hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-29 10:45:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #5844 from haby0/SpringRedirects

Browse Source 
[Java] CWE-601 Spring url redirection detect
This commit is contained in:
Chris Smowton
2021-05-18 16:37:40 +01:00
committed by GitHub
parent 1d120824ac e46de44473
commit 71f540a755
12 changed files with 637 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

107
java/ql/test/stubs/springframework-5.2.3/org/springframework/web/servlet/ModelAndView.java Normal file
View File

@@ -0,0 +1,107 @@
package org.springframework.web.servlet;
import java.util.Map;
import org.springframework.http.HttpStatus;
import org.springframework.lang.Nullable;
public class ModelAndView {
@Nullable
private Object view;
@Nullable
private HttpStatus status;
private boolean cleared = false;
public ModelAndView() {
}
public ModelAndView(String viewName) {
this.view = viewName;
}
public ModelAndView(View view) {
this.view = view;
}
public ModelAndView(String viewName, @Nullable Map<String, ?> model) { }
public ModelAndView(View view, @Nullable Map<String, ?> model) { }
public ModelAndView(String viewName, HttpStatus status) { }
public ModelAndView(@Nullable String viewName, @Nullable Map<String, ?> model, @Nullable HttpStatus status) { }
public ModelAndView(String viewName, String modelName, Object modelObject) { }
public ModelAndView(View view, String modelName, Object modelObject) { }
public void setViewName(@Nullable String viewName) {
this.view = viewName;
}
@Nullable
public String getViewName() {
return "";
}
public void setView(@Nullable View view) { }
@Nullable
public View getView() {
return null;
}
public boolean hasView() {
return true;
}
public boolean isReference() {
return true;
}
@Nullable
protected Map<String, Object> getModelInternal() {
return null;
}
public Map<String, Object> getModel() {
return null;
}
public void setStatus(@Nullable HttpStatus status) { }
@Nullable
public HttpStatus getStatus() {
return this.status;
}
public ModelAndView addObject(String attributeName, @Nullable Object attributeValue) {
return null;
}
public ModelAndView addObject(Object attributeValue) {
return null;
}
public ModelAndView addAllObjects(@Nullable Map<String, ?> modelMap) {
return null;
}
public void clear() { }
public boolean isEmpty() {
return true;
}
public boolean wasCleared() {
return true;
}
public String toString() {
return "";
}
private String formatView() {
return "";
}
}

20
java/ql/test/stubs/springframework-5.2.3/org/springframework/web/servlet/View.java Normal file
View File

@@ -0,0 +1,20 @@
package org.springframework.web.servlet;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.lang.Nullable;
public interface View {
String RESPONSE_STATUS_ATTRIBUTE = View.class.getName() + ".responseStatus";
String PATH_VARIABLES = View.class.getName() + ".pathVariables";
String SELECTED_CONTENT_TYPE = View.class.getName() + ".selectedContentType";
@Nullable
default String getContentType() {
return null;
}
void render(@Nullable Map<String, ?> var1, HttpServletRequest var2, HttpServletResponse var3) throws Exception;
}

39
java/ql/test/stubs/springframework-5.2.3/org/springframework/web/servlet/view/AbstractUrlBasedView.java Normal file
View File

@@ -0,0 +1,39 @@
package org.springframework.web.servlet.view;
import java.util.Locale;
import org.springframework.lang.Nullable;
public abstract class AbstractUrlBasedView {
@Nullable
private String url;
protected AbstractUrlBasedView() { }
protected AbstractUrlBasedView(String url) {
this.url = url;
}
public void setUrl(@Nullable String url) {
this.url = url;
}
@Nullable
public String getUrl() {
return "";
}
public void afterPropertiesSet() throws Exception { }
protected boolean isUrlRequired() {
return true;
}
public boolean checkResource(Locale locale) throws Exception {
return true;
}
public String toString() {
return "";
}
}

129
java/ql/test/stubs/springframework-5.2.3/org/springframework/web/servlet/view/RedirectView.java Normal file
View File

@@ -0,0 +1,129 @@
package org.springframework.web.servlet.view;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.lang.reflect.Array;
import java.net.URLEncoder;
import java.util.Collection;
import java.util.Collections;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.Map;
import java.util.Map.Entry;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.http.HttpStatus;
import org.springframework.lang.Nullable;
public class RedirectView extends AbstractUrlBasedView {
private static final Pattern URI_TEMPLATE_VARIABLE_PATTERN = Pattern.compile("\\{([^/]+?)\\}");
private boolean contextRelative = false;
private boolean http10Compatible = true;
private boolean exposeModelAttributes = true;
@Nullable
private String encodingScheme;
@Nullable
private HttpStatus statusCode;
private boolean expandUriTemplateVariables = true;
private boolean propagateQueryParams = false;
@Nullable
private String[] hosts;
public RedirectView() { }
public RedirectView(String url) { }
public RedirectView(String url, boolean contextRelative) { }
public RedirectView(String url, boolean contextRelative, boolean http10Compatible) { }
public RedirectView(String url, boolean contextRelative, boolean http10Compatible, boolean exposeModelAttributes) { }
public void setContextRelative(boolean contextRelative) { }
public void setHttp10Compatible(boolean http10Compatible) { }
public void setExposeModelAttributes(boolean exposeModelAttributes) { }
public void setEncodingScheme(String encodingScheme) { }
public void setStatusCode(HttpStatus statusCode) { }
public void setExpandUriTemplateVariables(boolean expandUriTemplateVariables) { }
public void setPropagateQueryParams(boolean propagateQueryParams) { }
public boolean isPropagateQueryProperties() {
return true;
}
public void setHosts(@Nullable String... hosts) { }
@Nullable
public String[] getHosts() {
return this.hosts;
}
public boolean isRedirectView() {
return true;
}
protected boolean isContextRequired() {
return false;
}
protected void renderMergedOutputModel(Map<String, Object> model, HttpServletRequest request, HttpServletResponse response) throws IOException { }
protected final String createTargetUrl(Map<String, Object> model, HttpServletRequest request) throws UnsupportedEncodingException {
return "";
}
private String getContextPath(HttpServletRequest request) {
return "";
}
protected StringBuilder replaceUriTemplateVariables(String targetUrl, Map<String, Object> model, Map<String, String> currentUriVariables, String encodingScheme) throws UnsupportedEncodingException {
return null;
}
private Map<String, String> getCurrentRequestUriVariables(HttpServletRequest request) {
return null;
}
protected void appendCurrentQueryParams(StringBuilder targetUrl, HttpServletRequest request) { }
protected void appendQueryProperties(StringBuilder targetUrl, Map<String, Object> model, String encodingScheme) throws UnsupportedEncodingException { }
protected Map<String, Object> queryProperties(Map<String, Object> model) {
return null;
}
protected boolean isEligibleProperty(String key, @Nullable Object value) {
return true;
}
protected boolean isEligibleValue(@Nullable Object value) {
return true;
}
protected String urlEncode(String input, String encodingScheme) throws UnsupportedEncodingException {
return "";
}
protected String updateTargetUrl(String targetUrl, Map<String, Object> model, HttpServletRequest request, HttpServletResponse response) {
return "";
}
protected void sendRedirect(HttpServletRequest request, HttpServletResponse response, String targetUrl, boolean http10Compatible) throws IOException { }
protected boolean isRemoteHost(String targetUrl) {
return true;
}
protected HttpStatus getHttp11StatusCode(HttpServletRequest request, HttpServletResponse response, String targetUrl) {
return this.statusCode;
}
}