hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
codeql-cli-2.23.4
codeql/java/ql/lib/ext/java.nio.file.model.yml
Tony Torralba d786ea90a4 Java: Add more neutrals 
Adds more neutral models to help the model generator ignore certain callables.

Also improves the precision of certain URL models by using synthetic fields so that the parts of a URL are tainted separately.
2024-03-26 17:31:11 +01:00

132 lines
13 KiB
YAML
Raw Permalink Blame History

extensions:
- addsTo:
pack: codeql/java-all
extensible: sinkModel
data:
- ["java.nio.file", "Files", False, "copy", "(Path,OutputStream)", "", "Argument[0]", "path-injection", "manual"]
- ["java.nio.file", "Files", False, "copy", "(Path,Path,CopyOption[])", "", "Argument[0]", "path-injection", "manual"]
- ["java.nio.file", "Files", False, "copy", "(Path,Path,CopyOption[])", "", "Argument[1]", "path-injection", "manual"]
- ["java.nio.file", "Files", False, "copy", "(InputStream,Path,CopyOption[])", "", "Argument[0]", "file-content-store", "manual"]
- ["java.nio.file", "Files", False, "copy", "(InputStream,Path,CopyOption[])", "", "Argument[1]", "path-injection", "manual"]
- ["java.nio.file", "Files", False, "createDirectories", "", "", "Argument[0]", "path-injection", "manual"]
- ["java.nio.file", "Files", False, "createDirectory", "", "", "Argument[0]", "path-injection", "manual"]
- ["java.nio.file", "Files", False, "createFile", "", "", "Argument[0]", "path-injection", "manual"]
- ["java.nio.file", "Files", False, "createLink", "", "", "Argument[0]", "path-injection", "manual"]
- ["java.nio.file", "Files", False, "createSymbolicLink", "", "", "Argument[0]", "path-injection", "manual"]
- ["java.nio.file", "Files", False, "createTempDirectory", "(Path,String,FileAttribute[])", "", "Argument[0]", "path-injection", "manual"]
- ["java.nio.file", "Files", False, "createTempFile", "(Path,String,String,FileAttribute[])", "", "Argument[0]", "path-injection", "manual"]
- ["java.nio.file", "Files", False, "delete", "(Path)", "", "Argument[0]", "path-injection", "ai-manual"]
- ["java.nio.file", "Files", False, "deleteIfExists", "(Path)", "", "Argument[0]", "path-injection", "ai-manual"]
- ["java.nio.file", "Files", False, "getFileStore", "(Path)", "", "Argument[0]", "path-injection", "ai-manual"] # the FileStore class is unlikely to be used for later sanitization
- ["java.nio.file", "Files", False, "exists", "(Path,LinkOption[])", "", "Argument[0]", "path-injection", "manual"]
- ["java.nio.file", "Files", False, "lines", "(Path,Charset)", "", "Argument[0]", "path-injection", "ai-manual"]
- ["java.nio.file", "Files", False, "lines", "(Path)", "", "Argument[0]", "path-injection", "ai-manual"]
- ["java.nio.file", "Files", False, "move", "", "", "Argument[1]", "path-injection", "manual"]
- ["java.nio.file", "Files", False, "move", "(Path,Path,CopyOption[])", "", "Argument[0]", "path-injection", "ai-manual"]
- ["java.nio.file", "Files", False, "newBufferedReader", "(Path,Charset)", "", "Argument[0]", "path-injection", "ai-manual"]
- ["java.nio.file", "Files", False, "newBufferedReader", "(Path)", "", "Argument[0]", "path-injection", "ai-manual"]
- ["java.nio.file", "Files", False, "newBufferedWriter", "", "", "Argument[0]", "path-injection", "manual"]
- ["java.nio.file", "Files", False, "newInputStream", "(Path,OpenOption[])", "", "Argument[0]", "path-injection", "ai-manual"]
- ["java.nio.file", "Files", False, "newOutputStream", "", "", "Argument[0]", "path-injection", "manual"]
- ["java.nio.file", "Files", False, "notExists", "(Path,LinkOption[])", "", "Argument[0]", "path-injection", "manual"]
- ["java.nio.file", "Files", False, "probeContentType", "(Path)", "", "Argument[0]", "path-injection", "ai-manual"] # accesses the file based on user input, but only reads its content type from it
- ["java.nio.file", "Files", False, "readAllBytes", "(Path)", "", "Argument[0]", "path-injection", "ai-manual"]
- ["java.nio.file", "Files", False, "readAllLines", "(Path,Charset)", "", "Argument[0]", "path-injection", "ai-manual"]
- ["java.nio.file", "Files", False, "readAllLines", "(Path)", "", "Argument[0]", "path-injection", "ai-manual"]
- ["java.nio.file", "Files", False, "readString", "(Path,Charset)", "", "Argument[0]", "path-injection", "ai-manual"]
- ["java.nio.file", "Files", False, "readString", "(Path)", "", "Argument[0]", "path-injection", "ai-manual"]
