hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 03:05:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Java: add initial ssrf heuristic models for apache httpcomponents version 5

Browse Source
This commit is contained in:
Jami Cogswell
2023-02-09 22:52:08 -05:00
parent 52bc43b22b
commit a3976305ca
16 changed files with 300 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

69
java/ql/lib/ext/org.apache.hc.client5.http.async.methods.model.yml Normal file
View File

@@ -0,0 +1,69 @@
extensions:
- addsTo:
pack: codeql/java-all
extensible: sinkModel
data:
- ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "create", "(Method,String)", "", "Argument[1]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "create", "(Method,URI)", "", "Argument[1]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "create", "(String,String)", "", "Argument[1]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "create", "(String,URI)", "", "Argument[1]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "delete", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "delete", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "get", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "get", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "head", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "head", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "options", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "options", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "patch", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "patch", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "post", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "post", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "put", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "put", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "trace", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "BasicHttpRequests", True, "trace", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "ConfigurableHttpRequest", True, "ConfigurableHttpRequest", "(String,URI)", "", "Argument[1]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "SimpleHttpRequest", "(Method,URI)", "", "Argument[1]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "SimpleHttpRequest", "(String,URI)", "", "Argument[1]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "create", "(Method,URI)", "", "Argument[1]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "create", "(String,String)", "", "Argument[1]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequest", True, "create", "(String,URI)", "", "Argument[1]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "create", "(Method,String)", "", "Argument[1]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "create", "(Method,URI)", "", "Argument[1]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "create", "(String,String)", "", "Argument[1]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "create", "(String,URI)", "", "Argument[1]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "delete", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "delete", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "get", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "get", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "head", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "head", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "options", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "options", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "patch", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "patch", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "post", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "post", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "put", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "put", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "trace", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "SimpleHttpRequests", True, "trace", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "delete", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "delete", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "get", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "get", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "head", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "head", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "options", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "options", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "patch", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "patch", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "post", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "post", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "put", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "put", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "setUri", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "setUri", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "trace", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.async.methods", "SimpleRequestBuilder", True, "trace", "(URI)", "", "Argument[0]", "%-url", "manual"]

42
java/ql/lib/ext/org.apache.hc.client5.http.classic.methods.model.yml Normal file
View File

@@ -0,0 +1,42 @@
extensions:
- addsTo:
pack: codeql/java-all
extensible: sinkModel
data:
- ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "create", "(Method,String)", "", "Argument[1]", "%-url", "manual"]
- ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "create", "(Method,URI)", "", "Argument[1]", "%-url", "manual"]
- ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "create", "(String,String)", "", "Argument[1]", "%-url", "manual"]
- ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "create", "(String,URI)", "", "Argument[1]", "%-url", "manual"]
- ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "delete", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "delete", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "get", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "get", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "head", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "head", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "options", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "options", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "patch", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "patch", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "post", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "post", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "put", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "put", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "trace", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.classic.methods", "ClassicHttpRequests", True, "trace", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.classic.methods", "HttpDelete", True, "HttpDelete", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.classic.methods", "HttpDelete", True, "HttpDelete", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.classic.methods", "HttpGet", True, "HttpGet", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.classic.methods", "HttpGet", True, "HttpGet", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.classic.methods", "HttpHead", True, "HttpHead", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.classic.methods", "HttpHead", True, "HttpHead", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.classic.methods", "HttpOptions", True, "HttpOptions", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.classic.methods", "HttpOptions", True, "HttpOptions", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.classic.methods", "HttpPatch", True, "HttpPatch", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.classic.methods", "HttpPatch", True, "HttpPatch", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.classic.methods", "HttpPost", True, "HttpPost", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.classic.methods", "HttpPost", True, "HttpPost", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.classic.methods", "HttpPut", True, "HttpPut", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.classic.methods", "HttpPut", True, "HttpPut", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.classic.methods", "HttpTrace", True, "HttpTrace", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.classic.methods", "HttpTrace", True, "HttpTrace", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.classic.methods", "HttpUriRequestBase", True, "HttpUriRequestBase", "", "", "Argument[1]", "%-url", "manual"]

24
java/ql/lib/ext/org.apache.hc.client5.http.fluent.model.yml Normal file
View File

