|
|
|
|
@@ -317,7 +317,8 @@ abstract class OtherModeledArgumentCharacteristic extends EndpointCharacteristic
|
|
|
|
|
* A characteristic that is an indicator of not being a sink of any type, because it's an argument to a function of a
|
|
|
|
|
* builtin object.
|
|
|
|
|
*/
|
|
|
|
|
abstract private class ArgumentToBuiltinFunctionCharacteristic extends OtherModeledArgumentCharacteristic {
|
|
|
|
|
abstract private class ArgumentToBuiltinFunctionCharacteristic extends OtherModeledArgumentCharacteristic
|
|
|
|
|
{
|
|
|
|
|
bindingset[this]
|
|
|
|
|
ArgumentToBuiltinFunctionCharacteristic() { any() }
|
|
|
|
|
}
|
|
|
|
|
@@ -358,7 +359,8 @@ abstract class LikelyNotASinkCharacteristic extends EndpointCharacteristic {
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private class LodashUnderscoreCharacteristic extends NotASinkCharacteristic,
|
|
|
|
|
OtherModeledArgumentCharacteristic {
|
|
|
|
|
OtherModeledArgumentCharacteristic
|
|
|
|
|
{
|
|
|
|
|
LodashUnderscoreCharacteristic() { this = "LodashUnderscoreArgument" }
|
|
|
|
|
|
|
|
|
|
override predicate appliesToEndpoint(DataFlow::Node n) {
|
|
|
|
|
@@ -367,7 +369,8 @@ private class LodashUnderscoreCharacteristic extends NotASinkCharacteristic,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private class JQueryArgumentCharacteristic extends NotASinkCharacteristic,
|
|
|
|
|
OtherModeledArgumentCharacteristic {
|
|
|
|
|
OtherModeledArgumentCharacteristic
|
|
|
|
|
{
|
|
|
|
|
JQueryArgumentCharacteristic() { this = "JQueryArgument" }
|
|
|
|
|
|
|
|
|
|
override predicate appliesToEndpoint(DataFlow::Node n) {
|
|
|
|
|
@@ -376,7 +379,8 @@ private class JQueryArgumentCharacteristic extends NotASinkCharacteristic,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private class ClientRequestCharacteristic extends NotASinkCharacteristic,
|
|
|
|
|
OtherModeledArgumentCharacteristic {
|
|
|
|
|
OtherModeledArgumentCharacteristic
|
|
|
|
|
{
|
|
|
|
|
ClientRequestCharacteristic() { this = "ClientRequest" }
|
|
|
|
|
|
|
|
|
|
override predicate appliesToEndpoint(DataFlow::Node n) {
|
|
|
|
|
@@ -387,7 +391,8 @@ private class ClientRequestCharacteristic extends NotASinkCharacteristic,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private class PromiseDefinitionCharacteristic extends NotASinkCharacteristic,
|
|
|
|
|
OtherModeledArgumentCharacteristic {
|
|
|
|
|
OtherModeledArgumentCharacteristic
|
|
|
|
|
{
|
|
|
|
|
PromiseDefinitionCharacteristic() { this = "PromiseDefinition" }
|
|
|
|
|
|
|
|
|
|
override predicate appliesToEndpoint(DataFlow::Node n) {
|
|
|
|
|
@@ -398,14 +403,16 @@ private class PromiseDefinitionCharacteristic extends NotASinkCharacteristic,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private class CryptographicKeyCharacteristic extends NotASinkCharacteristic,
|
|
|
|
|
OtherModeledArgumentCharacteristic {
|
|
|
|
|
OtherModeledArgumentCharacteristic
|
|
|
|
|
{
|
|
|
|
|
CryptographicKeyCharacteristic() { this = "CryptographicKey" }
|
|
|
|
|
|
|
|
|
|
override predicate appliesToEndpoint(DataFlow::Node n) { n instanceof CryptographicKey }
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private class CryptographicOperationFlowCharacteristic extends NotASinkCharacteristic,
|
|
|
|
|
OtherModeledArgumentCharacteristic {
|
|
|
|
|
OtherModeledArgumentCharacteristic
|
|
|
|
|
{
|
|
|
|
|
CryptographicOperationFlowCharacteristic() { this = "CryptographicOperationFlow" }
|
|
|
|
|
|
|
|
|
|
override predicate appliesToEndpoint(DataFlow::Node n) {
|
|
|
|
|
@@ -414,7 +421,8 @@ private class CryptographicOperationFlowCharacteristic extends NotASinkCharacter
