hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-14 11:19:27 +02:00
Code Issues Packages Projects Releases Wiki Activity
87,079 Commits 1,759 Branches 167 Tags
bf960b8c761598bf11d94cb7823dd5c0718ecfd3
Commit Graph

48 Commits

Author SHA1 Message Date
MarkLee131
9ff4ed286f Java: recognize Path.toRealPath() as path normalization sanitizer 
PathNormalizeSanitizer recognized Path.normalize() and
File.getCanonicalPath()/getCanonicalFile(), but not Path.toRealPath().

toRealPath() is strictly stronger than normalize() (resolves symlinks
and verifies file existence in addition to normalizing ".." components),
and is functionally equivalent to File.getCanonicalPath() for the NIO.2
API. CERT FIO16-J and OWASP both recommend it for path traversal defense.

This adds toRealPath to PathNormalizeSanitizer alongside normalize,
reducing false positives for code using idiomatic NIO.2 path handling.
 2026-04-04 20:59:45 +08:00
Owen Mansel-Chan
1fefa989d7 Rename RegexMatch and only include expressions 2026-02-13 22:45:48 +00:00
Owen Mansel-Chan
a22fd39230 Use RegexExecution in sanitizer definitions (expands scope) 2026-02-11 13:09:48 +00:00
Owen Mansel-Chan
81667d741a Rename classes for external sanitizers 2026-01-06 14:36:54 +00:00
Owen Mansel-Chan
f6e3c77145 Convert path injection barrier to MaD 2025-12-11 16:24:27 +01:00
Anders Schack-Mulligen
a04ff18ba4 Java: Enable validation wrappers in BarrierGuards. 2025-08-07 15:42:59 +02:00
Anders Schack-Mulligen
fbe79e8a52 Java: Add AnnotatedExitNodes to the CFG. 2025-07-17 11:21:26 +02:00
Kasper Svendsen
c207cfdeb7 Overlay: Add overlay annotations to Java & shared libraries 2025-06-24 10:25:06 +02:00
Anders Schack-Mulligen
db01828717 Java: Deprecate redundant basic block predicates. 2025-05-21 09:01:46 +02:00
Jami Cogswell
0d2e9ae469 Java: fix 'matches' false branch 2025-03-17 18:48:44 -04:00
Jami Cogswell
49d37c517d Java: fix replacement char check and add tests 2025-03-17 16:02:13 -04:00
Jami Cogswell
3083360032 Java: remove 'complementary' from qldocs 2025-03-17 15:24:31 -04:00
Jami Cogswell
b9f642f4aa Java: condense '.' matching 2025-03-17 15:20:14 -04:00
Jami Cogswell
9d6a10b601 Java: rename 'isSingleReplaceAll' and 'isDoubleReplaceOrReplaceAll' 2025-03-17 15:07:10 -04:00
Jami Cogswell
76433a31f7 Java: generalize sanitizer and add tests 2025-03-10 18:56:01 -04:00
Jami Cogswell
ab3690f666 Java: initial sanitizer 2025-03-10 18:55:56 -04:00
Jami Cogswell
9bb5fe837d Java: address review comments 2025-02-17 15:47:45 -05:00
Jami Cogswell
c0ebeb9c7b Java: use AdditionalTaintStep 2025-02-14 13:52:43 -05:00
Jami Cogswell
d21c8d789b Java: restrict sink to first arg of two-arg constructor call 2025-02-05 21:19:59 -05:00
Jami Cogswell
bd47dcc87d Java: check first arg for taint 2025-02-05 16:56:16 -05:00
Jami Cogswell
e8724ab220 Java: sanitize constructor call instead and update test cases 2025-02-05 15:46:10 -05:00
Jami Cogswell
4a4585a526 Java: move comment 2025-02-05 11:36:58 -05:00
Jami Cogswell
59d454771d Java: add FileConstructorSanitizer and tests 2025-02-04 17:51:23 -05:00
Jami
538dee81b6 Merge pull request #18214 from jcogs33/jcogs33/java/file-getname-path-sanitizer 
Java: add File.getName as a path injection sanitizer
 2024-12-11 10:18:02 -05:00
Owen Mansel-Chan
0f3dd6d8f1 Java: IPA the CFG 2024-12-10 15:26:11 +00:00
Jami Cogswell
121780c55a Java: add File.getName as a path injection sanitizer 2024-12-04 18:57:51 -05:00
Jami Cogswell
d220b3a298 Java: some updates to test cases 2024-03-13 16:28:43 -04:00
Jami Cogswell
911a61df22 Java: initial update of barrier and test cases to remove FN 2024-03-13 16:28:42 -04:00
Tony Torralba
90a9d82b9d Java: Expand ExactPathSanitizer to work on the argument of 'equals' too 2024-02-15 10:00:24 +01:00
Chris Smowton
ac38d4c9c6 Mass rename L/RValue -> VarWrite/Read 2023-10-24 10:58:29 +01:00
Chris Smowton
f552a15aae Mass-rename MethodAccess -> MethodCall 2023-10-24 10:30:26 +01:00
Tamas Vajk
6bcfdfca88 Adjust getExtensionReceiverParameterIndex predicate name and change note 2022-12-09 10:29:52 +01:00
Tamas Vajk
81c35c8b27 Adjust PathSanitizer to use fixed $default extension method functionality 2022-12-09 10:29:52 +01:00
Tony Torralba
321a2f5a73 Merge pull request #11550 from atorralba/atorralba/kotlin/adapt-path-sanitizer 
Kotlin: Adapt PathSanitizer
 2022-12-07 12:08:00 +01:00
Tony Torralba
6dcc0cc188 Further simplification 2022-12-07 10:50:23 +01:00
Tony Torralba
ccd465d669 Update java/ql/lib/semmle/code/java/security/PathSanitizer.qll 2022-12-07 10:38:33 +01:00
Tony Torralba
2f622ad72c Refactor by introducing helper predicates 2022-12-07 10:31:54 +01:00
Tony Torralba
21b51b48eb Adapt PathSanitizer to Kotlin 2022-12-05 11:00:57 +01:00
Michael Nebel
4c7cdc6245 Java: Remove unneeded imports of ExternalFlow.qll. 2022-12-05 09:49:38 +01:00
Anders Schack-Mulligen
6db0db431f Java: Add pruning for local taint flow. 2022-10-05 12:02:05 +02:00
Tony Torralba
9db65eae7f Address review comments 2022-10-04 12:27:01 +02:00
Tony Torralba
264d6db9d7 Rename AllowListGuard to AllowedPrefixGuard 2022-10-04 12:27:01 +02:00
Tony Torralba
90020b6aab Make block lists work with substring matching too 
A block list approach doesn't need to restrict itself to prefix matching
 2022-10-04 12:27:01 +02:00
Tony Torralba
69d1895175 Update java/ql/lib/semmle/code/java/security/PathSanitizer.qll 2022-10-04 12:27:01 +02:00
Tony Torralba
6fcaae20e7 Add tests and fix bugs highlighted by them 2022-10-04 12:27:01 +02:00
Tony Torralba
4e29c39c78 Merge ZipSlip sanitization logic into PathSanitizer.qll 
Apply code review suggestions regarding weak sanitizers
 2022-10-04 12:27:01 +02:00
Tony Torralba
5706e8b377 Improve PathSanitizer 
Rename PathTraversalSanitizer to PathInjectionSanitizer
 2022-10-04 12:26:17 +02:00
Tony Torralba
50ad234694 Move PathSanitizer to the main library 2022-10-04 12:26:17 +02:00