Update MaD Declarations after Triage

This commit is contained in:
Stephan Brandauer
2024-01-24 11:05:07 +01:00
parent 7e7175f49d
commit d5bcbcddab
3 changed files with 16 additions and 1 deletions

View File

@@ -0,0 +1,7 @@
---
category: minorAnalysis
---
* Added models for the following packages:
* com.fasterxml.jackson.databind
* javax.servlet

View File

@@ -5,6 +5,8 @@ extensions:
data:
- ["com.fasterxml.jackson.databind", "ObjectMapper", True, "convertValue", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]
- ["com.fasterxml.jackson.databind", "ObjectMapper", False, "createParser", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]
- ["com.fasterxml.jackson.databind", "ObjectMapper", True, "readTree", "(URL)", "", "ReturnValue", ReturnValue, "taint", "ai-manual"] # result is remote, but only user-controlled if the URL is
- ["com.fasterxml.jackson.databind", "ObjectMapper", True, "readValue", "(InputStream,Class)", "", "ReturnValue", ReturnValue, "taint", "ai-manual"]
- ["com.fasterxml.jackson.databind", "ObjectMapper", True, "valueToTree", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]
- ["com.fasterxml.jackson.databind", "ObjectMapper", True, "valueToTree", "", "", "Argument[0].MapValue", "ReturnValue", "taint", "manual"]
- ["com.fasterxml.jackson.databind", "ObjectMapper", True, "valueToTree", "", "", "Argument[0].MapValue.Element", "ReturnValue", "taint", "manual"]

View File

@@ -9,9 +9,15 @@ extensions:
- ["javax.servlet", "ServletRequest", False, "getParameterNames", "()", "", "ReturnValue", "remote", "manual"]
- ["javax.servlet", "ServletRequest", False, "getParameterValues", "(String)", "", "ReturnValue", "remote", "manual"]
- ["javax.servlet", "ServletRequest", False, "getReader", "()", "", "ReturnValue", "remote", "manual"]
- ["javax.servlet", "ServletRequest", True, "getParameter", "(String)", "", "Parameter[0]", "remote", "ai-manual"]
- ["javax.servlet", "ServletRequest", True, "getParameterValues", "(String)", "", "Parameter[0]", "remote", "ai-manual"]
- addsTo:
pack: codeql/java-all
extensible: sinkModel
data:
- ["javax.servlet", "ServletContext", True, "getResourceAsStream", "(String)", "", "Argument[0]", "path-injection", "ai-manual"]
- addsTo:
pack: codeql/java-all
extensible: summaryModel
data:
- ["javax.servlet", "ServletRequest", True, "getRealPath", "(String)", "", "Parameter[0]", ReturnValue, "taint", "ai-manual"]