hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-04 21:25:44 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #9002 from atorralba/atorralba/https-urls-improvs

Browse Source 
Java: Add OkHttp and Retrofit models
This commit is contained in:
Tony Torralba
2022-05-11 10:48:08 +02:00
committed by GitHub
parent 506e09ef32 2d3b15f936
commit 43b425d0e4
117 changed files with 6173 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
java/ql/lib/change-notes/2022-05-02-okhttp-retrofit-models.md Normal file
View File

@@ -0,0 +1,4 @@
---
category: minorAnalysis
---
* Added models for the libraries OkHttp and Retrofit.

2
java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll
View File

@@ -102,8 +102,10 @@ private module Frameworks {
private import semmle.code.java.frameworks.JsonJava
private import semmle.code.java.frameworks.Logging
private import semmle.code.java.frameworks.Objects
private import semmle.code.java.frameworks.OkHttp
private import semmle.code.java.frameworks.Optional
private import semmle.code.java.frameworks.Regex
private import semmle.code.java.frameworks.Retrofit
private import semmle.code.java.frameworks.Stream
private import semmle.code.java.frameworks.Strings
private import semmle.code.java.frameworks.ratpack.Ratpack

71
java/ql/lib/semmle/code/java/frameworks/OkHttp.qll Normal file
View File

@@ -0,0 +1,71 @@
/**
* Provides classes and predicates for working with the OkHttp client.
*/
import java
private import semmle.code.java.dataflow.ExternalFlow
private class OkHttpOpenUrlSinks extends SinkModelCsv {
override predicate row(string row) {
row =
[
"okhttp3;Request;true;Request;;;Argument[0];open-url",
"okhttp3;Request$Builder;true;url;;;Argument[0];open-url"
]
}
}
private class OKHttpSummaries extends SummaryModelCsv {
override predicate row(string row) {
row =
[
"okhttp3;HttpUrl;false;parse;;;Argument[0];ReturnValue;taint",
"okhttp3;HttpUrl;false;uri;;;Argument[-1];ReturnValue;taint",
"okhttp3;HttpUrl;false;url;;;Argument[-1];ReturnValue;taint",
"okhttp3;HttpUrl$Builder;false;addEncodedPathSegment;;;Argument[-1];ReturnValue;value",
"okhttp3;HttpUrl$Builder;false;addEncodedPathSegment;;;Argument[0];Argument[-1];taint",
"okhttp3;HttpUrl$Builder;false;addEncodedPathSegments;;;Argument[-1];ReturnValue;value",
"okhttp3;HttpUrl$Builder;false;addEncodedPathSegments;;;Argument[0];Argument[-1];taint",
"okhttp3;HttpUrl$Builder;false;addEncodedQueryParameter;;;Argument[-1];ReturnValue;value",
"okhttp3;HttpUrl$Builder;false;addEncodedQueryParameter;;;Argument[0];Argument[-1];taint",
"okhttp3;HttpUrl$Builder;false;addPathSegment;;;Argument[-1];ReturnValue;value",
"okhttp3;HttpUrl$Builder;false;addPathSegment;;;Argument[0];Argument[-1];taint",
"okhttp3;HttpUrl$Builder;false;addPathSegments;;;Argument[-1];ReturnValue;value",
"okhttp3;HttpUrl$Builder;false;addPathSegments;;;Argument[0];Argument[-1];taint",
"okhttp3;HttpUrl$Builder;false;addQueryParameter;;;Argument[-1];ReturnValue;value",
"okhttp3;HttpUrl$Builder;false;addQueryParameter;;;Argument[0..1];Argument[-1];taint",
