hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-27 17:55:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

Alter cookie sinks to instead focus on creation of a cookie

Browse Source
This commit is contained in:
Ed Minnix
2023-11-07 17:07:58 -05:00
parent 4bdf2b5e18
commit bbf99375c7
2 changed files with 19 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
java/ql/lib/semmle/code/java/security/WeakRandomnessQuery.qll
View File

@@ -46,15 +46,17 @@ private class TypeHadoopOsSecureRandom extends SafeRandomImplementation {
abstract class WeakRandomnessSink extends DataFlow::Node { }
/**
* A node which creates a cookie.
* A node which sets the value of a cookie.
*/
private class CookieSink extends WeakRandomnessSink {
CookieSink() {
this.getType() instanceof TypeCookie and
exists(MethodCall mc |
mc.getMethod().hasQualifiedName("javax.servlet.http", "HttpServletResponse", "addCookie")
|
mc.getArgument(0) = this.asExpr()
exists(Call c |
c.(ClassInstanceExpr).getConstructedType() instanceof TypeCookie and
this.asExpr() = c.getArgument(1)
or
c.(MethodCall).getMethod().getDeclaringType() instanceof TypeCookie and
c.(MethodCall).getMethod().hasName("setValue") and
this.asExpr() = c.getArgument(0)
)
}
}