mirror of
https://github.com/github/codeql.git
synced 2025-12-21 03:06:31 +01:00
Shared: move 'OutdatedSinkKind' to shared file and add outdated JS and C# sink kinds
This commit is contained in:
Jami Cogswell
@@ -40,6 +40,52 @@ class ValidSinkKind extends string {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
class OutdatedSinkKind extends string {
|
||||||
|
OutdatedSinkKind() {
|
||||||
|
this =
|
||||||
|
[
|
||||||
|
"sql", "url-redirect", "xpath", "ssti", "logging", "groovy", "jexl", "mvel", "xslt", "ldap",
|
||||||
|
"pending-intent-sent", "intent-start", "set-hostname-verifier", "header-splitting", "xss",
|
||||||
|
"write-file", "create-file", "read-file", "open-url", "jdbc-url", "command-line-injection",
|
||||||
|
"code", "html", "remote"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
|
||||||
|
private string replacementKind() {
|
||||||
|
this = ["sql", "xpath", "groovy", "jexl", "mvel", "xslt", "ldap", "code", "html"] and
|
||||||
|
result = this + "-injection"
|
||||||
|
or
|
||||||
|
this = "url-redirect" and result = "url-redirection"
|
||||||
|
or
|
||||||
|
this = "ssti" and result = "template-injection"
|
||||||
|
or
|
||||||
|
this = "logging" and result = "log-injection"
|
||||||
|
or
|
||||||
|
this = "pending-intent-sent" and result = "pending-intents"
|
||||||
|
or
|
||||||
|
this = "intent-start" and result = "intent-redirection"
|
||||||
|
or
|
||||||
|
this = "set-hostname-verifier" and result = "hostname-verification"
|
||||||
|
or
|
||||||
|
this = "header-splitting" and result = "response-splitting"
|
||||||
|
or
|
||||||
|
this = "xss" and result = "html-injection\" or \"js-injection"
|
||||||
|
or
|
||||||
|
this = ["write-file", "remote"] and result = "file-content-store"
|
||||||
|
or
|
||||||
|
this = ["create-file", "read-file"] and result = "path-injection"
|
||||||
|
or
|
||||||
|
this = ["open-url", "jdbc-url"] and result = "request-forgery"
|
||||||
|
or
|
||||||
|
this = "command-line-injection" and result = "command-injection"
|
||||||
|
}
|
||||||
|
|
||||||
|
string outdatedMessage() {
|
||||||
|
result =
|
||||||
|
"The kind \"" + this + "\" is outdated. Use \"" + this.replacementKind() + "\" instead."
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/** A valid models-as-data source kind. */
|
/** A valid models-as-data source kind. */
|
||||||
class ValidSourceKind extends string {
|
class ValidSourceKind extends string {
|
||||||
bindingset[this]
|
bindingset[this]
|
||||||
|
|||||||
@@ -40,6 +40,52 @@ class ValidSinkKind extends string {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
class OutdatedSinkKind extends string {
|
||||||
|
OutdatedSinkKind() {
|
||||||
|
this =
|
||||||
|
[
|
||||||
|
"sql", "url-redirect", "xpath", "ssti", "logging", "groovy", "jexl", "mvel", "xslt", "ldap",
|
||||||
|
"pending-intent-sent", "intent-start", "set-hostname-verifier", "header-splitting", "xss",
|
||||||
|
"write-file", "create-file", "read-file", "open-url", "jdbc-url", "command-line-injection",
|
||||||
|
"code", "html", "remote"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
|
||||||
|
private string replacementKind() {
|
||||||
|
this = ["sql", "xpath", "groovy", "jexl", "mvel", "xslt", "ldap", "code", "html"] and
|
||||||
|
result = this + "-injection"
|
||||||
|
or
|
||||||
|
this = "url-redirect" and result = "url-redirection"
|
||||||
|
or
|
||||||
|
this = "ssti" and result = "template-injection"
|
||||||
|
or
|
||||||
|
this = "logging" and result = "log-injection"
|
||||||
|
or
|
||||||
|
this = "pending-intent-sent" and result = "pending-intents"
|
||||||
|
or
|
||||||
|
this = "intent-start" and result = "intent-redirection"
|
||||||
|
or
|
||||||
|
this = "set-hostname-verifier" and result = "hostname-verification"
|
||||||
|
or
|
||||||
|
this = "header-splitting" and result = "response-splitting"
|
||||||
|
or
|
||||||
|
this = "xss" and result = "html-injection\" or \"js-injection"
|
||||||
|
or
|
||||||
|
this = ["write-file", "remote"] and result = "file-content-store"
|
||||||
|
or
|
||||||
|
this = ["create-file", "read-file"] and result = "path-injection"
|
||||||
|
or
|
||||||
|
this = ["open-url", "jdbc-url"] and result = "request-forgery"
|
||||||
|
or
|
||||||
|
this = "command-line-injection" and result = "command-injection"
|
||||||
|
}
|
||||||
|
|
||||||
|
string outdatedMessage() {
|
||||||
|
result =
|
||||||
|
"The kind \"" + this + "\" is outdated. Use \"" + this.replacementKind() + "\" instead."