- ["java.nio.file", "Files", False, "write", "", "", "Argument[0]", "path-injection", "manual"]
- ["java.nio.file", "Files", False, "write", "", "", "Argument[1]", "file-content-store", "manual"]
- ["java.nio.file", "Files", False, "writeString", "", "", "Argument[0]", "path-injection", "manual"]
- ["java.nio.file", "Files", False, "writeString", "", "", "Argument[1]", "file-content-store", "manual"]
- ["java.nio.file", "FileSystems", False, "newFileSystem", "(URI,Map)", "", "Argument[0]", "path-injection", "ai-manual"]
- ["java.nio.file", "FileSystems", False, "newFileSystem", "(URI,Map)", "", "Argument[0]", "request-forgery", "ai-manual"]
- ["java.nio.file", "SecureDirectoryStream", True, "deleteDirectory", "(Path)", "", "Argument[0]", "path-injection", "ai-manual"]
- ["java.nio.file", "SecureDirectoryStream", True, "deleteFile", "(Path)", "", "Argument[0]", "path-injection", "ai-manual"]
- addsTo:
pack: codeql/java-all
extensible: summaryModel
data:
- ["java.nio.file", "Files", False, "find", "(Path,int,BiPredicate,FileVisitOption[])", "", "Argument[0]", "ReturnValue.Element", "taint", "ai-manual"]
- ["java.nio.file", "Files", False, "find", "(Path,int,BiPredicate,FileVisitOption[])", "", "Argument[2]", "ReturnValue.Element", "taint", "ai-manual"]
- ["java.nio.file", "Files", False, "list", "(Path)", "", "Argument[0]", "ReturnValue.Element", "taint", "ai-manual"]
- ["java.nio.file", "Files", False, "readSymbolicLink", "(Path)", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"] # this can be used to enumerate a file system
- ["java.nio.file", "Files", True, "newBufferedReader", "(Path,Charset)", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"]
- ["java.nio.file", "Files", True, "newBufferedReader", "(Path)", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"]
- ["java.nio.file", "Files", True, "newByteChannel", "(Path,OpenOption[])", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"]
- ["java.nio.file", "Files", True, "newByteChannel", "(Path,Set,FileAttribute[])", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"]
- ["java.nio.file", "Files", True, "newDirectoryStream", "(Path,DirectoryStream$Filter)", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"]
- ["java.nio.file", "Files", True, "newDirectoryStream", "(Path)", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"]
- ["java.nio.file", "Files", True, "walk", "(Path,FileVisitOption[])", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"]
- ["java.nio.file", "FileSystem", True, "getPath", "(String,String[])", "", "Argument[0]", "ReturnValue", "taint", "manual"]
- ["java.nio.file", "FileSystem", True, "getPath", "(String,String[])", "", "Argument[1]", "ReturnValue", "taint", "ai-manual"]
- ["java.nio.file", "FileSystem", True, "getPathMatcher", "(String)", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"]
- ["java.nio.file", "FileSystem", True, "getRootDirectories", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]
- ["java.nio.file", "FileSystems", False, "getFileSystem", "(URI)", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"]
- ["java.nio.file", "Path", True, "getFileName", "", "", "Argument[this]", "ReturnValue", "taint", "manual"]
- ["java.nio.file", "Path", True, "getParent", "", "", "Argument[this]", "ReturnValue", "taint", "manual"]
- ["java.nio.file", "Path", True, "normalize", "", "", "Argument[this]", "ReturnValue", "taint", "manual"]
- ["java.nio.file", "Path", True, "of", "(String,String[])", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"]
- ["java.nio.file", "Path", True, "of", "(String,String[])", "", "Argument[1]", "ReturnValue", "taint", "ai-manual"]
- ["java.nio.file", "Path", True, "of", "(URI)", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"]
- ["java.nio.file", "Path", True, "relativize", "(Path)", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"]
- ["java.nio.file", "Path", True, "resolve", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]
- ["java.nio.file", "Path", True, "resolve", "", "", "Argument[this]", "ReturnValue", "taint", "manual"]
- ["java.nio.file", "Path", True, "resolveSibling", "", "", "Argument[0]", "ReturnValue", "taint", "ai-manual"]
- ["java.nio.file", "Path", True, "resolveSibling", "", "", "Argument[this]", "ReturnValue", "taint", "manual"]