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private class LoggerMethodCharacteristic extends NotASinkCharacteristic,
|
|
|
|
|
OtherModeledArgumentCharacteristic {
|
|
|
|
|
OtherModeledArgumentCharacteristic
|
|
|
|
|
{
|
|
|
|
|
LoggerMethodCharacteristic() { this = "LoggerMethod" }
|
|
|
|
|
|
|
|
|
|
override predicate appliesToEndpoint(DataFlow::Node n) {
|
|
|
|
|
@@ -425,7 +433,8 @@ private class LoggerMethodCharacteristic extends NotASinkCharacteristic,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private class TimeoutCharacteristic extends NotASinkCharacteristic,
|
|
|
|
|
OtherModeledArgumentCharacteristic {
|
|
|
|
|
OtherModeledArgumentCharacteristic
|
|
|
|
|
{
|
|
|
|
|
TimeoutCharacteristic() { this = "Timeout" }
|
|
|
|
|
|
|
|
|
|
override predicate appliesToEndpoint(DataFlow::Node n) {
|
|
|
|
|
@@ -436,7 +445,8 @@ private class TimeoutCharacteristic extends NotASinkCharacteristic,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private class ReceiverStorageCharacteristic extends NotASinkCharacteristic,
|
|
|
|
|
OtherModeledArgumentCharacteristic {
|
|
|
|
|
OtherModeledArgumentCharacteristic
|
|
|
|
|
{
|
|
|
|
|
ReceiverStorageCharacteristic() { this = "ReceiverStorage" }
|
|
|
|
|
|
|
|
|
|
override predicate appliesToEndpoint(DataFlow::Node n) {
|
|
|
|
|
@@ -447,7 +457,8 @@ private class ReceiverStorageCharacteristic extends NotASinkCharacteristic,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private class StringStartsWithCharacteristic extends NotASinkCharacteristic,
|
|
|
|
|
OtherModeledArgumentCharacteristic {
|
|
|
|
|
OtherModeledArgumentCharacteristic
|
|
|
|
|
{
|
|
|
|
|
StringStartsWithCharacteristic() { this = "StringStartsWith" }
|
|
|
|
|
|
|
|
|
|
override predicate appliesToEndpoint(DataFlow::Node n) {
|
|
|
|
|
@@ -458,7 +469,8 @@ private class StringStartsWithCharacteristic extends NotASinkCharacteristic,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private class StringEndsWithCharacteristic extends NotASinkCharacteristic,
|
|
|
|
|
OtherModeledArgumentCharacteristic {
|
|
|
|
|
OtherModeledArgumentCharacteristic
|
|
|
|
|
{
|
|
|
|
|
StringEndsWithCharacteristic() { this = "StringEndsWith" }
|
|
|
|
|
|
|
|
|
|
override predicate appliesToEndpoint(DataFlow::Node n) {
|
|
|
|
|
@@ -467,7 +479,8 @@ private class StringEndsWithCharacteristic extends NotASinkCharacteristic,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private class StringRegExpTestCharacteristic extends NotASinkCharacteristic,
|
|
|
|
|
OtherModeledArgumentCharacteristic {
|
|
|
|
|
OtherModeledArgumentCharacteristic
|
|
|
|
|
{
|
|
|
|
|
StringRegExpTestCharacteristic() { this = "StringRegExpTest" }
|
|
|
|
|
|
|
|
|
|
override predicate appliesToEndpoint(DataFlow::Node n) {
|
|
|
|
|
@@ -478,7 +491,8 @@ private class StringRegExpTestCharacteristic extends NotASinkCharacteristic,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private class EventRegistrationCharacteristic extends NotASinkCharacteristic,
|
|
|
|
|
OtherModeledArgumentCharacteristic {
|
|
|
|
|
OtherModeledArgumentCharacteristic
|
|
|
|
|
{
|
|
|
|
|
EventRegistrationCharacteristic() { this = "EventRegistration" }
|
|
|
|
|
|
|
|
|
|
override predicate appliesToEndpoint(DataFlow::Node n) {
|
|
|
|
|
@@ -487,7 +501,8 @@ private class EventRegistrationCharacteristic extends NotASinkCharacteristic,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private class EventDispatchCharacteristic extends NotASinkCharacteristic,
|
|
|
|
|
OtherModeledArgumentCharacteristic {
|
