hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-25 00:27:09 +02:00
Code Issues Packages Projects Releases Wiki Activity

Improve positive prompt examples:

Browse Source 
Include only sinks that are arguments to an external API call, because these are the sinks we are most interested in.
This commit is contained in:
tiferet
2023-02-16 16:42:57 -08:00
parent 4db03cf4ae
commit abe3a2dae1
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
java/ql/experimental/adaptivethreatmodeling/src/ExtractPositiveExamples.ql
View File

@@ -9,6 +9,7 @@
private import java
import semmle.code.java.dataflow.TaintTracking
private import semmle.code.java.security.ExternalAPIs as ExternalAPIs
private import experimental.adaptivethreatmodeling.EndpointCharacteristics as EndpointCharacteristics
private import experimental.adaptivethreatmodeling.EndpointTypes
private import experimental.adaptivethreatmodeling.ATMConfig as AtmConfig
@@ -34,6 +35,9 @@ where
// treated by the actual query as a sanitizer, since the final logic is something like
// `isSink(n) and not isSanitizer(n)`. We don't want to include such nodes as positive examples in the prompt.
not config.isSanitizer(sink) and
// Include only sinks that are arguments to an external API call, because these are the sinks we are most interested
// in.
sink instanceof ExternalAPIs::ExternalApiDataNode and
message =
sinkType.getDescription() + "\n" +
// Extract the needed metadata for this endpoint.