@@ -0,0 +1,24 @@
extensions:
- addsTo:
pack: codeql/java-all
extensible: sinkModel
data:
- ["org.apache.hc.client5.http.fluent", "Request", True, "create", "(Method,URI)", "", "Argument[1]", "%-url", "manual"]
- ["org.apache.hc.client5.http.fluent", "Request", True, "create", "(String,String)", "", "Argument[1]", "%-url", "manual"]
- ["org.apache.hc.client5.http.fluent", "Request", True, "create", "(String,URI)", "", "Argument[1]", "%-url", "manual"]
- ["org.apache.hc.client5.http.fluent", "Request", True, "delete", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.fluent", "Request", True, "delete", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.fluent", "Request", True, "get", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.fluent", "Request", True, "get", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.fluent", "Request", True, "head", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.fluent", "Request", True, "head", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.fluent", "Request", True, "options", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.fluent", "Request", True, "options", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.fluent", "Request", True, "patch", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.fluent", "Request", True, "patch", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.fluent", "Request", True, "post", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.fluent", "Request", True, "post", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.fluent", "Request", True, "put", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.fluent", "Request", True, "put", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.fluent", "Request", True, "trace", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.client5.http.fluent", "Request", True, "trace", "(URI)", "", "Argument[0]", "%-url", "manual"]

10
java/ql/lib/ext/org.apache.hc.client5.http.impl.cache.model.yml Normal file
View File

@@ -0,0 +1,10 @@
extensions:
- addsTo:
pack: codeql/java-all
extensible: summaryModel
data:
# ! maybe remove these since "cache"-related
- ["org.apache.hc.client5.http.impl.cache", "CacheKeyGenerator", True, "resolve", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]
- ["org.apache.hc.client5.http.impl.cache", "HttpCacheSupport", True, "normalize", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]
- ["org.apache.hc.client5.http.impl.cache", "HttpCacheSupport", True, "normalizeQuetly", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]
- ["org.apache.hc.client5.http.impl.cache", "HttpCacheSupport", True, "normalizeQuietly", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]

12
java/ql/lib/ext/org.apache.hc.client5.http.protocol.yml Normal file
View File

@@ -0,0 +1,12 @@
extensions:
- addsTo:
pack: codeql/java-all
extensible: summaryModel
data:
- ["org.apache.hc.client5.http.protocol", "RedirectLocations", True, "add", "", "", "Argument[0]", "Argument[-1].Element", "value", "manual"] # ! double-check the output for this step
- addsTo:
pack: codeql/java-all
extensible: neutralModel
data:
- ["org.apache.hc.client5.http.protocol", "RedirectLocations", "contains", "", "manual"]

13
java/ql/lib/ext/org.apache.hc.client5.http.utils.yml Normal file
View File

@@ -0,0 +1,13 @@
extensions:
- addsTo:
pack: codeql/java-all
extensible: summaryModel
data:
# ! all of the below may need "HttpHost target" parameter accounted for as part of the step as well
- ["org.apache.hc.client5.http.utils", "URIUtils", True, "extractHost", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]
- ["org.apache.hc.client5.http.utils", "URIUtils", True, "resolve", "(URI,HttpHost,List)", "", "Argument[0]", "ReturnValue", "taint", "manual"]
- ["org.apache.hc.client5.http.utils", "URIUtils", True, "resolve", "(URI,String)", "", "Argument[0]", "ReturnValue", "taint", "manual"]
- ["org.apache.hc.client5.http.utils", "URIUtils", True, "resolve", "(URI,URI)", "", "Argument[0]", "ReturnValue", "taint", "manual"]
- ["org.apache.hc.client5.http.utils", "URIUtils", True, "rewriteURI", "(URI)", "", "Argument[0]", "ReturnValue", "taint", "manual"]
- ["org.apache.hc.client5.http.utils", "URIUtils", True, "rewriteURI", "(URI,HttpHost)", "", "Argument[0]", "ReturnValue", "taint", "manual"]
- ["org.apache.hc.client5.http.utils", "URIUtils", True, "rewriteURI", "(URI,HttpHost,boolean)", "", "Argument[0]", "ReturnValue", "taint", "manual"]

