hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update InsecureCookie.ql

Browse Source 
Support interprocedural setting of cookie security
This commit is contained in:
Mauro Baluda
2022-12-02 17:37:23 +01:00
committed by GitHub
parent a11756bad1
commit f3f8f35069
1 changed files with 10 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
java/ql/src/Security/CWE/CWE-614/InsecureCookie.ql
View File

@@ -26,11 +26,19 @@ predicate isSafeSecureCookieSetting(Expr e) {
) )
} }
from MethodAccess add class SecureCookieConfiguration extends DataFlow::Configuration {
SecureCookieConfiguration() { this = "SecureCookieConfiguration" }
override predicate isSource(DataFlow::Node source) { any() }
override predicate isSink(DataFlow::Node sink) { any() }
}
from MethodAccess add, SecureCookieConfiguration df
where where
add.getMethod() instanceof ResponseAddCookieMethod and add.getMethod() instanceof ResponseAddCookieMethod and
not exists(Variable cookie, MethodAccess m | not exists(Variable cookie, MethodAccess m |
add.getArgument(0) = cookie.getAnAccess() and df.hasFlow(DataFlow::exprNode(cookie.getAnAccess()), DataFlow::exprNode(add.getArgument(0))) and
m.getMethod().getName() = "setSecure" and m.getMethod().getName() = "setSecure" and
forex(DataFlow::Node argSource | forex(DataFlow::Node argSource |
DataFlow::localFlow(argSource, DataFlow::exprNode(m.getArgument(0))) and DataFlow::localFlow(argSource, DataFlow::exprNode(m.getArgument(0))) and