Autoformat

This commit is contained in:
aegilops
2023-06-19 11:53:53 +01:00
parent 72d9d4736e
commit 8c9ccab9c9

View File

@@ -11,24 +11,29 @@
* external/cwe/cwe-078
*/
import DataFlow::PathGraph
import CommandInjectionRuntimeExec
class RemoteSource extends Source { RemoteSource() { this instanceof RemoteFlowSource } }
class RemoteSource extends Source {
RemoteSource() { this instanceof RemoteFlowSource }
}
from DataFlow::PathNode source, DataFlow::PathNode sink, ExecTaintConfiguration2 conf, MethodAccess call, DataFlow::Node sourceCmd, DataFlow::Node sinkCmd, ExecTaintConfiguration confCmd
where call.getMethod() instanceof RuntimeExecMethod
// this is a command-accepting call to exec, e.g. rt.exec(new String[]{"/bin/sh", ...})
and (
confCmd.hasFlow(sourceCmd, sinkCmd)
and sinkCmd.asExpr() = call.getArgument(0)
)
// it is tainted by untrusted user input
and (
conf.hasFlow(source.getNode(), sink.getNode())
and sink.getNode().asExpr() = call.getArgument(0)
)
select sink, source, sink, "Call to dangerous java.lang.Runtime.exec() with command '$@' with arg from untrusted input '$@'",
sourceCmd, sourceCmd.toString(),
source.getNode(), source.toString()
from
DataFlow::PathNode source, DataFlow::PathNode sink, ExecTaintConfiguration2 conf,
MethodAccess call, DataFlow::Node sourceCmd, DataFlow::Node sinkCmd,
ExecTaintConfiguration confCmd
where
call.getMethod() instanceof RuntimeExecMethod and
// this is a command-accepting call to exec, e.g. rt.exec(new String[]{"/bin/sh", ...})
(
confCmd.hasFlow(sourceCmd, sinkCmd) and
sinkCmd.asExpr() = call.getArgument(0)
) and
// it is tainted by untrusted user input
(
conf.hasFlow(source.getNode(), sink.getNode()) and
sink.getNode().asExpr() = call.getArgument(0)
)
select sink, source, sink,
"Call to dangerous java.lang.Runtime.exec() with command '$@' with arg from untrusted input '$@'",
sourceCmd, sourceCmd.toString(), source.getNode(), source.toString()