hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-10 09:34:00 +02:00
Code Issues Packages Projects Releases Wiki Activity

Java: use new 'SimpleTypeSanitizer', and update some non-extending subtype relationships

Browse Source
This commit is contained in:
Jami Cogswell
2024-03-05 14:36:43 -05:00
parent 2708e53c7f
commit 43b49628fc
1 changed files with 4 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
java/ql/lib/semmle/code/java/security/UrlForward.qll
View File

@@ -6,6 +6,7 @@ private import semmle.code.java.dataflow.FlowSources
private import semmle.code.java.dataflow.StringPrefixes
private import semmle.code.java.security.PathSanitizer
private import semmle.code.java.controlflow.Guards
private import semmle.code.java.security.Sanitizers
/** A URL forward sink. */
abstract class UrlForwardSink extends DataFlow::Node { }
@@ -38,13 +39,7 @@ private class ForwardPrefix extends InterestingPrefix {
/** A URL forward barrier. */
abstract class UrlForwardBarrier extends DataFlow::Node { }
private class PrimitiveBarrier extends UrlForwardBarrier {
PrimitiveBarrier() {
this.getType() instanceof PrimitiveType or
this.getType() instanceof BoxedType or
this.getType() instanceof NumberType
}
}
private class PrimitiveBarrier extends UrlForwardBarrier instanceof SimpleTypeSanitizer { }
// TODO: should this also take URL encoding/decoding into account?
// TODO: and PathSanitization in general?
@@ -87,9 +82,7 @@ private class DefaultUrlDecodeCall extends UrlDecodeCall {
// TODO: this can probably be named/designed better...
abstract class RepeatedStmt extends Stmt { }
private class DefaultRepeatedStmt extends RepeatedStmt {
DefaultRepeatedStmt() { this instanceof LoopStmt }
}
private class DefaultRepeatedStmt extends RepeatedStmt instanceof LoopStmt { }
abstract class CheckEncodingCall extends MethodCall { }
@@ -111,9 +104,7 @@ private class RepeatedUrlDecodeCall extends MethodCall {
}
}
private class CheckEncodingGuard extends Guard instanceof MethodCall {
CheckEncodingGuard() { this instanceof CheckEncodingCall }
private class CheckEncodingGuard extends Guard instanceof MethodCall, CheckEncodingCall {
Expr getCheckedExpr() { result = this.(MethodCall).getQualifier() }
}