Merge pull request #14012 from knewbury01/knewbury01/add-sanitizer-command-query

Java: add sanitizer to command injection query
2026-04-30 11:15:13 +02:00 · 2023-08-22 08:40:49 +02:00
parent ce6fd8ac5f 5e01e1d464
commit bdc5f9cdea
2 changed files with 6 additions and 0 deletions
--- a/java/ql/lib/change-notes/2023-08-21-java-command-injection-sanitizer.md
+++ b/java/ql/lib/change-notes/2023-08-21-java-command-injection-sanitizer.md
@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* Added new sanitizer to Java command injection model
--- a/java/ql/lib/semmle/code/java/security/CommandLineQuery.qll
+++ b/java/ql/lib/semmle/code/java/security/CommandLineQuery.qll
@@ -42,6 +42,8 @@ private class DefaultCommandInjectionSanitizer extends CommandInjectionSanitizer
    or
    this.getType() instanceof BoxedType
    or
+    this.getType() instanceof NumberType
+    or
    isSafeCommandArgument(this.asExpr())
  }
 }