hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-28 18:25:24 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #12610 from michaelnebel/java/validatespecs

Browse Source 
Java/C#: Validate all AccessPaths.
This commit is contained in:
Michael Nebel
2023-03-22 16:22:54 +01:00
committed by GitHub
parent 0f267e012a 71d184e8c0
commit 915efffe21
6 changed files with 43 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
csharp/ql/lib/semmle/code/csharp/dataflow/ExternalFlow.qll
View File

@@ -160,7 +160,7 @@ predicate modelCoverage(string namespace, int namespaces, string kind, string pa
/** Provides a query predicate to check the MaD models for validation errors. */
module ModelValidation {
private string getInvalidModelInput() {
exists(string pred, AccessPath input, string part |
exists(string pred, AccessPath input, AccessPathToken part |
sinkModel(_, _, _, _, _, _, input, _, _) and pred = "sink"
or
summaryModel(_, _, _, _, _, _, input, _, _, _) and pred = "summary"
@@ -169,7 +169,8 @@ module ModelValidation {
invalidSpecComponent(input, part) and
not part = "" and
not (part = "Argument" and pred = "sink") and
not parseArg(part, _)
not parseArg(part, _) and
not part.getName() = ["Field", "Property"]
or
part = input.getToken(_) and
parseParam(part, _)
@@ -181,7 +182,7 @@ module ModelValidation {
}
private string getInvalidModelOutput() {
exists(string pred, string output, string part |
exists(string pred, AccessPath output, AccessPathToken part |
sourceModel(_, _, _, _, _, _, output, _, _) and pred = "source"
or
summaryModel(_, _, _, _, _, _, _, output, _, _) and pred = "summary"
@@ -189,7 +190,8 @@ module ModelValidation {
(
invalidSpecComponent(output, part) and
not part = "" and
not (part = ["Argument", "Parameter"] and pred = "source")
not (part = ["Argument", "Parameter"] and pred = "source") and
not part.getName() = ["Field", "Property"]
or
invalidIndexComponent(output, part)
) and

0
csharp/ql/test/library-tests/dataflow/external-models/validatemodels.expected Normal file
View File

15
csharp/ql/test/library-tests/dataflow/external-models/validatemodels.ql Normal file
View File

@@ -0,0 +1,15 @@
import csharp
import semmle.code.csharp.dataflow.ExternalFlow
import semmle.code.csharp.dataflow.internal.AccessPathSyntax
import ModelValidation
private predicate getRelevantAccessPath(string path) {
summaryModel(_, _, _, _, _, _, path, _, _, _) or
summaryModel(_, _, _, _, _, _, _, path, _, _) or
sinkModel(_, _, _, _, _, _, path, _, _) or
sourceModel(_, _, _, _, _, _, path, _, _)
}
private class AccessPathsExternal extends AccessPath::Range {
AccessPathsExternal() { getRelevantAccessPath(this) }
}