hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-01 11:45:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Java: add 'sink' kind

Browse Source
This commit is contained in:
Jami Cogswell
2023-05-11 17:47:31 -04:00
parent 65dd7eb8e7
commit 60b07083c3
4 changed files with 14 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
java/ql/lib/ext/java.nio.file.spi.model.yml
View File

@@ -3,5 +3,6 @@ extensions:
pack: codeql/java-all
extensible: neutralModel
data:
- ["java.nio.file.spi", "FileSystemProvider" "isHidden", "", "manual"]
- ["java.nio.file.spi", "FileSystemProvider" "isSameFile", "", "manual"]
# sink neutrals
- ["java.nio.file.spi", "FileSystemProvider" "isHidden", "", "sink", "manual"]
- ["java.nio.file.spi", "FileSystemProvider" "isSameFile", "", "sink", "manual"]

10
java/ql/lib/ext/java.text.model.yml
View File

@@ -3,12 +3,14 @@ extensions:
pack: codeql/java-all
extensible: neutralModel
data:
- ["java.text", "Collator" "compare", "", "manual"]
- ["java.text", "Collator" "equals", "", "manual"]
- ["java.text", "RuleBasedCollator", "compare", "", "manual"]
# summary neutrals
# The below APIs have numeric flow and are currently being stored as neutral models.
# These may be changed to summary models with kinds "value-numeric" and "taint-numeric" (or similar) in the future.
- ["java.text", "DateFormat", "format", "(Date)", "summary", "manual"] # taint-numeric
- ["java.text", "DateFormat", "parse", "(String)", "summary", "manual"] # taint-numeric
- ["java.text", "SimpleDateFormat", "SimpleDateFormat", "(String)", "summary", "manual"] # taint-numeric
# sink neutrals
- ["java.text", "Collator" "compare", "", "sink", "manual"]
- ["java.text", "Collator" "equals", "", "sink", "manual"]
- ["java.text", "RuleBasedCollator", "compare", "", "sink", "manual"]

5
java/ql/lib/ext/java.util.prefs.model.yml
View File

@@ -3,5 +3,6 @@ extensions:
pack: codeql/java-all
extensible: neutralModel
data:
- ["java.util.prefs", "AbstractPreferences", "nodeExists", "", "manual"]
- ["java.util.prefs", "Preferences", "nodeExists", "", "manual"]
# sink neutrals
- ["java.util.prefs", "AbstractPreferences", "nodeExists", "", "sink", "manual"]
- ["java.util.prefs", "Preferences", "nodeExists", "", "sink", "manual"]

3
java/ql/lib/ext/org.apache.hc.client5.http.protocol.model.yml
View File

@@ -3,4 +3,5 @@ extensions:
pack: codeql/java-all
extensible: neutralModel
data:
- ["org.apache.hc.client5.http.protocol", "RedirectLocations", "contains", "", "manual"]
# sink neutrals
- ["org.apache.hc.client5.http.protocol", "RedirectLocations", "contains", "", "sink", "manual"]