hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-12 06:00:23 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
993bfee096396239b894fb541029380fc220b27f
codeql/java/ql/lib/semmle/code/java/security/GroovyInjectionQuery.qll

45 lines
1.5 KiB
Plaintext
Raw Blame History

/** Provides taint tracking configurations relating to Groovy injection vulnerabilities. */
import java
import semmle.code.java.dataflow.FlowSources
import semmle.code.java.dataflow.TaintTracking
import semmle.code.java.security.GroovyInjection
/**
* DEPRECATED: Use `GroovyInjectionFlow` instead.
*
* A taint-tracking configuration for unsafe user input
* that is used to evaluate a Groovy expression.
*/
deprecated class GroovyInjectionConfig extends TaintTracking::Configuration {
GroovyInjectionConfig() { this = "GroovyInjectionConfig" }
override predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource }
override predicate isSink(DataFlow::Node sink) { sink instanceof GroovyInjectionSink }
override predicate isAdditionalTaintStep(DataFlow::Node fromNode, DataFlow::Node toNode) {
any(GroovyInjectionAdditionalTaintStep c).step(fromNode, toNode)
}
}
/**
* A taint-tracking configuration for unsafe user input
* that is used to evaluate a Groovy expression.
*/
module GroovyInjectionConfig implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
predicate isSink(DataFlow::Node sink) { sink instanceof GroovyInjectionSink }
predicate isAdditionalFlowStep(DataFlow::Node fromNode, DataFlow::Node toNode) {
any(GroovyInjectionAdditionalTaintStep c).step(fromNode, toNode)
}
}
/**
* Detect taint flow of unsafe user input
* that is used to evaluate a Groovy expression.
*/
module GroovyInjectionFlow = TaintTracking::Global<GroovyInjectionConfig>;
Reference in New Issue View Git Blame Copy Permalink