Java: update mvel sink kind to mvel-injection

2026-03-04 14:46:48 +01:00 · 2023-05-09 12:05:39 -04:00
parent 6cee0c4c75
commit cea97b3f2a
7 changed files with 23 additions and 22 deletions
--- a/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll
+++ b/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll
@@ -275,10 +275,11 @@ module ModelValidation {
      not kind =
        [
          "open-url", "jndi-injection", "ldap", "sql-injection", "jdbc-url", "log-injection",
-          "mvel", "xpath-injection", "groovy-injection", "xss", "ognl-injection", "intent-start",
-          "pending-intent-sent", "url-redirection", "create-file", "read-file", "write-file",
-          "set-hostname-verifier", "header-splitting", "information-leak", "xslt", "jexl-injection",
-          "bean-validation", "template-injection", "fragment-injection", "command-injection"
+          "mvel-injection", "xpath-injection", "groovy-injection", "xss", "ognl-injection",
+          "intent-start", "pending-intent-sent", "url-redirection", "create-file", "read-file",
+          "write-file", "set-hostname-verifier", "header-splitting", "information-leak", "xslt",
+          "jexl-injection", "bean-validation", "template-injection", "fragment-injection",
+          "command-injection"
        ] and
      not kind.matches("regex-use%") and
      not kind.matches("qltest%") and
--- a/java/ql/lib/semmle/code/java/security/MvelInjection.qll
+++ b/java/ql/lib/semmle/code/java/security/MvelInjection.qll
@@ -25,7 +25,7 @@ class MvelInjectionAdditionalTaintStep extends Unit {

 /** Default sink for MVEL injection vulnerabilities. */
 private class DefaultMvelEvaluationSink extends MvelEvaluationSink {
-  DefaultMvelEvaluationSink() { sinkNode(this, "mvel") }
+  DefaultMvelEvaluationSink() { sinkNode(this, "mvel-injection") }
 }

 /** A default sanitizer that considers numeric and boolean typed data safe for building MVEL expressions */