|
|
|
|
OtherModeledArgumentCharacteristic
|
|
|
|
|
{
|
|
|
|
|
EventDispatchCharacteristic() { this = "EventDispatch" }
|
|
|
|
|
|
|
|
|
|
override predicate appliesToEndpoint(DataFlow::Node n) {
|
|
|
|
|
@@ -496,7 +511,8 @@ private class EventDispatchCharacteristic extends NotASinkCharacteristic,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private class MembershipCandidateTestCharacteristic extends NotASinkCharacteristic,
|
|
|
|
|
OtherModeledArgumentCharacteristic {
|
|
|
|
|
OtherModeledArgumentCharacteristic
|
|
|
|
|
{
|
|
|
|
|
MembershipCandidateTestCharacteristic() { this = "MembershipCandidateTest" }
|
|
|
|
|
|
|
|
|
|
override predicate appliesToEndpoint(DataFlow::Node n) {
|
|
|
|
|
@@ -507,7 +523,8 @@ private class MembershipCandidateTestCharacteristic extends NotASinkCharacterist
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private class FileSystemAccessCharacteristic extends NotASinkCharacteristic,
|
|
|
|
|
OtherModeledArgumentCharacteristic {
|
|
|
|
|
OtherModeledArgumentCharacteristic
|
|
|
|
|
{
|
|
|
|
|
FileSystemAccessCharacteristic() { this = "FileSystemAccess" }
|
|
|
|
|
|
|
|
|
|
override predicate appliesToEndpoint(DataFlow::Node n) {
|
|
|
|
|
@@ -516,7 +533,8 @@ private class FileSystemAccessCharacteristic extends NotASinkCharacteristic,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private class DatabaseAccessCharacteristic extends NotASinkCharacteristic,
|
|
|
|
|
OtherModeledArgumentCharacteristic {
|
|
|
|
|
OtherModeledArgumentCharacteristic
|
|
|
|
|
{
|
|
|
|
|
DatabaseAccessCharacteristic() { this = "DatabaseAccess" }
|
|
|
|
|
|
|
|
|
|
override predicate appliesToEndpoint(DataFlow::Node n) {
|
|
|
|
|
@@ -540,7 +558,8 @@ private class DomCharacteristic extends NotASinkCharacteristic, OtherModeledArgu
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private class NextFunctionCallCharacteristic extends NotASinkCharacteristic,
|
|
|
|
|
OtherModeledArgumentCharacteristic {
|
|
|
|
|
OtherModeledArgumentCharacteristic
|
|
|
|
|
{
|
|
|
|
|
NextFunctionCallCharacteristic() { this = "NextFunctionCall" }
|
|
|
|
|
|
|
|
|
|
override predicate appliesToEndpoint(DataFlow::Node n) {
|
|
|
|
|
@@ -552,7 +571,8 @@ private class NextFunctionCallCharacteristic extends NotASinkCharacteristic,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private class DojoRequireCharacteristic extends NotASinkCharacteristic,
|
|
|
|
|
OtherModeledArgumentCharacteristic {
|
|
|
|
|
OtherModeledArgumentCharacteristic
|
|
|
|
|
{
|
|
|
|
|
DojoRequireCharacteristic() { this = "DojoRequire" }
|
|
|
|
|
|
|
|
|
|
override predicate appliesToEndpoint(DataFlow::Node n) {
|
|
|
|
|
@@ -563,7 +583,8 @@ private class DojoRequireCharacteristic extends NotASinkCharacteristic,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private class Base64ManipulationCharacteristic extends NotASinkCharacteristic,
|
|
|
|
|
OtherModeledArgumentCharacteristic {
|
|
|
|
|
OtherModeledArgumentCharacteristic
|
|
|
|
|
{
|
|
|
|
|
Base64ManipulationCharacteristic() { this = "Base64Manipulation" }
|
|
|
|
|
|
|
|
|
|
override predicate appliesToEndpoint(DataFlow::Node n) {
|
|
|
|
|
@@ -573,7 +594,8 @@ private class Base64ManipulationCharacteristic extends NotASinkCharacteristic,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private class ArgumentToArrayCharacteristic extends ArgumentToBuiltinFunctionCharacteristic,
|
|
|
|
|
LikelyNotASinkCharacteristic {
|
|
|
|
|
LikelyNotASinkCharacteristic
|
|
|
|
|
{
|
|
|
|
|
ArgumentToArrayCharacteristic() { this = "ArgumentToArray" }
|
|
|
|
|
|
|
|
|
|
