extends DataFlow::Configuration {
Configuration() { this = "HTTP/HTTPS" }
override predicate isSource(DataFlow::Node source) {
source instanceof Source
}
override predicate isSource(DataFlow::Node source) { source instanceof Source }
override predicate isSink(DataFlow::Node sink) {
sink instanceof Sink
}
override predicate isSink(DataFlow::Node sink) { sink instanceof Sink }
}
}

9
javascript/ql/src/semmle/javascript/security/dataflow/UnsecureDownloadCustomizations.qll
View File

@@ -59,12 +59,9 @@ module UnsecureDownload {
*/
class ClientRequestURL extends Sink {
ClientRequest request;
ClientRequestURL() {
this = request.getUrl()
}
override DataFlow::Node getDownloadCall() {
result = request
}
ClientRequestURL() { this = request.getUrl() }
override DataFlow::Node getDownloadCall() { result = request }
}
}

8
javascript/ql/test/query-tests/Security/CWE-829/UnsecureDownload.expected
View File

@@ -27,7 +27,7 @@ edges
| unsecure-download.js:36:15:36:45 | "http:/ ... fe.APK" | unsecure-download.js:36:9:36:45 | url |
| unsecure-download.js:36:15:36:45 | "http:/ ... fe.APK" | unsecure-download.js:36:9:36:45 | url |
#select
| unsecure-download.js:5:16:5:28 | installer.url | unsecure-download.js:9:27:9:138 | 'http:/ ... ll.exe' | unsecure-download.js:5:16:5:28 | installer.url | Download of file from $@. | unsecure-download.js:9:27:9:138 | 'http:/ ... ll.exe' | HTTP source |
| unsecure-download.js:30:12:30:42 | "http:/ ... fe.APK" | unsecure-download.js:30:12:30:42 | "http:/ ... fe.APK" | unsecure-download.js:30:12:30:42 | "http:/ ... fe.APK" | Download of file from $@. | unsecure-download.js:30:12:30:42 | "http:/ ... fe.APK" | HTTP source |
| unsecure-download.js:37:23:37:25 | url | unsecure-download.js:36:15:36:45 | "http:/ ... fe.APK" | unsecure-download.js:37:23:37:25 | url | Download of file from $@. | unsecure-download.js:36:15:36:45 | "http:/ ... fe.APK" | HTTP source |
| unsecure-download.js:39:26:39:28 | url | unsecure-download.js:36:15:36:45 | "http:/ ... fe.APK" | unsecure-download.js:39:26:39:28 | url | Download of file from $@. | unsecure-download.js:36:15:36:45 | "http:/ ... fe.APK" | HTTP source |
| unsecure-download.js:5:16:5:28 | installer.url | unsecure-download.js:9:27:9:138 | 'http:/ ... ll.exe' | unsecure-download.js:5:16:5:28 | installer.url | $@ of sensitive file from $@. | unsecure-download.js:5:9:5:44 | nugget( ... => { }) | Download | unsecure-download.js:9:27:9:138 | 'http:/ ... ll.exe' | HTTP source |
| unsecure-download.js:30:12:30:42 | "http:/ ... fe.APK" | unsecure-download.js:30:12:30:42 | "http:/ ... fe.APK" | unsecure-download.js:30:12:30:42 | "http:/ ... fe.APK" | $@ of sensitive file from $@. | unsecure-download.js:30:5:30:43 | nugget( ... e.APK") | Download | unsecure-download.js:30:12:30:42 | "http:/ ... fe.APK" | HTTP source |
| unsecure-download.js:37:23:37:25 | url | unsecure-download.js:36:15:36:45 | "http:/ ... fe.APK" | unsecure-download.js:37:23:37:25 | url | $@ of sensitive file from $@. | unsecure-download.js:37:5:37:42 | cp.exec ... () {}) | Download | unsecure-download.js:36:15:36:45 | "http:/ ... fe.APK" | HTTP source |
| unsecure-download.js:39:26:39:28 | url | unsecure-download.js:36:15:36:45 | "http:/ ... fe.APK" | unsecure-download.js:39:26:39:28 | url | $@ of sensitive file from $@. | unsecure-download.js:39:5:39:46 | cp.exec ... () {}) | Download | unsecure-download.js:36:15:36:45 | "http:/ ... fe.APK" | HTTP source |