hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-26 01:05:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Address PR feedback: trim examples, remove duplicate CWE ref, autoformat

Browse Source 
Co-authored-by: geoffw0 <40627776+geoffw0@users.noreply.github.com>
This commit is contained in:
copilot-swe-agent[bot]
2025-08-14 13:15:03 +00:00
parent 49265b6e7e
commit 7b1aa2307f
5 changed files with 5 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
rust/ql/lib/codeql/rust/security/LogInjectionExtensions.qll
View File

@@ -42,4 +42,4 @@ module LogInjection {
private class ModelsAsDataSink extends Sink {
ModelsAsDataSink() { sinkNode(this, "log-injection") }
}
}
}

1
rust/ql/src/queries/security/CWE-117/LogInjection.qhelp
View File

@@ -43,6 +43,5 @@ potentially forging a legitimate admin login entry.
<references>
<li>OWASP: <a href="https://owasp.org/www-community/attacks/Log_Injection">Log Injection</a>.</li>
<li>CWE-117: <a href="https://cwe.mitre.org/data/definitions/117.html">Improper Output Neutralization for Logs</a>.</li>
</references>
</qhelp>

4
rust/ql/src/queries/security/CWE-117/LogInjection.ql
View File

@@ -37,5 +37,5 @@ import LogInjectionFlow::PathGraph
from LogInjectionFlow::PathNode sourceNode, LogInjectionFlow::PathNode sinkNode
where LogInjectionFlow::flowPath(sourceNode, sinkNode)
select sinkNode.getNode(), sourceNode, sinkNode, "Log entry depends on a $@.",
sourceNode.getNode(), "user-provided value"
select sinkNode.getNode(), sourceNode, sinkNode, "Log entry depends on a $@.", sourceNode.getNode(),
"user-provided value"

11
rust/ql/src/queries/security/CWE-117/LogInjectionBad.rs
View File

@@ -1,5 +1,5 @@
use std::env;
use log::{info, error};
use log::info;
fn main() {
env_logger::init();
@@ -10,13 +10,4 @@ fn main() {
// BAD: log message constructed with unsanitized user input
info!("User login attempt: {}", username);
// BAD: another example with error logging
if username.is_empty() {
error!("Login failed for user: {}", username);
}
// BAD: formatted string with user input
let message = format!("Processing request for user: {}", username);
info!("{}", message);
}

11
rust/ql/src/queries/security/CWE-117/LogInjectionGood.rs
View File

@@ -1,5 +1,5 @@
use std::env;
use log::{info, error};
use log::info;
fn sanitize_for_logging(input: &str) -> String {
// Remove newlines and carriage returns to prevent log injection
@@ -16,13 +16,4 @@ fn main() {
// GOOD: log message constructed with sanitized user input
let sanitized_username = sanitize_for_logging(username);
info!("User login attempt: {}", sanitized_username);
// GOOD: another example with error logging
if username.is_empty() {
error!("Login failed for user: {}", sanitized_username);
}
// GOOD: formatted string with sanitized user input
let message = format!("Processing request for user: {}", sanitized_username);
info!("{}", message);
}