override predicate appliesToEndpoint(DataFlow::Node n) {
|
|
|
|
|
@@ -588,7 +610,8 @@ private class ArgumentToArrayCharacteristic extends ArgumentToBuiltinFunctionCha
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private class ArgumentToBuiltinGlobalVarRefCharacteristic extends ArgumentToBuiltinFunctionCharacteristic,
|
|
|
|
|
LikelyNotASinkCharacteristic {
|
|
|
|
|
LikelyNotASinkCharacteristic
|
|
|
|
|
{
|
|
|
|
|
ArgumentToBuiltinGlobalVarRefCharacteristic() { this = "ArgumentToBuiltinGlobalVarRef" }
|
|
|
|
|
|
|
|
|
|
override predicate appliesToEndpoint(DataFlow::Node n) {
|
|
|
|
|
@@ -607,7 +630,8 @@ private class ArgumentToBuiltinGlobalVarRefCharacteristic extends ArgumentToBuil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private class ConstantReceiverCharacteristic extends ArgumentToBuiltinFunctionCharacteristic,
|
|
|
|
|
NotASinkCharacteristic {
|
|
|
|
|
NotASinkCharacteristic
|
|
|
|
|
{
|
|
|
|
|
ConstantReceiverCharacteristic() { this = "ConstantReceiver" }
|
|
|
|
|
|
|
|
|
|
override predicate appliesToEndpoint(DataFlow::Node n) {
|
|
|
|
|
@@ -623,7 +647,8 @@ private class ConstantReceiverCharacteristic extends ArgumentToBuiltinFunctionCh
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private class BuiltinCallNameCharacteristic extends ArgumentToBuiltinFunctionCharacteristic,
|
|
|
|
|
NotASinkCharacteristic {
|
|
|
|
|
NotASinkCharacteristic
|
|
|
|
|
{
|
|
|
|
|
BuiltinCallNameCharacteristic() { this = "BuiltinCallName" }
|
|
|
|
|
|
|
|
|
|
override predicate appliesToEndpoint(DataFlow::Node n) {
|
|
|
|
|
@@ -684,7 +709,8 @@ class IsArgumentToModeledFunctionCharacteristic extends StandardEndpointFilterCh
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private class IsArgumentToSinklessLibraryCharacteristic extends StandardEndpointFilterCharacteristic {
|
|
|
|
|
private class IsArgumentToSinklessLibraryCharacteristic extends StandardEndpointFilterCharacteristic
|
|
|
|
|
{
|
|
|
|
|
IsArgumentToSinklessLibraryCharacteristic() { this = "argument to sinkless library" }
|
|
|
|
|
|
|
|
|
|
override predicate appliesToEndpoint(DataFlow::Node n) {
|
|
|
|
|
@@ -750,7 +776,8 @@ private class InIrrelevantFileCharacteristic extends StandardEndpointFilterChara
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/** An EndpointFilterCharacteristic that indicates that an endpoint is unlikely to be a NoSQL injection sink. */
|
|
|
|
|
abstract private class NosqlInjectionSinkEndpointFilterCharacteristic extends EndpointFilterCharacteristic {
|
|
|
|
|
abstract private class NosqlInjectionSinkEndpointFilterCharacteristic extends EndpointFilterCharacteristic
|
|
|
|
|
{
|
|
|
|
|
bindingset[this]
|
|
|
|
|
NosqlInjectionSinkEndpointFilterCharacteristic() { any() }
|
|
|
|
|
|
|
|
|
|
@@ -763,7 +790,8 @@ abstract private class NosqlInjectionSinkEndpointFilterCharacteristic extends En
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private class DatabaseAccessCallHeuristicCharacteristic extends NosqlInjectionSinkEndpointFilterCharacteristic {
|
|
|
|
|
private class DatabaseAccessCallHeuristicCharacteristic extends NosqlInjectionSinkEndpointFilterCharacteristic
|
|
|
|
|
{
|
|
|
|
|
DatabaseAccessCallHeuristicCharacteristic() { this = "matches database access call heuristic" }
|
|
|
|
|
|
|
|
|
|
override predicate appliesToEndpoint(DataFlow::Node n) {
|
|
|
|
|
@@ -794,7 +822,8 @@ private class ModeledSinkCharacteristic extends NosqlInjectionSinkEndpointFilter
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private class PredecessorInModeledFlowStepCharacteristic extends NosqlInjectionSinkEndpointFilterCharacteristic {
