hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-26 01:05:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #12916 from jcogs33/jcogs33/revamp-java-sink-kinds

Browse Source 
Java: revamp MaD sink kinds
This commit is contained in:
Jami
2023-06-01 12:48:30 -04:00
committed by GitHub
parent 40cf09996a 58845eca7c
commit 617107de35
162 changed files with 1962 additions and 1930 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
java/ql/src/experimental/Security/CWE/CWE-200/AndroidFileIntentSink.qll
View File

@@ -8,7 +8,7 @@ import semmle.code.java.frameworks.android.Intent
/** A sink representing methods creating a file in Android. */
class AndroidFileSink extends DataFlow::Node {
AndroidFileSink() { sinkNode(this, "create-file") }
AndroidFileSink() { sinkNode(this, "path-injection") }
}
/**

2
java/ql/src/experimental/Security/CWE/CWE-552/UnsafeUrlForward.qll
View File

@@ -89,7 +89,7 @@ class GetVirtualFileChildMethod extends Method {
/** An argument to `getResource()` or `getResourceAsStream()`. */
private class GetResourceSink extends UnsafeUrlForwardSink {
GetResourceSink() {
sinkNode(this, "open-url")
sinkNode(this, "request-forgery")
or
sinkNode(this, "get-resource")
or

4
java/ql/src/utils/modelgenerator/internal/CaptureModelsSpecific.qll
View File

@@ -250,9 +250,9 @@ string asInputArgumentSpecific(DataFlow::Node source) {
*/
bindingset[kind]
predicate isRelevantSinkKind(string kind) {
not kind = "logging" and
not kind = "log-injection" and
not kind.matches("regex-use%") and
not kind = "write-file"
not kind = "file-content-store"
}
/**