From dae4708cae945b1eaeb38aab4bb7d938728172ec Mon Sep 17 00:00:00 2001 From: tombolton Date: Wed, 9 Mar 2022 13:19:15 +0000 Subject: [PATCH] add new queries to mapping query --- .../extraction/ExtractEndpointMapping.ql | 45 ++++++++++++++----- 1 file changed, 35 insertions(+), 10 deletions(-) diff --git a/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/extraction/ExtractEndpointMapping.ql b/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/extraction/ExtractEndpointMapping.ql index 879fdeaca1c..82af14fe8b0 100644 --- a/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/extraction/ExtractEndpointMapping.ql +++ b/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/extraction/ExtractEndpointMapping.ql @@ -2,21 +2,46 @@ import experimental.adaptivethreatmodeling.SqlInjectionATM as SqlInjectionATM import experimental.adaptivethreatmodeling.NosqlInjectionATM as NosqlInjectionATM import experimental.adaptivethreatmodeling.TaintedPathATM as TaintedPathATM import experimental.adaptivethreatmodeling.XssATM as XssATM +import experimental.adaptivethreatmodeling.StoredXssATM as StoredXssATM +import experimental.adaptivethreatmodeling.XssThroughDomATM as XssThroughDomATM +import experimental.adaptivethreatmodeling.CodeInjectionATM as CodeInjectionATM import experimental.adaptivethreatmodeling.AdaptiveThreatModeling from string queryName, ATMConfig c, EndpointType e where ( - queryName = "SqlInjectionATM.ql" and - c instanceof SqlInjectionATM::SqlInjectionATMConfig + queryName = "Unknown" and + endpointTypeEncoded = 0 or - queryName = "NosqlInjectionATM.ql" and - c instanceof NosqlInjectionATM::NosqlInjectionATMConfig + queryName = "NotASink" and + endpointTypeEncoded = 0 or - queryName = "TaintedPathInjectionATM.ql" and - c instanceof TaintedPathATM::TaintedPathATMConfig + queryName = "Xss" and + c instanceof XssATM::DomBasedXssATMConfig and + endpointTypeEncoded = c.getASinkEndpointType().getEncoding() or - queryName = "XssATM.ql" and c instanceof XssATM::DomBasedXssATMConfig - ) and - e = c.getASinkEndpointType() -select queryName, e.getEncoding() as endpointTypeEncoded + queryName = "StoredXss" and + c instanceof StoredXssATM::StoredXssATMConfig and + endpointTypeEncoded = c.getASinkEndpointType().getEncoding() + or + queryName = "XssThroughDom" and + c instanceof XssThroughDomATM::XssThroughDOMATMConfig and + endpointTypeEncoded = c.getASinkEndpointType().getEncoding() + or + queryName = "SqlInjection" and + c instanceof SqlInjectionATM::SqlInjectionATMConfig and + endpointTypeEncoded = c.getASinkEndpointType().getEncoding() + or + queryName = "NosqlInjection" and + c instanceof NosqlInjectionATM::NosqlInjectionATMConfig and + endpointTypeEncoded = c.getASinkEndpointType().getEncoding() + or + queryName = "TaintedPath" and + c instanceof TaintedPathATM::TaintedPathATMConfig and + endpointTypeEncoded = c.getASinkEndpointType().getEncoding() + or + queryName = "CodeInjection" and + c instanceof CodeInjectionATM::CodeInjectionATMConfig and + endpointTypeEncoded = c.getASinkEndpointType().getEncoding() + ) +select queryName, endpointTypeEncoded order by encodingTypeEncoded