6
java/ql/lib/ext/org.apache.hc.core5.benchmark.model.yml Normal file
View File

@@ -0,0 +1,6 @@
extensions:
- addsTo:
pack: codeql/java-all
extensible: sinkModel
data:
- ["org.apache.hc.core5.benchmark", "Builder", True, "setUri", "", "", "Argument[0]", "%-url", "manual"] # ! maybe step instead

7
java/ql/lib/ext/org.apache.hc.core5.http.impl.io.model.yml Normal file
View File

@@ -0,0 +1,7 @@
extensions:
- addsTo:
pack: codeql/java-all
extensible: sinkModel
data:
- ["org.apache.hc.core5.http.impl.io", "DefaultClassicHttpRequestFactory", True, "newHttpRequest", "(String,String)", "", "Argument[1]", "%-url", "manual"]
- ["org.apache.hc.core5.http.impl.io", "DefaultClassicHttpRequestFactory", True, "newHttpRequest", "(String,URI)", "", "Argument[1]", "%-url", "manual"]

7
java/ql/lib/ext/org.apache.hc.core5.http.impl.nio.model.yml Normal file
View File

@@ -0,0 +1,7 @@
extensions:
- addsTo:
pack: codeql/java-all
extensible: sinkModel
data:
- ["org.apache.hc.core5.http.impl.nio", "DefaultHttpRequestFactory", True, "newHttpRequest", "(String,String)", "", "Argument[1]", "%-url", "manual"]
- ["org.apache.hc.core5.http.impl.nio", "DefaultHttpRequestFactory", True, "newHttpRequest", "(String,URI)", "", "Argument[1]", "%-url", "manual"]

23
java/ql/lib/ext/org.apache.hc.core5.http.io.support.model.yml Normal file
View File

@@ -0,0 +1,23 @@
extensions:
- addsTo:
pack: codeql/java-all
extensible: sinkModel
data:
- ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "delete", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "delete", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "get", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "get", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "head", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "head", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "options", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "options", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "patch", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "patch", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "post", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "post", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "put", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "put", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "setUri", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "setUri", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "trace", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.io.support", "ClassicRequestBuilder", True, "trace", "(URI)", "", "Argument[0]", "%-url", "manual"]

12
java/ql/lib/ext/org.apache.hc.core5.http.message.model.yml
View File

@@ -1,4 +1,16 @@
extensions:
- addsTo:
pack: codeql/java-all
extensible: sinkModel
data:
- ["org.apache.hc.core5.http.message", "BasicClassicHttpRequest", True, "BasicClassicHttpRequest", "(Method,URI)", "", "Argument[1]", "%-url", "manual"]
- ["org.apache.hc.core5.http.message", "BasicClassicHttpRequest", True, "BasicClassicHttpRequest", "(String,URI)", "", "Argument[1]", "%-url", "manual"]
- ["org.apache.hc.core5.http.message", "BasicHttpRequest", True, "BasicHttpRequest", "(Method,URI)", "", "Argument[1]", "%-url", "manual"]
- ["org.apache.hc.core5.http.message", "BasicHttpRequest", True, "BasicHttpRequest", "(String,URI)", "", "Argument[1]", "%-url", "manual"]
- ["org.apache.hc.core5.http.message", "BasicHttpRequest", True, "setUri", "", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.message", "HttpRequestWrapper", True, "setUri", "", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.message", "RequestLine", True, "RequestLine", "(String,String,ProtocolVersion)", "", "Argument[1]", "%-url", "manual"] # ! already a taint step
- addsTo:
pack: codeql/java-all
extensible: summaryModel

4
java/ql/lib/ext/org.apache.hc.core5.http.model.yml
View File

@@ -4,6 +4,10 @@ extensions:
extensible: sinkModel
data:
- ["org.apache.hc.core5.http", "HttpEntityContainer", True, "setEntity", "(HttpEntity)", "", "Argument[0]", "xss", "manual"]
- ["org.apache.hc.core5.http", "HttpHost", True, "create", "(URI)", "", "Argument[0]", "%-url", "manual"] # ! maybe step instead
- ["org.apache.hc.core5.http", "HttpRequest", True, "setUri", "", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http", "HttpRequestFactory", True, "newHttpRequest", "(String,String)", "", "Argument[1]", "%-url", "manual"] # ! potentially combine with below so signature is ""; make sure still interesting since "Factory" method
- ["org.apache.hc.core5.http", "HttpRequestFactory", True, "newHttpRequest", "(String,URI)", "", "Argument[1]", "%-url", "manual"]
- addsTo:
pack: codeql/java-all
extensible: summaryModel

