hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-17 04:54:02 +02:00
Code Issues Packages Projects Releases Wiki Activity

Java: initial tests

Browse Source
This commit is contained in:
Jami Cogswell
2024-12-03 16:31:52 -05:00
parent 178b032453
commit df77d4914f
10 changed files with 310 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
java/ql/lib/semmle/code/java/security/CsrfUnprotectedRequestTypeQuery.qll
View File

@@ -114,5 +114,15 @@ module CallGraph {
}
}
query predicate edges(PathNode pred, PathNode succ) { pred.getASuccessor() = succ }
predicate edges(PathNode pred, PathNode succ) { pred.getASuccessor() = succ }
}
import CallGraph
/** Holds if `src` is an unprotected request handler that reaches a state-changing `sink`. */
predicate unprotectedStateChange(PathNode src, PathNode sink, PathNode sinkPred) {
src.asMethod() instanceof CsrfUnprotectedMethod and
sink.asMethod() instanceof DatabaseUpdateMethod and
sinkPred.getASuccessor() = sink and
src.getASuccessor+() = sinkPred
}