hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-27 20:33:42 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #4880 from luchua-bc/java/sensitive-query-with-get

Browse Source 
Java: Sensitive GET Query
This commit is contained in:
Anders Schack-Mulligen
2021-02-24 11:08:47 +01:00
committed by GitHub
parent 8262f0343b 56e3b301e9
commit add960bc4d
11 changed files with 290 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
java/ql/src/semmle/code/java/frameworks/Servlets.qll
View File

@@ -322,3 +322,18 @@ class ServletWebXMLListenerType extends RefType {
// - `HttpSessionBindingListener`
}
}
/** Holds if `m` is a request handler method (for example `doGet` or `doPost`). */
predicate isServletRequestMethod(Method m) {
m.getDeclaringType() instanceof ServletClass and
m.getNumberOfParameters() = 2 and
m.getParameter(0).getType() instanceof ServletRequest and
m.getParameter(1).getType() instanceof ServletResponse
}
/** Holds if `ma` is a call that gets a request parameter. */
predicate isRequestGetParamMethod(MethodAccess ma) {
ma.getMethod() instanceof ServletRequestGetParameterMethod or
ma.getMethod() instanceof ServletRequestGetParameterMapMethod or
ma.getMethod() instanceof HttpServletRequestGetQueryStringMethod
}