hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 19:26:02 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add Log4J 2 and a new search string secret

Browse Source
This commit is contained in:
luchua-bc
2020-06-02 03:21:27 +00:00
parent 7265e94028
commit 9affa157b6
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
java/ql/src/experimental/CWE-532/SensitiveInfoLog.ql
View File

@@ -17,7 +17,7 @@ import PathGraph
*/
private string getACredentialRegex() {
result = "(?i).*challenge|pass(wd|word|code|phrase)(?!.*question).*" or
result = "(?i)(.*username|url).*"
result = "(?i)(.*username|.*secret|url).*"
}
/** Variable keeps sensitive information judging by its name * */
@@ -31,6 +31,7 @@ class CredentialExpr extends Expr {
class LoggerType extends RefType {
LoggerType() {
this.hasQualifiedName("org.apache.log4j", "Category") or //Log4J
this.hasQualifiedName("org.apache.logging.log4j", "Logger") or //Log4J 2
this.hasQualifiedName("org.slf4j", "Logger") or //SLF4j and Gradle Logging
this.hasQualifiedName("org.jboss.logging", "BasicLogger") //JBoss Logging
}