hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity

Make sinks more specific, improve tests

Browse Source
This commit is contained in:
Tony Torralba
2021-06-11 16:56:35 +02:00
parent f9e6b3c3d2
commit f3ef93fa8a
4 changed files with 570 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
java/ql/src/semmle/code/java/security/GroovyInjection.qll
View File

@@ -1,7 +1,4 @@
/**
* Provides classes and predicates for Groovy Code Injection
* taint-tracking configuration.
*/
/** Provides classes to reason about Groovy code injection attacks. */
import java
import semmle.code.java.dataflow.DataFlow
@@ -58,7 +55,12 @@ private class DefaultLdapInjectionSinkModel extends SinkModelCsv {
"groovy.util;Eval;false;x;(Object,String);;Argument[1];groovy",
"groovy.util;Eval;false;xy;(Object,Object,String);;Argument[2];groovy",
"groovy.util;Eval;false;xyz;(Object,Object,Object,String);;Argument[3];groovy",
"groovy.lang;GroovyClassLoader;false;parseClass;;;Argument[0];groovy",
"groovy.lang;GroovyClassLoader;false;parseClass;(GroovyCodeSource);;Argument[0];groovy",
"groovy.lang;GroovyClassLoader;false;parseClass;(GroovyCodeSource,boolean);;Argument[0];groovy",
"groovy.lang;GroovyClassLoader;false;parseClass;(InputStream,String);;Argument[0];groovy",
"groovy.lang;GroovyClassLoader;false;parseClass;(Reader,String);;Argument[0];groovy",
"groovy.lang;GroovyClassLoader;false;parseClass;(String);;Argument[0];groovy",
"groovy.lang;GroovyClassLoader;false;parseClass;(String,String);;Argument[0];groovy",
"org.codehaus.groovy.control;CompilationUnit;false;compile;;;Argument[-1];groovy"
]
}