|
|
|
|
|
private class PredecessorInModeledFlowStepCharacteristic extends NosqlInjectionSinkEndpointFilterCharacteristic
|
|
|
|
|
{
|
|
|
|
|
PredecessorInModeledFlowStepCharacteristic() { this = "predecessor in a modeled flow step" }
|
|
|
|
|
|
|
|
|
|
override predicate appliesToEndpoint(DataFlow::Node n) {
|
|
|
|
|
@@ -805,7 +834,8 @@ private class PredecessorInModeledFlowStepCharacteristic extends NosqlInjectionS
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private class ModeledDatabaseAccessCharacteristic extends NosqlInjectionSinkEndpointFilterCharacteristic {
|
|
|
|
|
private class ModeledDatabaseAccessCharacteristic extends NosqlInjectionSinkEndpointFilterCharacteristic
|
|
|
|
|
{
|
|
|
|
|
ModeledDatabaseAccessCharacteristic() { this = "modeled database access" }
|
|
|
|
|
|
|
|
|
|
override predicate appliesToEndpoint(DataFlow::Node n) {
|
|
|
|
|
@@ -818,7 +848,8 @@ private class ModeledDatabaseAccessCharacteristic extends NosqlInjectionSinkEndp
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private class ReceiverIsHttpRequestExpressionCharacteristic extends NosqlInjectionSinkEndpointFilterCharacteristic {
|
|
|
|
|
private class ReceiverIsHttpRequestExpressionCharacteristic extends NosqlInjectionSinkEndpointFilterCharacteristic
|
|
|
|
|
{
|
|
|
|
|
ReceiverIsHttpRequestExpressionCharacteristic() { this = "receiver is a HTTP request expression" }
|
|
|
|
|
|
|
|
|
|
override predicate appliesToEndpoint(DataFlow::Node n) {
|
|
|
|
|
@@ -829,7 +860,8 @@ private class ReceiverIsHttpRequestExpressionCharacteristic extends NosqlInjecti
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private class ReceiverIsHttpResponseExpressionCharacteristic extends NosqlInjectionSinkEndpointFilterCharacteristic {
|
|
|
|
|
private class ReceiverIsHttpResponseExpressionCharacteristic extends NosqlInjectionSinkEndpointFilterCharacteristic
|
|
|
|
|
{
|
|
|
|
|
ReceiverIsHttpResponseExpressionCharacteristic() {
|
|
|
|
|
this = "receiver is a HTTP response expression"
|
|
|
|
|
}
|
|
|
|
|
@@ -842,7 +874,8 @@ private class ReceiverIsHttpResponseExpressionCharacteristic extends NosqlInject
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private class NotDirectArgumentToLikelyExternalLibraryCallOrHeuristicSinkNosqlCharacteristic extends NosqlInjectionSinkEndpointFilterCharacteristic {
|
|
|
|
|
private class NotDirectArgumentToLikelyExternalLibraryCallOrHeuristicSinkNosqlCharacteristic extends NosqlInjectionSinkEndpointFilterCharacteristic
|
|
|
|
|
{
|
|
|
|
|
NotDirectArgumentToLikelyExternalLibraryCallOrHeuristicSinkNosqlCharacteristic() {
|
|
|
|
|
this = "not a direct argument to a likely external library call or a heuristic sink (nosql)"
|
|
|
|
|
}
|
|
|
|
|
@@ -885,7 +918,8 @@ private class NotDirectArgumentToLikelyExternalLibraryCallOrHeuristicSinkNosqlCh
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/** An EndpointFilterCharacteristic that indicates that an endpoint is unlikely to be a SQL injection sink. */
|
|
|
|
|
abstract private class SqlInjectionSinkEndpointFilterCharacteristic extends EndpointFilterCharacteristic {
|
|
|
|
|
abstract private class SqlInjectionSinkEndpointFilterCharacteristic extends EndpointFilterCharacteristic
|
|
|
|
|
{
|
|
|
|
|
bindingset[this]
|
|
|
|
|
SqlInjectionSinkEndpointFilterCharacteristic() { any() }
|
|
|
|
|
|
|
|
|
|
@@ -898,7 +932,8 @@ abstract private class SqlInjectionSinkEndpointFilterCharacteristic extends Endp
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private class PreparedSqlStatementCharacteristic extends SqlInjectionSinkEndpointFilterCharacteristic {
