hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-26 09:15:12 +02:00
Code Issues Packages Projects Releases Wiki Activity

Java: Model produces parameter to RequestMapping attribute.

Browse Source
This commit is contained in:
lcartey@github.com
2020-05-17 21:45:17 +01:00
parent 8057dff368
commit f6a99cb42e
1 changed files with 8 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
java/ql/src/semmle/code/java/frameworks/spring/SpringController.qll
View File

@@ -105,13 +105,15 @@ class SpringResponseBodyAnnotationType extends AnnotationType {
* A method on a Spring controller that is executed in response to a web request.
*/
class SpringRequestMappingMethod extends SpringControllerMethod {
Annotation requestMappingAnnotation;
SpringRequestMappingMethod() {
// Any method that declares the @RequestMapping annotation, or overrides a method that declares
// the annotation. We have to do this explicit check because the @RequestMapping annotation is
// not declared with @Inherited.
exists(Method superMethod |
this.overrides*(superMethod) and
superMethod.getAnAnnotation().getType() instanceof SpringRequestMappingAnnotationType
requestMappingAnnotation = superMethod.getAnAnnotation() and
requestMappingAnnotation.getType() instanceof SpringRequestMappingAnnotationType
)
}
@@ -120,6 +122,11 @@ class SpringRequestMappingMethod extends SpringControllerMethod {
result = getAParameter()
}
/** Gets the "produces" @RequestMapping annotation value, if present. */
string getProduces() {
result = requestMappingAnnotation.getValue("produces").(StringLiteral).getValue()
}
/** Holds if this is considered an @ResponseBody method. */
predicate isResponseBody() {
getAnAnnotation().getType() instanceof SpringResponseBodyAnnotationType