hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 12:46:34 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
ba565179009c19feb3485aed705c0121a320398a
codeql/java/ql/lib/semmle/code/java/frameworks/SpringJdbc.qll
Tony Torralba b69d81ce24 Make all imports of ExternalFlow private
2022-04-26 13:48:44 +02:00

54 lines
3.0 KiB
Plaintext
Raw Blame History

/**
* Provides classes and predicates for working with the Spring JDBC framework.
*/
import java
private import semmle.code.java.dataflow.ExternalFlow
/** The class `org.springframework.jdbc.core.JdbcTemplate`. */
class JdbcTemplate extends RefType {
JdbcTemplate() { this.hasQualifiedName("org.springframework.jdbc.core", "JdbcTemplate") }
}
private class SqlSinkCsv extends SinkModelCsv {
override predicate row(string row) {
row =
[
//"package;type;overrides;name;signature;ext;spec;kind"
"org.springframework.jdbc.core;JdbcTemplate;false;batchUpdate;(String[]);;Argument[0];sql",
"org.springframework.jdbc.core;JdbcTemplate;false;batchUpdate;;;Argument[0];sql",
"org.springframework.jdbc.core;JdbcTemplate;false;execute;;;Argument[0];sql",
"org.springframework.jdbc.core;JdbcTemplate;false;update;;;Argument[0];sql",
"org.springframework.jdbc.core;JdbcTemplate;false;query;;;Argument[0];sql",
"org.springframework.jdbc.core;JdbcTemplate;false;queryForList;;;Argument[0];sql",
"org.springframework.jdbc.core;JdbcTemplate;false;queryForMap;;;Argument[0];sql",
"org.springframework.jdbc.core;JdbcTemplate;false;queryForObject;;;Argument[0];sql",
"org.springframework.jdbc.core;JdbcTemplate;false;queryForRowSet;;;Argument[0];sql",
"org.springframework.jdbc.core;JdbcTemplate;false;queryForStream;;;Argument[0];sql",
"org.springframework.jdbc.object;BatchSqlUpdate;false;BatchSqlUpdate;;;Argument[1];sql",
"org.springframework.jdbc.object;MappingSqlQuery;false;BatchSqlUpdate;;;Argument[1];sql",
"org.springframework.jdbc.object;MappingSqlQueryWithParameters;false;BatchSqlUpdate;;;Argument[1];sql",
"org.springframework.jdbc.object;RdbmsOperation;true;setSql;;;Argument[0];sql",
"org.springframework.jdbc.object;SqlCall;false;SqlCall;;;Argument[1];sql",
"org.springframework.jdbc.object;SqlFunction;false;SqlFunction;;;Argument[1];sql",
"org.springframework.jdbc.object;SqlQuery;false;SqlQuery;;;Argument[1];sql",
"org.springframework.jdbc.object;SqlUpdate;false;SqlUpdate;;;Argument[1];sql",
"org.springframework.jdbc.object;UpdatableSqlQuery;false;UpdatableSqlQuery;;;Argument[1];sql"
]
}
}
private class SsrfSinkCsv extends SinkModelCsv {
override predicate row(string row) {
row =
[
//"package;type;overrides;name;signature;ext;spec;kind"
"org.springframework.boot.jdbc;DataSourceBuilder;false;url;(String);;Argument[0];jdbc-url",
"org.springframework.jdbc.datasource;AbstractDriverBasedDataSource;false;setUrl;(String);;Argument[0];jdbc-url",
"org.springframework.jdbc.datasource;DriverManagerDataSource;false;DriverManagerDataSource;(String);;Argument[0];jdbc-url",
"org.springframework.jdbc.datasource;DriverManagerDataSource;false;DriverManagerDataSource;(String,String,String);;Argument[0];jdbc-url",
"org.springframework.jdbc.datasource;DriverManagerDataSource;false;DriverManagerDataSource;(String,Properties);;Argument[0];jdbc-url"
]
}
}
Reference in New Issue View Git Blame Copy Permalink