|
|
|
|
|
private class PreparedSqlStatementCharacteristic extends SqlInjectionSinkEndpointFilterCharacteristic
|
|
|
|
|
{
|
|
|
|
|
PreparedSqlStatementCharacteristic() { this = "prepared SQL statement" }
|
|
|
|
|
|
|
|
|
|
override predicate appliesToEndpoint(DataFlow::Node n) {
|
|
|
|
|
@@ -932,7 +967,8 @@ private class HtmlOrRenderingCharacteristic extends SqlInjectionSinkEndpointFilt
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private class NotAnArgumentToLikelyExternalLibraryCallOrHeuristicSinkCharacteristic extends SqlInjectionSinkEndpointFilterCharacteristic {
|
|
|
|
|
private class NotAnArgumentToLikelyExternalLibraryCallOrHeuristicSinkCharacteristic extends SqlInjectionSinkEndpointFilterCharacteristic
|
|
|
|
|
{
|
|
|
|
|
NotAnArgumentToLikelyExternalLibraryCallOrHeuristicSinkCharacteristic() {
|
|
|
|
|
this = "not an argument to a likely external library call or a heuristic sink"
|
|
|
|
|
}
|
|
|
|
|
@@ -956,7 +992,8 @@ private class NotAnArgumentToLikelyExternalLibraryCallOrHeuristicSinkCharacteris
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/** An EndpointFilterCharacteristic that indicates that an endpoint is unlikely to be a tainted path injection sink. */
|
|
|
|
|
abstract private class TaintedPathSinkEndpointFilterCharacteristic extends EndpointFilterCharacteristic {
|
|
|
|
|
abstract private class TaintedPathSinkEndpointFilterCharacteristic extends EndpointFilterCharacteristic
|
|
|
|
|
{
|
|
|
|
|
bindingset[this]
|
|
|
|
|
TaintedPathSinkEndpointFilterCharacteristic() { any() }
|
|
|
|
|
|
|
|
|
|
@@ -969,7 +1006,8 @@ abstract private class TaintedPathSinkEndpointFilterCharacteristic extends Endpo
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private class NotDirectArgumentToLikelyExternalLibraryCallOrHeuristicSinkTaintedPathCharacteristic extends TaintedPathSinkEndpointFilterCharacteristic {
|
|
|
|
|
private class NotDirectArgumentToLikelyExternalLibraryCallOrHeuristicSinkTaintedPathCharacteristic extends TaintedPathSinkEndpointFilterCharacteristic
|
|
|
|
|
{
|
|
|
|
|
NotDirectArgumentToLikelyExternalLibraryCallOrHeuristicSinkTaintedPathCharacteristic() {
|
|
|
|
|
this =
|
|
|
|
|
"not a direct argument to a likely external library call or a heuristic sink (tainted path)"
|
|
|
|
|
@@ -1021,7 +1059,8 @@ abstract private class XssSinkEndpointFilterCharacteristic extends EndpointFilte
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private class SetStateCallsInReactApplicationsCharacteristic extends XssSinkEndpointFilterCharacteristic {
|
|
|
|
|
private class SetStateCallsInReactApplicationsCharacteristic extends XssSinkEndpointFilterCharacteristic
|
|
|
|
|
{
|
|
|
|
|
SetStateCallsInReactApplicationsCharacteristic() {
|
|
|
|
|
this = "setState calls ought to be safe in react applications"
|
|
|
|
|
}
|
|
|
|
|
@@ -1031,7 +1070,8 @@ private class SetStateCallsInReactApplicationsCharacteristic extends XssSinkEndp
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private class NotDirectArgumentToLikelyExternalLibraryCallOrHeuristicSinkXssCharacteristic extends XssSinkEndpointFilterCharacteristic {
|
|
|
|
|
private class NotDirectArgumentToLikelyExternalLibraryCallOrHeuristicSinkXssCharacteristic extends XssSinkEndpointFilterCharacteristic
|
|
|
|
|
{
|
|
|
|
|
NotDirectArgumentToLikelyExternalLibraryCallOrHeuristicSinkXssCharacteristic() {
|
|
|
|
|
this = "not a direct argument to a likely external library call or a heuristic sink (xss)"
|
|
|
|
|
}
|
|
|
|
|
|
Anders Schack-Mulligen