27
java/ql/lib/ext/org.apache.hc.core5.http.nio.support.model.yml Normal file
View File

@@ -0,0 +1,27 @@
extensions:
- addsTo:
pack: codeql/java-all
extensible: sinkModel
data:
- ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "delete", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "delete", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "get", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "get", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "head", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "head", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "options", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "options", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "patch", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "patch", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "post", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "post", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "put", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "put", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "setUri", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "setUri", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "trace", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.nio.support", "AsyncRequestBuilder", True, "trace", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(Method,URI)", "", "Argument[1]", "%-url", "manual"]
- ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(Method,URI,AsyncEntityProducer)", "", "Argument[1]", "%-url", "manual"]
- ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(String,URI)", "", "Argument[1]", "%-url", "manual"]
- ["org.apache.hc.core5.http.nio.support", "BasicRequestProducer", True, "BasicRequestProducer", "(String,URI,AsyncEntityProducer)", "", "Argument[1]", "%-url", "manual"]

25
java/ql/lib/ext/org.apache.hc.core5.http.support.model.yml Normal file
View File

@@ -0,0 +1,25 @@
extensions:
- addsTo:
pack: codeql/java-all
extensible: sinkModel
data:
- ["org.apache.hc.core5.http.support", "AbstractRequestBuilder", True, "setUri", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.support", "AbstractRequestBuilder", True, "setUri", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "delete", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "delete", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "get", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "get", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "head", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "head", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "options", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "options", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "patch", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "patch", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "post", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "post", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "put", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "put", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "setUri", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "setUri", "(URI)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "trace", "(String)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.http.support", "BasicRequestBuilder", True, "trace", "(URI)", "", "Argument[0]", "%-url", "manual"]

10
java/ql/lib/ext/org.apache.hc.core5.net.model.yml
View File

@@ -1,4 +1,14 @@
extensions:
- addsTo:
pack: codeql/java-all
extensible: sinkModel
data:
- ["org.apache.hc.core5.net", "URIBuilder", True, "URIBuilder", "(String)", "", "Argument[0]", "%-url", "manual"] # ! change to summary instead to be consistent with jakarta, etc.
- ["org.apache.hc.core5.net", "URIBuilder", True, "URIBuilder", "(String,Charset)", "", "Argument[0]", "%-url", "manual"] # ! change to summary instead to be consistent with jakarta, etc.
- ["org.apache.hc.core5.net", "URIBuilder", True, "URIBuilder", "(URI)", "", "Argument[0]", "%-url", "manual"] # ! change to summary instead to be consistent with jakarta, etc.
- ["org.apache.hc.core5.net", "URIBuilder", True, "URIBuilder", "(URI,Charset)", "", "Argument[0]", "%-url", "manual"] # ! change to summary instead to be consistent with jakarta, etc.
- ["org.apache.hc.core5.net", "URLEncodedUtils", True, "parse", "(URI,Charset)", "", "Argument[0]", "%-url", "manual"] # ! probably remove as FP, look into a little more
- addsTo:
pack: codeql/java-all
extensible: summaryModel

9
java/ql/lib/ext/org.apache.hc.core5.ssl.model.yml Normal file
View File

@@ -0,0 +1,9 @@
extensions:
- addsTo:
pack: codeql/java-all
extensible: sinkModel
data:
- ["org.apache.hc.core5.ssl", "SSLContextBuilder", True, "loadKeyMaterial", "(URL,char[],char[])", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.ssl", "SSLContextBuilder", True, "loadKeyMaterial", "(URL,char[],char[],PrivateKeyStrategy)", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.ssl", "SSLContextBuilder", True, "loadTrustMaterial", "(URL,char[])", "", "Argument[0]", "%-url", "manual"]
- ["org.apache.hc.core5.ssl", "SSLContextBuilder", True, "loadTrustMaterial", "(URL,char[],TrustStrategy)", "", "Argument[0]", "%-url", "manual"]