hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-02 04:05:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Query to detect unsafe request dispatcher usage

Browse Source
This commit is contained in:
luchua-bc
2021-12-02 04:00:29 +00:00
parent 9f8326a3fa
commit 8bcffc2886
11 changed files with 543 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
java/ql/lib/semmle/code/java/frameworks/Servlets.qll
View File

@@ -347,3 +347,27 @@ predicate isRequestGetParamMethod(MethodAccess ma) {
ma.getMethod() instanceof ServletRequestGetParameterMapMethod or
ma.getMethod() instanceof HttpServletRequestGetQueryStringMethod
}
/** The Java EE RequestDispatcher. */
library class RequestDispatcher extends RefType {
RequestDispatcher() {
this.hasQualifiedName(["javax.servlet", "jakarta.servlet"], "RequestDispatcher") or
this.hasQualifiedName("javax.portlet", "PortletRequestDispatcher")
}
}
/** The `getRequestDispatcher` method. */
library class GetRequestDispatcherMethod extends Method {
GetRequestDispatcherMethod() {
this.getReturnType() instanceof RequestDispatcher and
this.getName() = "getRequestDispatcher"
}
}
/** The request dispatch method. */
library class RequestDispatchMethod extends Method {
RequestDispatchMethod() {
this.getDeclaringType() instanceof RequestDispatcher and
this.hasName(["forward", "include"])
}
}