hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 19:26:31 +01:00
Code Issues Packages Projects Releases Wiki Activity

Extend negative characteristics for exceptions to source models.

Browse Source
This commit is contained in:
Max Schaefer
2024-01-12 12:20:22 +00:00
parent 06ba5ea9f8
commit ea26e21454
2 changed files with 25 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
java/ql/automodel/src/AutomodelApplicationModeCharacteristics.qll
View File

@@ -436,13 +436,22 @@ private class UnexploitableExistsCharacteristic extends CharacteristicsImpl::Nei
}
/**
* A negative characteristic that indicates that an endpoint is an argument to an exception, which is not a sink.
* A negative characteristic that indicates that parameters of an exception method or constructor should not be considered sinks,
* and its return value should not be considered a source.
*/
private class ExceptionCharacteristic extends CharacteristicsImpl::NotASinkCharacteristic {
private class ExceptionCharacteristic extends CharacteristicsImpl::NeitherSourceNorSinkCharacteristic {
ExceptionCharacteristic() { this = "exception" }
override predicate appliesToEndpoint(Endpoint e) {
e.(CallArgument).getCallable().getDeclaringType().getASupertype*() instanceof TypeThrowable
e.getCallable().getDeclaringType().getASupertype*() instanceof TypeThrowable and
(
e.getExtensibleType() = "sinkModel" and
not ApplicationCandidatesImpl::isSink(e, _, _)
or
e.getExtensibleType() = "sourceModel" and
not ApplicationCandidatesImpl::isSource(e, _, _) and
e.getMaDOutput() = "ReturnValue"
)
}
}

16
java/ql/automodel/src/AutomodelFrameworkModeCharacteristics.qll
View File

@@ -377,16 +377,26 @@ private class UnexploitableExistsCharacteristic extends CharacteristicsImpl::Nei
}
/**
* A negative characteristic that indicates that an endpoint is an argument to an exception, which is not a sink.
* A negative characteristic that indicates that parameters of an exception method or constructor should not be considered sinks,
* and its return value should not be considered a source.
*/
private class ExceptionCharacteristic extends CharacteristicsImpl::NotASinkCharacteristic {
private class ExceptionCharacteristic extends CharacteristicsImpl::NeitherSourceNorSinkCharacteristic {
ExceptionCharacteristic() { this = "exception" }
override predicate appliesToEndpoint(Endpoint e) {
e.getEnclosingCallable().getDeclaringType().getASupertype*() instanceof TypeThrowable
e.getEnclosingCallable().getDeclaringType().getASupertype*() instanceof TypeThrowable and
(
e.getExtensibleType() = "sinkModel" and
not FrameworkCandidatesImpl::isSink(e, _, _)
or
e.getExtensibleType() = "sourceModel" and
not FrameworkCandidatesImpl::isSource(e, _, _) and
e.getMaDOutput() = "ReturnValue"
)
}
}
/**
* A characteristic that limits candidates to parameters of methods that are recognized as `ModelApi`, iow., APIs that
* are considered worth modeling.