"okhttp3;HttpUrl$Builder;false;build;;;Argument[-1];ReturnValue;taint",
"okhttp3;HttpUrl$Builder;false;encodedFragment;;;Argument[-1];ReturnValue;value",
"okhttp3;HttpUrl$Builder;false;encodedFragment;;;Argument[0];Argument[-1];taint",
"okhttp3;HttpUrl$Builder;false;encodedPassword;;;Argument[-1];ReturnValue;value",
"okhttp3;HttpUrl$Builder;false;encodedPath;;;Argument[-1];ReturnValue;value",
"okhttp3;HttpUrl$Builder;false;encodedPath;;;Argument[0];Argument[-1];taint",
"okhttp3;HttpUrl$Builder;false;encodedQuery;;;Argument[-1];ReturnValue;value",
"okhttp3;HttpUrl$Builder;false;encodedQuery;;;Argument[0];Argument[-1];taint",
"okhttp3;HttpUrl$Builder;false;encodedUsername;;;Argument[-1];ReturnValue;value",
"okhttp3;HttpUrl$Builder;false;fragment;;;Argument[-1];ReturnValue;value",
"okhttp3;HttpUrl$Builder;false;fragment;;;Argument[0];Argument[-1];taint",
"okhttp3;HttpUrl$Builder;false;host;;;Argument[-1];ReturnValue;value",
"okhttp3;HttpUrl$Builder;false;host;;;Argument[0];Argument[-1];taint",
"okhttp3;HttpUrl$Builder;false;password;;;Argument[-1];ReturnValue;value",
"okhttp3;HttpUrl$Builder;false;port;;;Argument[-1];ReturnValue;value",
"okhttp3;HttpUrl$Builder;false;port;;;Argument[0];Argument[-1];taint",
"okhttp3;HttpUrl$Builder;false;query;;;Argument[-1];ReturnValue;value",
"okhttp3;HttpUrl$Builder;false;query;;;Argument[0];Argument[-1];taint",
"okhttp3;HttpUrl$Builder;false;removeAllEncodedQueryParameters;;;Argument[-1];ReturnValue;value",
"okhttp3;HttpUrl$Builder;false;removeAllQueryParameters;;;Argument[-1];ReturnValue;value",
"okhttp3;HttpUrl$Builder;false;removePathSegment;;;Argument[-1];ReturnValue;value",
"okhttp3;HttpUrl$Builder;false;scheme;;;Argument[-1];ReturnValue;value",
"okhttp3;HttpUrl$Builder;false;scheme;;;Argument[0];Argument[-1];taint",
"okhttp3;HttpUrl$Builder;false;setEncodedPathSegment;;;Argument[-1];ReturnValue;value",
"okhttp3;HttpUrl$Builder;false;setEncodedPathSegment;;;Argument[0];Argument[-1];taint",
"okhttp3;HttpUrl$Builder;false;setEncodedQueryParameter;;;Argument[-1];ReturnValue;value",
"okhttp3;HttpUrl$Builder;false;setEncodedQueryParameter;;;Argument[0];Argument[-1];taint",
"okhttp3;HttpUrl$Builder;false;setPathSegment;;;Argument[-1];ReturnValue;value",
"okhttp3;HttpUrl$Builder;false;setPathSegment;;;Argument[0];Argument[-1];taint",
"okhttp3;HttpUrl$Builder;false;setQueryParameter;;;Argument[-1];ReturnValue;value",
"okhttp3;HttpUrl$Builder;false;setQueryParameter;;;Argument[0];Argument[-1];taint",
"okhttp3;HttpUrl$Builder;false;username;;;Argument[-1];ReturnValue;value",
]
}
}

12
java/ql/lib/semmle/code/java/frameworks/Retrofit.qll Normal file
View File

@@ -0,0 +1,12 @@
/**
* Provides classes and predicates for working with the Retrofit API client.
*/
import java
private import semmle.code.java.dataflow.ExternalFlow
private class RetrofitOpenUrlSinks extends SinkModelCsv {
override predicate row(string row) {
row = "retrofit2;Retrofit$Builder;true;baseUrl;;;Argument[0];open-url"
}
}