hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-01 11:45:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add more poisonable steps

Browse Source
This commit is contained in:
Alvaro Muñoz
2024-05-08 22:32:24 +02:00
parent e8f2bc3ef6
commit ddf72a2cf3
1 changed files with 7 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
ql/lib/codeql/actions/security/PoisonableSteps.qll
View File

@@ -43,12 +43,19 @@ class LocalCommandExecutionRunStep extends PoisonableStep, Run {
or
// sh xxxx
cmd = line.regexpCapture("(^|\\s+)(ba|z|fi)?sh\\s+(.*)", 3)
or
// node xxxx
cmd = line.regexpCapture("(^|\\s+)(node|python|ruby|go)\\s+(.*)", 3)
)
}
string getCommand() { result = cmd }
}
class LocalActionUsesStep extends PoisonableStep, UsesStep {
LocalActionUsesStep() { this.getCallee().matches("./%") }
}
class EnvVarInjectionRunStep extends PoisonableStep, Run {
EnvVarInjectionRunStep() {
exists(string value |