hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-24 02:43:40 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
61e8f9140456611201d8f3beefe7d4f97671becd
codeql/javascript/ql/lib/semmle/javascript/security/dataflow/NosqlInjectionCustomizations.qll
Owen Mansel-Chan 61e8f91404 Accept MaD sanitizers for queries with MaD sinks
2026-02-17 12:45:24 +00:00

55 lines
1.6 KiB
Plaintext
Raw Blame History

/**
* Provides default sources, sinks and sanitizers for reasoning about
* NoSQL injection vulnerabilities, as well as extension points for
* adding your own.
*/
import javascript
import semmle.javascript.security.TaintedObject
module NosqlInjection {
import semmle.javascript.security.CommonFlowState
/**
* A data flow source for NoSQL injection vulnerabilities.
*/
abstract class Source extends DataFlow::Node { }
/**
* A data flow sink for NoSQL injection vulnerabilities.
*/
abstract class Sink extends DataFlow::Node {
/**
* Gets a flow label relevant for this sink.
*
* Defaults to deeply tainted objects only.
*/
FlowState getAFlowState() { result.isTaintedObject() }
/** DEPRECATED. Use `getAFlowState()` instead. */
deprecated DataFlow::FlowLabel getAFlowLabel() { result = this.getAFlowState().toFlowLabel() }
}
/**
* A sanitizer for NoSQL injection vulnerabilities.
*/
abstract class Sanitizer extends DataFlow::Node { }
/**
* DEPRECATED: Use `ActiveThreatModelSource` from Concepts instead!
*/
deprecated class RemoteFlowSourceAsSource = ActiveThreatModelSourceAsSource;
/**
* An active threat-model source, considered as a flow source.
*/
private class ActiveThreatModelSourceAsSource extends Source, ActiveThreatModelSource { }
/** An expression interpreted as a NoSql query, viewed as a sink. */
class NosqlQuerySink extends Sink instanceof NoSql::Query { }
private class SanitizerFromModel extends Sanitizer {
SanitizerFromModel() { ModelOutput::barrierNode(this, "nosql-injection") }
}
}
Reference in New Issue View Git Blame Copy Permalink