hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add the domain used to the alert message

Browse Source
This commit is contained in:
Joe Farebrother
2022-11-30 11:37:08 +00:00
parent ceb253e6d1
commit 603c1c1693
2 changed files with 17 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
java/ql/lib/semmle/code/java/security/AndroidCertificatePinningQuery.qll
View File

@@ -128,12 +128,21 @@ private class UntrustedUrlConfig extends TaintTracking::Configuration {
}
/** Holds if `node` is a network communication call for which certificate pinning is not implemented. */
predicate missingPinning(DataFlow::Node node) {
predicate missingPinning(DataFlow::Node node, string domain) {
isAndroid() and
node instanceof MissingPinningSink and
(
not exists(string s | trustedDomain(s))
not exists(string s | trustedDomain(s)) and
domain = ""
or
exists(UntrustedUrlConfig conf | conf.hasFlow(_, node))
exists(UntrustedUrlConfig conf, DataFlow::Node src |
conf.hasFlow(src, node) and
domain = getDomain(src.asExpr())
)
)
}
/** Gets the domain name from the given string literal */
private string getDomain(CompileTimeConstantExpr expr) {
result = expr.getStringValue().regexpCapture("(https?://)?([^/]*)/?", 2)
}