hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-04 06:36:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
ddb5d92ef8a854711eb35ff6cef90963adfd412d
codeql/java/ql/lib/semmle/code/java/security/UnsafeAndroidAccessQuery.qll
Ed Minnix 1bf4dd9649 Update to DataFlow::Global
2023-03-24 09:54:53 -04:00

41 lines
1.5 KiB
Plaintext
Raw Blame History

/** Provides taint tracking configurations to be used in Unsafe Resource Fetching queries. */
import java
import semmle.code.java.dataflow.FlowSources
import semmle.code.java.dataflow.TaintTracking
import semmle.code.java.security.RequestForgery
import semmle.code.java.security.UnsafeAndroidAccess
/**
* DEPRECATED: Use `FetchUntrustedResourceFlow` instead.
*
* A taint configuration tracking flow from untrusted inputs to a resource fetching call.
*/
deprecated class FetchUntrustedResourceConfiguration extends TaintTracking::Configuration {
FetchUntrustedResourceConfiguration() { this = "FetchUntrustedResourceConfiguration" }
override predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource }
override predicate isSink(DataFlow::Node sink) { sink instanceof UrlResourceSink }
override predicate isSanitizer(DataFlow::Node sanitizer) {
sanitizer instanceof RequestForgerySanitizer
}
}
/**
* A taint configuration tracking flow from untrusted inputs to a resource fetching call.
*/
module FetchUntrustedResourceConfig implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource }
predicate isSink(DataFlow::Node sink) { sink instanceof UrlResourceSink }
predicate isBarrier(DataFlow::Node sanitizer) { sanitizer instanceof RequestForgerySanitizer }
}
/**
* Detects taint flow from untrusted inputs to a resource fetching call.
*/
module FetchUntrustedResourceFlow = TaintTracking::Global<FetchUntrustedResourceConfig>;
Reference in New Issue View Git Blame Copy Permalink