hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-27 09:48:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
6eb58d832c32d240a4a3ad811b16fd999c571f21
codeql/java/ql/lib/semmle/code/java/security/PartialPathTraversalQuery.qll
Shyam Mehta 76cecc170e Fix documentation
2022-08-03 14:30:17 -04:00

24 lines
925 B
Plaintext
Raw Blame History

/** Provides taint tracking configurations to be used in partial path traversal queries. */
import java
import semmle.code.java.security.PartialPathTraversal
import semmle.code.java.dataflow.DataFlow
import semmle.code.java.dataflow.ExternalFlow
import semmle.code.java.dataflow.TaintTracking
import semmle.code.java.dataflow.FlowSources
/**
* A taint-tracking configuration for unsafe user input
* that is used to validate against path traversal, but is insufficient
* and remains vulnerable to Partial Path Traversal.
*/
class PartialPathTraversalFromRemoteConfig extends TaintTracking::Configuration {
PartialPathTraversalFromRemoteConfig() { this = "PartialPathTraversalFromRemoteConfig" }
override predicate isSource(DataFlow::Node node) { node instanceof RemoteFlowSource }
override predicate isSink(DataFlow::Node node) {
any(PartialPathTraversalMethodAccess ma).getQualifier() = node.asExpr()
}
}
Reference in New Issue View Git Blame Copy Permalink