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/** A valid models-as-data source kind. */
|
/** A valid models-as-data source kind. */
|
||||||
class ValidSourceKind extends string {
|
class ValidSourceKind extends string {
|
||||||
bindingset[this]
|
bindingset[this]
|
||||||
|
|||||||
@@ -266,50 +266,6 @@ module ModelValidation {
|
|||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
|
||||||
private class OutdatedSinkKind extends string {
|
|
||||||
OutdatedSinkKind() {
|
|
||||||
this =
|
|
||||||
[
|
|
||||||
"sql", "url-redirect", "xpath", "ssti", "logging", "groovy", "jexl", "mvel", "xslt",
|
|
||||||
"ldap", "pending-intent-sent", "intent-start", "set-hostname-verifier",
|
|
||||||
"header-splitting", "xss", "write-file", "create-file", "read-file", "open-url",
|
|
||||||
"jdbc-url"
|
|
||||||
]
|
|
||||||
}
|
|
||||||
|
|
||||||
private string replacementKind() {
|
|
||||||
this = ["sql", "xpath", "groovy", "jexl", "mvel", "xslt", "ldap"] and
|
|
||||||
result = this + "-injection"
|
|
||||||
or
|
|
||||||
this = "url-redirect" and result = "url-redirection"
|
|
||||||
or
|
|
||||||
this = "ssti" and result = "template-injection"
|
|
||||||
or
|
|
||||||
this = "logging" and result = "log-injection"
|
|
||||||
or
|
|
||||||
this = "pending-intent-sent" and result = "pending-intents"
|
|
||||||
or
|
|
||||||
this = "intent-start" and result = "intent-redirection"
|
|
||||||
or
|
|
||||||
this = "set-hostname-verifier" and result = "hostname-verification"
|
|
||||||
or
|
|
||||||
this = "header-splitting" and result = "response-splitting"
|
|
||||||
or
|
|
||||||
this = "xss" and result = "html-injection\" or \"js-injection"
|
|
||||||
or
|
|
||||||
this = "write-file" and result = "file-content-store"
|
|
||||||
or
|
|
||||||
this = ["create-file", "read-file"] and result = "path-injection"
|
|
||||||
or
|
|
||||||
this = ["open-url", "jdbc-url"] and result = "request-forgery"
|
|
||||||
}
|
|
||||||
|
|
||||||
string outdatedMessage() {
|
|
||||||
result =
|
|
||||||
"The kind \"" + this + "\" is outdated. Use \"" + this.replacementKind() + "\" instead."
