hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-26 01:05:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Move LdapInjectionLib to LdapInjectionQuery.qll

Browse Source
This commit is contained in:
Ed Minnix
2023-03-28 16:35:35 -04:00
parent 1add692643
commit e3af8b2c7f
2 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
java/ql/src/Security/CWE/CWE-090/LdapInjection.ql
View File

@@ -13,7 +13,7 @@
import java
import semmle.code.java.dataflow.FlowSources
import LdapInjectionLib
import semmle.code.java.security.LdapInjectionQuery
import LdapInjectionFlow::PathGraph
from LdapInjectionFlow::PathNode source, LdapInjectionFlow::PathNode sink

20
java/ql/src/Security/CWE/CWE-090/LdapInjectionLib.qll
View File

@@ -1,20 +0,0 @@
import java
import semmle.code.java.dataflow.FlowSources
import semmle.code.java.security.LdapInjection
/**
* A taint-tracking configuration for unvalidated user input that is used to construct LDAP queries.
*/
module LdapInjectionFlowConfig implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource }
predicate isSink(DataFlow::Node sink) { sink instanceof LdapInjectionSink }
predicate isBarrier(DataFlow::Node node) { node instanceof LdapInjectionSanitizer }
predicate isAdditionalFlowStep(DataFlow::Node pred, DataFlow::Node succ) {
any(LdapInjectionAdditionalTaintStep a).step(pred, succ)
}
}
module LdapInjectionFlow = TaintTracking::Global<LdapInjectionFlowConfig>;