hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 11:15:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add createParser as taint preserving callable

Browse Source
This commit is contained in:
Tony Torralba
2021-05-19 11:20:54 +02:00
parent e58746508d
commit 43d4575359
1 changed files with 21 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
java/ql/src/semmle/code/java/frameworks/jackson/JacksonSerializability.qll
View File

@@ -51,6 +51,10 @@ private class JacksonWriteValueMethod extends Method, TaintPreservingCallable {
}
}
/**
* A method used for deserializing objects using Jackson. The first parameter is the object to be
* deserialized.
*/
private class JacksonReadValueMethod extends Method, TaintPreservingCallable {
JacksonReadValueMethod() {
(
@@ -63,6 +67,23 @@ private class JacksonReadValueMethod extends Method, TaintPreservingCallable {
override predicate returnsTaintFrom(int arg) { arg = 0 }
}
/**
* A method used for creating a `JsonParser` object using Jackson. The first parameter is the object to
* create the `JsonParser` from.
*/
private class JacksonCreateParserMethod extends Method, TaintPreservingCallable {
JacksonCreateParserMethod() {
(
getDeclaringType().hasQualifiedName("com.fasterxml.jackson.core", "JsonFactory") or
getDeclaringType().hasQualifiedName("com.fasterxml.jackson.databind", "ObjectMapper") or
getDeclaringType().hasQualifiedName("com.fasterxml.jackson.databind", "ObjectReader")
) and
hasName("createParser")
}
override predicate returnsTaintFrom(int arg) { arg = 0 }
}
/** A type whose values are explicitly serialized in a call to a Jackson method. */
private class ExplicitlyWrittenJacksonSerializableType extends JacksonSerializableType {
ExplicitlyWrittenJacksonSerializableType() {