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
private string getInvalidModelKind() {
|
private string getInvalidModelKind() {
|
||||||
exists(string kind | summaryModel(_, _, _, _, _, _, _, _, kind, _) |
|
exists(string kind | summaryModel(_, _, _, _, _, _, _, _, kind, _) |
|
||||||
not kind instanceof ValidSummaryKind and
|
not kind instanceof ValidSummaryKind and
|
||||||
|
|||||||
@@ -40,6 +40,52 @@ class ValidSinkKind extends string {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
class OutdatedSinkKind extends string {
|
||||||
|
OutdatedSinkKind() {
|
||||||
|
this =
|
||||||
|
[
|
||||||
|
"sql", "url-redirect", "xpath", "ssti", "logging", "groovy", "jexl", "mvel", "xslt", "ldap",
|
||||||
|
"pending-intent-sent", "intent-start", "set-hostname-verifier", "header-splitting", "xss",
|
||||||
|
"write-file", "create-file", "read-file", "open-url", "jdbc-url", "command-line-injection",
|
||||||
|
"code", "html", "remote"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
|
||||||
|
private string replacementKind() {
|
||||||
|
this = ["sql", "xpath", "groovy", "jexl", "mvel", "xslt", "ldap", "code", "html"] and
|
||||||
|
result = this + "-injection"
|
||||||
|
or
|
||||||
|
this = "url-redirect" and result = "url-redirection"
|
||||||
|
or
|
||||||
|
this = "ssti" and result = "template-injection"
|
||||||
|
or
|
||||||
|
this = "logging" and result = "log-injection"
|
||||||
|
or
|
||||||
|
this = "pending-intent-sent" and result = "pending-intents"
|
||||||
|
or
|
||||||
|
this = "intent-start" and result = "intent-redirection"
|
||||||
|
or
|
||||||
|
this = "set-hostname-verifier" and result = "hostname-verification"
|
||||||
|
or
|
||||||
|
this = "header-splitting" and result = "response-splitting"
|
||||||
|
or
|
||||||
|
this = "xss" and result = "html-injection\" or \"js-injection"
|
||||||
|
or
|
||||||
|
this = ["write-file", "remote"] and result = "file-content-store"
|
||||||
|
or
|
||||||
|
this = ["create-file", "read-file"] and result = "path-injection"
|
||||||
|
or
|
||||||
|
this = ["open-url", "jdbc-url"] and result = "request-forgery"
|
||||||
|
or
|
||||||
|
this = "command-line-injection" and result = "command-injection"
|
||||||
|
}
|
||||||
|
|
||||||
|
string outdatedMessage() {
|
||||||
|
result =
|
||||||
|
"The kind \"" + this + "\" is outdated. Use \"" + this.replacementKind() + "\" instead."
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/** A valid models-as-data source kind. */
|
/** A valid models-as-data source kind. */
|
||||||
class ValidSourceKind extends string {
|
class ValidSourceKind extends string {
|
||||||
bindingset[this]
|
bindingset[this]
|
||||||
|
|||||||
@@ -40,6 +40,52 @@ class ValidSinkKind extends string {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
class OutdatedSinkKind extends string {
|
||||||
|
OutdatedSinkKind() {
|
||||||
|
this =
|
||||||
|
[
|
||||||
|
"sql", "url-redirect", "xpath", "ssti", "logging", "groovy", "jexl", "mvel", "xslt", "ldap",
|
||||||
|
"pending-intent-sent", "intent-start", "set-hostname-verifier", "header-splitting", "xss",
|
||||||
|
"write-file", "create-file", "read-file", "open-url", "jdbc-url", "command-line-injection",
|
||||||
|
"code", "html", "remote"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
|
||||||
|
private string replacementKind() {
|
||||||
|
this = ["sql", "xpath", "groovy", "jexl", "mvel", "xslt", "ldap", "code", "html"] and
|
||||||
|
result = this + "-injection"
|
||||||
|
or
|
||||||
|
this = "url-redirect" and result = "url-redirection"
|
||||||
|
or
|
||||||
|
this = "ssti" and result = "template-injection"
|
||||||
|
or
|
||||||
|
this = "logging" and result = "log-injection"
|
||||||
|
or
|
||||||
|
this = "pending-intent-sent" and result = "pending-intents"
|
||||||
|
or
|
||||||
|
this = "intent-start" and result = "intent-redirection"
|
||||||
|
or
|
||||||
|
this = "set-hostname-verifier" and result = "hostname-verification"
|
||||||
|
or
|
||||||
|
this = "header-splitting" and result = "response-splitting"
|
||||||
|
or
|
||||||
|
this = "xss" and result = "html-injection\" or \"js-injection"
|
||||||
|
or
|
||||||
|
this = ["write-file", "remote"] and result = "file-content-store"
|
||||||
|
or
|
||||||
|
this = ["create-file", "read-file"] and result = "path-injection"
|
||||||
|
or
|
||||||
|
this = ["open-url", "jdbc-url"] and result = "request-forgery"
|
||||||
|
or
|
||||||
|
this = "command-line-injection" and result = "command-injection"
|
||||||
|
}
|
||||||
|
|
||||||
|
string outdatedMessage() {
|
||||||
|
result =
|
||||||
|
"The kind \"" + this + "\" is outdated. Use \"" + this.replacementKind() + "\" instead."
