hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 11:15:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Update java/ql/src/experimental/Security/CWE/CWE-352/JsonpInjectionLib.qll

Browse Source 
Co-authored-by: Chris Smowton <smowton@github.com>
This commit is contained in:
haby0
2021-04-10 04:27:16 +08:00
committed by GitHub
parent 837f20108d
commit c77c7b0a98
1 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
java/ql/src/experimental/Security/CWE/CWE-352/JsonpInjectionLib.qll
View File

@@ -27,7 +27,12 @@ class VerificationMethodToIfFlowConfig extends DataFlow3::Configuration {
}
}
/** Taint-tracking configuration tracing flow from untrusted inputs to verification of remote user input. */
/** Taint-tracking configuration tracing flow from untrusted inputs to an argument of a function whose result is used as an if-statement condition.
*
* For example, in the context `String userControlled = request.getHeader("xyz"); boolean isGood = checkToken(userControlled); if(isGood) { ...`,
* the flow from `checkToken`'s result to the condition of `if(isGood)` matches the configuration `VerificationMethodToIfFlowConfig` above,
* and so the flow from `getHeader(...)` to the argument to `checkToken` matches this configuration.
*/
class VerificationMethodFlowConfig extends TaintTracking2::Configuration {
VerificationMethodFlowConfig() { this = "VerificationMethodFlowConfig" }