hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-26 03:43:41 +01:00
Code Issues Packages Projects Releases Wiki Activity

Java: initial tests

Browse Source
This commit is contained in:
Jami Cogswell
2024-12-03 16:31:52 -05:00
parent 178b032453
commit df77d4914f
10 changed files with 310 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
java/ql/src/Security/CWE/CWE-352/CsrfUnprotectedRequestType.ql
View File

@@ -14,14 +14,11 @@
import java
import semmle.code.java.security.CsrfUnprotectedRequestTypeQuery
import CallGraph
query predicate edges(PathNode pred, PathNode succ) { CallGraph::edges(pred, succ) }
from PathNode source, PathNode reachable, PathNode callsReachable
where
source.asMethod() instanceof CsrfUnprotectedMethod and
reachable.asMethod() instanceof DatabaseUpdateMethod and
callsReachable.getASuccessor() = reachable and
source.getASuccessor+() = callsReachable
where unprotectedStateChange(source, reachable, callsReachable)
select source.asMethod(), source, callsReachable,
"Potential CSRF vulnerability due to using an HTTP request type which is not default-protected from CSRF for an apparent $@.",
callsReachable, "state-changing action"