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/** A valid models-as-data source kind. */
|
/** A valid models-as-data source kind. */
|
||||||
class ValidSourceKind extends string {
|
class ValidSourceKind extends string {
|
||||||
bindingset[this]
|
bindingset[this]
|
||||||
|
|||||||
@@ -40,6 +40,52 @@ class ValidSinkKind extends string {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
class OutdatedSinkKind extends string {
|
||||||
|
OutdatedSinkKind() {
|
||||||
|
this =
|
||||||
|
[
|
||||||
|
"sql", "url-redirect", "xpath", "ssti", "logging", "groovy", "jexl", "mvel", "xslt", "ldap",
|
||||||
|
"pending-intent-sent", "intent-start", "set-hostname-verifier", "header-splitting", "xss",
|
||||||
|
"write-file", "create-file", "read-file", "open-url", "jdbc-url", "command-line-injection",
|
||||||
|
"code", "html", "remote"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
|
||||||
|
private string replacementKind() {
|
||||||
|
this = ["sql", "xpath", "groovy", "jexl", "mvel", "xslt", "ldap", "code", "html"] and
|
||||||
|
result = this + "-injection"
|
||||||
|
or
|
||||||
|
this = "url-redirect" and result = "url-redirection"
|
||||||
|
or
|
||||||
|
this = "ssti" and result = "template-injection"
|
||||||
|
or
|
||||||
|
this = "logging" and result = "log-injection"
|
||||||
|
or
|
||||||
|
this = "pending-intent-sent" and result = "pending-intents"
|
||||||
|
or
|
||||||
|
this = "intent-start" and result = "intent-redirection"
|
||||||
|
or
|
||||||
|
this = "set-hostname-verifier" and result = "hostname-verification"
|
||||||
|
or
|
||||||
|
this = "header-splitting" and result = "response-splitting"
|
||||||
|
or
|
||||||
|
this = "xss" and result = "html-injection\" or \"js-injection"
|
||||||
|
or
|
||||||
|
this = ["write-file", "remote"] and result = "file-content-store"
|
||||||
|
or
|
||||||
|
this = ["create-file", "read-file"] and result = "path-injection"
|
||||||
|
or
|
||||||
|
this = ["open-url", "jdbc-url"] and result = "request-forgery"
|
||||||
|
or
|
||||||
|
this = "command-line-injection" and result = "command-injection"
|
||||||
|
}
|
||||||
|
|
||||||
|
string outdatedMessage() {
|
||||||
|
result =
|
||||||
|
"The kind \"" + this + "\" is outdated. Use \"" + this.replacementKind() + "\" instead."
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/** A valid models-as-data source kind. */
|
/** A valid models-as-data source kind. */
|
||||||
class ValidSourceKind extends string {
|
class ValidSourceKind extends string {
|
||||||
bindingset[this]
|
bindingset[this]
|
||||||
|
|||||||
@@ -40,6 +40,52 @@ class ValidSinkKind extends string {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
class OutdatedSinkKind extends string {
|
||||||
|
OutdatedSinkKind() {
|
||||||
|
this =
|
||||||
|
[
|
||||||
|
"sql", "url-redirect", "xpath", "ssti", "logging", "groovy", "jexl", "mvel", "xslt", "ldap",
|
||||||
|
"pending-intent-sent", "intent-start", "set-hostname-verifier", "header-splitting", "xss",
|
||||||
|
"write-file", "create-file", "read-file", "open-url", "jdbc-url", "command-line-injection",
|
||||||
|
"code", "html", "remote"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
|
||||||
|
private string replacementKind() {
|
||||||
|
this = ["sql", "xpath", "groovy", "jexl", "mvel", "xslt", "ldap", "code", "html"] and
|
||||||
|
result = this + "-injection"
|
||||||
|
or
|
||||||
|
this = "url-redirect" and result = "url-redirection"
|
||||||
|
or
|
||||||
|
this = "ssti" and result = "template-injection"
|
||||||
|
or
|
||||||
|
this = "logging" and result = "log-injection"
