hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-29 10:45:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #7548 from zbazztian/spring-taint-summaries

Browse Source 
Java: Add Spring and Apache Common Langs taint flow steps
This commit is contained in:
Anders Schack-Mulligen
2022-01-13 13:00:41 +01:00
committed by GitHub
parent 40ad88ba53 a6e4f29560
commit 69973dadb3
17 changed files with 217 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll
View File

@@ -103,6 +103,7 @@ private module Frameworks {
private import semmle.code.java.frameworks.ratpack.Ratpack
private import semmle.code.java.frameworks.ratpack.RatpackExec
private import semmle.code.java.frameworks.spring.SpringCache
private import semmle.code.java.frameworks.spring.SpringContext
private import semmle.code.java.frameworks.spring.SpringHttp
private import semmle.code.java.frameworks.spring.SpringUtil
private import semmle.code.java.frameworks.spring.SpringUi

9
java/ql/lib/semmle/code/java/frameworks/apache/Lang.qll
View File

@@ -73,6 +73,15 @@ private class ApacheArrayUtilsModel extends SummaryModelCsv {
}
}
private class ApacheStringEscapeUtilsModel extends SummaryModelCsv {
override predicate row(string row) {
row =
[
"org.apache.commons.lang3;StringEscapeUtils;false;escapeJson;;;Argument[0];ReturnValue;taint"
]
}
}
private class ApacheStringUtilsModel extends SummaryModelCsv {
override predicate row(string row) {
row =

1
java/ql/lib/semmle/code/java/frameworks/spring/Spring.qll
View File

@@ -9,6 +9,7 @@ import semmle.code.java.frameworks.spring.SpringBeanFile
import semmle.code.java.frameworks.spring.SpringBeans
import semmle.code.java.frameworks.spring.SpringBeanRefType
import semmle.code.java.frameworks.spring.SpringCache
import semmle.code.java.frameworks.spring.SpringContext
import semmle.code.java.frameworks.spring.SpringComponentScan
import semmle.code.java.frameworks.spring.SpringConstructorArg
import semmle.code.java.frameworks.spring.SpringController

18
java/ql/lib/semmle/code/java/frameworks/spring/SpringContext.qll Normal file
View File

@@ -0,0 +1,18 @@
/**
* Provides models for the `org.springframework.context` package.
*/
import java
private import semmle.code.java.dataflow.ExternalFlow
private class StringSummaryCsv extends SummaryModelCsv {
override predicate row(string row) {
row =
[
//`namespace; type; subtypes; name; signature; ext; input; output; kind`
"org.springframework.context;MessageSource;true;getMessage;(String,Object[],String,Locale);;ArrayElement of Argument[1];ReturnValue;taint",
"org.springframework.context;MessageSource;true;getMessage;(String,Object[],String,Locale);;Argument[2];ReturnValue;taint",
"org.springframework.context;MessageSource;true;getMessage;(String,Object[],Locale);;ArrayElement of Argument[1];ReturnValue;taint"
]
}
}