Add SyntheticFields for JwsHeader

Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
2025-12-17 01:03:14 +01:00 · 2023-05-01 14:16:10 -04:00
parent 62cbcdb30c
commit a34a51737f
3 changed files with 16 additions and 4 deletions
--- a/java/ql/lib/ext/io.jsonwebtoken.model.yml
+++ b/java/ql/lib/ext/io.jsonwebtoken.model.yml
@@ -3,10 +3,10 @@ extensions:
      pack: codeql/java-all
      extensible: summaryModel
    data:
-      - ["io.jsonwebtoken", "JwsHeader", True, "getAlgorithm", "", "", "Argument[this]", "ReturnValue", "taint", "manual"]
-      - ["io.jsonwebtoken", "JwsHeader", True, "setAlgorithm", "", "", "Argument[0]", "Argument[this]", "taint", "manual"]
-      - ["io.jsonwebtoken", "JwsHeader", True, "getKeyId", "", "", "Argument[this]", "ReturnValue", "taint", "manual"]
-      - ["io.jsonwebtoken", "JwsHeader", True, "setKeyId", "", "", "Argument[0]", "Argument[this]", "taint", "manual"]
+      - ["io.jsonwebtoken", "JwsHeader", True, "getAlgorithm", "", "", "Argument[this].SyntheticField[io.jsonwebtoken.JwsHeader.algorithm]", "ReturnValue", "taint", "manual"]
+      - ["io.jsonwebtoken", "JwsHeader", True, "setAlgorithm", "", "", "Argument[0]", "Argument[this].SyntheticField[io.jsonwebtoken.JwsHeader.algorithm]", "taint", "manual"]
+      - ["io.jsonwebtoken", "JwsHeader", True, "getKeyId", "", "", "Argument[this].SyntheticField[io.jsonwebtoken.JwsHeader.keyId]", "ReturnValue", "taint", "manual"]
+      - ["io.jsonwebtoken", "JwsHeader", True, "setKeyId", "", "", "Argument[0]", "Argument[this].SyntheticField[io.jsonwebtoken.JwsHeader.keyId]", "taint", "manual"]
  - addsTo:
      pack: codeql/java-all
      extensible: sourceModel
--- a/java/ql/lib/semmle/code/java/dataflow/FlowSteps.qll
+++ b/java/ql/lib/semmle/code/java/dataflow/FlowSteps.qll
@@ -18,6 +18,7 @@ private module Frameworks {
  private import semmle.code.java.frameworks.ApacheHttp
  private import semmle.code.java.frameworks.guava.Guava
  private import semmle.code.java.frameworks.Guice
+  private import semmle.code.java.frameworks.IoJsonWebToken
  private import semmle.code.java.frameworks.jackson.JacksonSerializability
  private import semmle.code.java.frameworks.Properties
  private import semmle.code.java.frameworks.Protobuf
--- a/java/ql/lib/semmle/code/java/frameworks/IoJsonWebToken.qll
+++ b/java/ql/lib/semmle/code/java/frameworks/IoJsonWebToken.qll
@@ -0,0 +1,11 @@
+/** Predicates and classes to reason about the `io.jsonwebtoken` library. */
+
+import java
+private import semmle.code.java.dataflow.DataFlow
+private import semmle.code.java.dataflow.FlowSteps
+
+private class JwsHeaderFieldsInheritTaint extends DataFlow::SyntheticFieldContent,
+  TaintInheritingContent
+{
+  JwsHeaderFieldsInheritTaint() { this.getField().matches("io.jsonwebtoken.JwsHeader.%") }
+}