|
||||||
|
or
|
||||||
|
this = "pending-intent-sent" and result = "pending-intents"
|
||||||
|
or
|
||||||
|
this = "intent-start" and result = "intent-redirection"
|
||||||
|
or
|
||||||
|
this = "set-hostname-verifier" and result = "hostname-verification"
|
||||||
|
or
|
||||||
|
this = "header-splitting" and result = "response-splitting"
|
||||||
|
or
|
||||||
|
this = "xss" and result = "html-injection\" or \"js-injection"
|
||||||
|
or
|
||||||
|
this = ["write-file", "remote"] and result = "file-content-store"
|
||||||
|
or
|
||||||
|
this = ["create-file", "read-file"] and result = "path-injection"
|
||||||
|
or
|
||||||
|
this = ["open-url", "jdbc-url"] and result = "request-forgery"
|
||||||
|
or
|
||||||
|
this = "command-line-injection" and result = "command-injection"
|
||||||
|
}
|
||||||
|
|
||||||
|
string outdatedMessage() {
|
||||||
|
result =
|
||||||
|
"The kind \"" + this + "\" is outdated. Use \"" + this.replacementKind() + "\" instead."
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/** A valid models-as-data source kind. */
|
/** A valid models-as-data source kind. */
|
||||||
class ValidSourceKind extends string {
|
class ValidSourceKind extends string {
|
||||||
bindingset[this]
|
bindingset[this]
|
||||||
|
|||||||
@@ -40,6 +40,52 @@ class ValidSinkKind extends string {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
class OutdatedSinkKind extends string {
|
||||||
|
OutdatedSinkKind() {
|
||||||
|
this =
|
||||||
|
[
|
||||||
|
"sql", "url-redirect", "xpath", "ssti", "logging", "groovy", "jexl", "mvel", "xslt", "ldap",
|
||||||
|
"pending-intent-sent", "intent-start", "set-hostname-verifier", "header-splitting", "xss",
|
||||||
|
"write-file", "create-file", "read-file", "open-url", "jdbc-url", "command-line-injection",
|
||||||
|
"code", "html", "remote"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
|
||||||
|
private string replacementKind() {
|
||||||
|
this = ["sql", "xpath", "groovy", "jexl", "mvel", "xslt", "ldap", "code", "html"] and
|
||||||
|
result = this + "-injection"
|
||||||
|
or
|
||||||
|
this = "url-redirect" and result = "url-redirection"
|
||||||
|
or
|
||||||
|
this = "ssti" and result = "template-injection"
|
||||||
|
or
|
||||||
|
this = "logging" and result = "log-injection"
|
||||||
|
or
|
||||||
|
this = "pending-intent-sent" and result = "pending-intents"
|
||||||
|
or
|
||||||
|
this = "intent-start" and result = "intent-redirection"
|
||||||
|
or
|
||||||
|
this = "set-hostname-verifier" and result = "hostname-verification"
|
||||||
|
or
|
||||||
|
this = "header-splitting" and result = "response-splitting"
|
||||||
|
or
|
||||||
|
this = "xss" and result = "html-injection\" or \"js-injection"
|
||||||
|
or
|
||||||
|
this = ["write-file", "remote"] and result = "file-content-store"
|
||||||
|
or
|
||||||
|
this = ["create-file", "read-file"] and result = "path-injection"
|
||||||
|
or
|
||||||
|
this = ["open-url", "jdbc-url"] and result = "request-forgery"
|
||||||
|
or
|
||||||
|
this = "command-line-injection" and result = "command-injection"
|
||||||
|
}
|
||||||
|
|
||||||
|
string outdatedMessage() {
|
||||||
|
result =
|
||||||
|
"The kind \"" + this + "\" is outdated. Use \"" + this.replacementKind() + "\" instead."
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/** A valid models-as-data source kind. */
|
/** A valid models-as-data source kind. */
|
||||||
class ValidSourceKind extends string {
|
class ValidSourceKind extends string {
|
||||||
bindingset[this]
|
bindingset[this]
|
||||||
|
|||||||
Reference in New Issue
Block a user