hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-27 01:35:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add UrlRedirectLocalQuery.qll

Browse Source
This commit is contained in:
Ed Minnix
2023-04-03 17:09:53 -04:00
parent 0249187282
commit be24b29e7a
2 changed files with 20 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
java/ql/src/Security/CWE/CWE-601/UrlRedirectLocal.ql
View File

@@ -12,17 +12,7 @@
*/
import java
import semmle.code.java.dataflow.FlowSources
import semmle.code.java.security.UrlRedirect
module UrlRedirectLocalConfig implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node source) { source instanceof LocalUserInput }
predicate isSink(DataFlow::Node sink) { sink instanceof UrlRedirectSink }
}
module UrlRedirectLocalFlow = TaintTracking::Global<UrlRedirectLocalConfig>;
import semmle.code.java.security.UrlRedirectLocalQuery
import UrlRedirectLocalFlow::PathGraph
from UrlRedirectLocalFlow::PathNode source, UrlRedirectLocalFlow::PathNode sink