hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 02:13:17 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
3c1286385d29b51eb85a07580f5ef24e09c6960f
codeql/java/ql/lib/ext/java.security.model.yml
Tony Torralba d786ea90a4 Java: Add more neutrals 
Adds more neutral models to help the model generator ignore certain callables.

Also improves the precision of certain URL models by using synthetic fields so that the parts of a URL are tainted separately.
2024-03-26 17:31:11 +01:00

36 lines
3.5 KiB
YAML
Raw Blame History

extensions:
- addsTo:
pack: codeql/java-all
extensible: sinkModel
data:
- ["java.security", "KeyStore", False, "getKey", "(String,char[])", "", "Argument[1]", "credentials-password", "hq-generated"]
- ["java.security", "KeyStore", False, "load", "(InputStream,char[])", "", "Argument[1]", "credentials-password", "hq-generated"]
- ["java.security", "KeyStore", False, "setKeyEntry", "(String,Key,char[],Certificate[])", "", "Argument[2]", "credentials-password", "hq-generated"]
- ["java.security", "KeyStore", False, "setKeyEntry", "(String,byte[],Certificate[])", "", "Argument[1]", "credentials-key", "hq-generated"]
- ["java.security", "KeyStore", False, "store", "(OutputStream,char[])", "", "Argument[1]", "credentials-password", "hq-generated"]
- ["java.security", "KeyStore$PasswordProtection", False, "PasswordProtection", "(char[])", "", "Argument[0]", "credentials-password", "hq-generated"]
- ["java.security", "KeyStore$PasswordProtection", False, "PasswordProtection", "(char[],String,AlgorithmParameterSpec)", "", "Argument[0]", "credentials-password", "hq-generated"]
- ["java.security", "KeyStoreSpi", True, "engineGetKey", "(String,char[])", "", "Argument[1]", "credentials-password", "hq-generated"]
- ["java.security", "KeyStoreSpi", True, "engineLoad", "(InputStream,char[])", "", "Argument[1]", "credentials-password", "hq-generated"]
- ["java.security", "KeyStoreSpi", True, "engineSetKeyEntry", "(String,Key,char[],Certificate[])", "", "Argument[2]", "credentials-password", "hq-generated"]
- ["java.security", "KeyStoreSpi", True, "engineStore", "(OutputStream,char[])", "", "Argument[1]", "credentials-password", "hq-generated"]
- ["java.security", "KeyStoreSpi", True, "engineSetKeyEntry", "(String,byte[],Certificate[])", "", "Argument[1]", "credentials-key", "hq-generated"]
- addsTo:
pack: codeql/java-all
extensible: summaryModel
data:
- ["java.security", "CodeSource", False, "CodeSource", "(URL,Certificate[])", "", "Argument[0]", "Argument[this]", "taint", "df-manual"]
- ["java.security", "CodeSource", False, "CodeSource", "(URL,Certificate[])", "", "Argument[1].ArrayElement", "Argument[this].SyntheticField[java.security.CodeSource.certificates].ArrayElement", "value", "df-manual"]
- ["java.security", "CodeSource", False, "CodeSource", "(URL,CodeSigner[])", "", "Argument[0]", "Argument[this]", "taint", "df-manual"]
- ["java.security", "CodeSource", False, "CodeSource", "(URL,CodeSigner[])", "", "Argument[1].ArrayElement", "Argument[this].SyntheticField[java.security.CodeSource.codeSigners].ArrayElement", "value", "df-manual"]
- ["java.security", "CodeSource", False, "getCertificates", "()", "", "Argument[this].SyntheticField[java.security.CodeSource.certificates].ArrayElement", "ReturnValue.ArrayElement", "value", "df-manual"]
- ["java.security", "CodeSource", False, "getCodeSigners", "()", "", "Argument[this].SyntheticField[java.security.CodeSource.codeSigners].ArrayElement", "ReturnValue.ArrayElement", "value", "df-manual"]
- ["java.security", "CodeSource", False, "getLocation", "()", "", "Argument[this]", "ReturnValue", "taint", "df-manual"]
- addsTo:
pack: codeql/java-all
extensible: neutralModel
data:
- ["java.security", "MessageDigest", "digest", "()", "summary", "df-manual"]
- ["java.security", "MessageDigest", "digest", "(byte[])", "summary", "df-manual"]
- ["java.security", "MessageDigest", "digest", "(byte[],int,int)", "summary", "df-manual"]
Reference in New Issue View Git Blame Copy Permalink