hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-25 00:27:09 +02:00
Code Issues Packages Projects Releases Wiki Activity

PS: Make remote flow sources flow sources.

Browse Source
This commit is contained in:
Mathias Vorreiter Pedersen
2025-04-15 17:02:48 +01:00
parent fa3fc4a0c3
commit dcc127832e
1 changed files with 11 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
powershell/ql/lib/semmle/code/powershell/dataflow/flowsources/Remote.qll
View File

@@ -6,6 +6,7 @@
private import semmle.code.powershell.dataflow.internal.DataFlowPublic as DataFlow
// Need to import since frameworks can extend `RemoteFlowSource::Range`
private import semmle.code.powershell.Frameworks
private import semmle.code.powershell.dataflow.flowsources.FlowSources
/**
* A data flow source of remote user input.
@@ -13,9 +14,10 @@ private import semmle.code.powershell.Frameworks
* Extend this class to refine existing API models. If you want to model new APIs,
* extend `RemoteFlowSource::Range` instead.
*/
class RemoteFlowSource extends DataFlow::Node instanceof RemoteFlowSource::Range {
/** Gets a string that describes the type of this remote flow source. */
string getSourceType() { result = super.getSourceType() }
class RemoteFlowSource extends SourceNode instanceof RemoteFlowSource::Range {
override string getSourceType() { result = "remote flow source" }
override string getThreatModel() { result = "remote" }
}
/** Provides a class for modeling new sources of remote user input. */
@@ -31,3 +33,9 @@ module RemoteFlowSource {
abstract string getSourceType();
}
}
private class ExternalRemoteFlowSource extends RemoteFlowSource::Range {
ExternalRemoteFlowSource() { this = ModelOutput::getASourceNode("remote", _).asSource() }
override string getSourceType() { result = "remote flow" }
}