- ["java.nio.file", "Path", True, "toAbsolutePath", "", "", "Argument[this]", "ReturnValue", "taint", "manual"]
- ["java.nio.file", "Path", False, "toFile", "", "", "Argument[this]", "ReturnValue", "taint", "manual"]
- ["java.nio.file", "Path", True, "toString", "", "", "Argument[this]", "ReturnValue", "taint", "manual"]
- ["java.nio.file", "Path", True, "toUri", "", "", "Argument[this]", "ReturnValue", "taint", "manual"]
- ["java.nio.file", "Paths", True, "get", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]
- ["java.nio.file", "Paths", True, "get", "", "", "Argument[1].ArrayElement", "ReturnValue", "taint", "manual"]
# Not supported by current lambda flow
# - ["java.nio.file", "Files", True, "walkFileTree", "(Path,FileVisitor)", "", "Argument[0]", "Argument[1].Method[postVisitDirectory(Path,IOException)].Parameter[0]", "taint", "ai-manual"]
# - ["java.nio.file", "Files", True, "walkFileTree", "(Path,FileVisitor)", "", "Argument[0]", "Argument[1].Method[preVisitDirectory(Path,BasicFileAttributes)].Parameter[0]", "taint", "ai-manual"]
# - ["java.nio.file", "Files", True, "walkFileTree", "(Path,FileVisitor)", "", "Argument[0]" "Argument[1].Method[visitFile(Path,BasicFileAttributes)].Parameter[0]", "taint", "ai-manual"]
# - ["java.nio.file", "Files", True, "walkFileTree", "(Path,FileVisitor)", "", "Argument[0]", "Argument[1].Method[visitFileFailed(Path,IOException)].Parameter[0]", "taint", "ai-manual"]
- addsTo:
pack: codeql/java-all
extensible: neutralModel
data:
# summary neutrals
- ["java.nio.file", "Files", "copy", "", "summary", "df-manual"]
- ["java.nio.file", "Files", "createDirectories", "", "summary", "df-manual"]
- ["java.nio.file", "Files", "createDirectory", "", "summary", "df-manual"]
- ["java.nio.file", "Files", "createFile", "", "summary", "df-manual"]
- ["java.nio.file", "Files", "createLink", "", "summary", "df-manual"]
- ["java.nio.file", "Files", "createSymbolicLink", "", "summary", "df-manual"]
- ["java.nio.file", "Files", "createTempDirectory", "", "summary", "df-manual"]
- ["java.nio.file", "Files", "createTempFile", "", "summary", "df-manual"]
- ["java.nio.file", "Files", "delete", "", "summary", "df-manual"]
- ["java.nio.file", "Files", "deleteIfExists", "", "summary", "df-manual"]
- ["java.nio.file", "Files", "getFileStore", "", "summary", "df-manual"]
- ["java.nio.file", "Files", "exists", "", "summary", "df-manual"]
- ["java.nio.file", "Files", "lines", "", "summary", "df-manual"]
- ["java.nio.file", "Files", "move", "", summary, "df-manual"]
- ["java.nio.file", "Files", "newBufferedReader", "", "summary", "df-manual"]
- ["java.nio.file", "Files", "newBufferedWriter", "", summary, "df-manual"]
- ["java.nio.file", "Files", "newInputStream", "", "summary", "df-manual"]
- ["java.nio.file", "Files", "newOutputStream", "", summary, "df-manual"]
- ["java.nio.file", "Files", "notExists", "", "summary", "df-manual"]
- ["java.nio.file", "Files", "probeContentType", "", "summary", "df-manual"]
- ["java.nio.file", "Files", "readAllBytes", "", "summary", "df-manual"]
- ["java.nio.file", "Files", "readAllLines", "", "summary", "df-manual"]
- ["java.nio.file", "Files", "readString", "", "summary", "df-manual"]
- ["java.nio.file", "Files", "write", "", summary, "df-manual"]
- ["java.nio.file", "Files", "writeString", "", summary, "df-manual"]
# sink neutrals
- ["java.nio.file", "Files", "getLastModifiedTime", "", "sink", "hq-manual"]
- ["java.nio.file", "Files", "getOwner", "", "sink", "hq-manual"]
- ["java.nio.file", "Files", "getPosixFilePermissions", "", "sink", "hq-manual"]
- ["java.nio.file", "Files", "isDirectory", "", "sink", "hq-manual"]
- ["java.nio.file", "Files", "isExecutable", "", "sink", "hq-manual"]
- ["java.nio.file", "Files", "isHidden", "", "sink", "hq-manual"]
- ["java.nio.file", "Files", "isReadable", "", "sink", "hq-manual"]
- ["java.nio.file", "Files", "isRegularFile", "", "sink", "hq-manual"]
- ["java.nio.file", "Files", "isSameFile", "", "sink", "hq-manual"]
- ["java.nio.file", "Files", "isSymbolicLink", "", "sink", "hq-manual"]
- ["java.nio.file", "Files", "isWritable", "", "sink", "hq-manual"]
- ["java.nio.file", "Files", "setLastModifiedTime", "", "sink", "hq-manual"]
- ["java.nio.file", "Files", "size", "", "sink", "hq-manual"]
Reference in New Issue View Git Blame Copy Permalink