hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 11:15:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Change getResource() to be a taint step

Browse Source
This commit is contained in:
luchua-bc
2022-04-19 15:55:09 +00:00
parent 7029802f3b
commit f0c4b1955b
4 changed files with 62 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
java/ql/src/experimental/semmle/code/java/frameworks/Jsf.qll
View File

@@ -14,11 +14,21 @@ class ExternalContext extends RefType {
}
/**
* The methods `getResource()` and `getResourceAsStream()` declared in JSF `ExternalContext`.
* The method `getResource()` declared in JSF `ExternalContext`.
*/
class GetFacesResourceMethod extends Method {
GetFacesResourceMethod() {
this.getDeclaringType().getASupertype*() instanceof ExternalContext and
this.hasName(["getResource", "getResourceAsStream"])
this.hasName("getResource")
}
}
/**
* The method `getResourceAsStream()` declared in JSF `ExternalContext`.
*/
class GetFacesResourceAsStreamMethod extends Method {
GetFacesResourceAsStreamMethod() {
this.getDeclaringType().getASupertype*() instanceof ExternalContext and
this.hasName("getResourceAsStream")
}
}