Update supported sink and source kinds

2024-03-26 12:09:51 +01:00
parent bd57005832
commit b3c83d175a
3 changed files with 39 additions and 1 deletions
--- a/extensions/ql-vscode/src/model-editor/languages/csharp/index.ts
+++ b/extensions/ql-vscode/src/model-editor/languages/csharp/index.ts
@@ -10,6 +10,12 @@ export const csharp: ModelsAsDataLanguage = {
    },
    source: {
      ...staticLanguage.predicates.source,
+      supportedKinds: [
+        ...staticLanguage.predicates.source.supportedKinds,
+        // https://github.com/github/codeql/blob/0c5ea975a4c4dc5c439b908c006e440cb9bdf926/shared/mad/codeql/mad/ModelValidation.qll#L122-L123
+        "file-write",
+        "windows-registry",
+      ],
    },
  },
 };
--- a/extensions/ql-vscode/src/model-editor/languages/java/index.ts
+++ b/extensions/ql-vscode/src/model-editor/languages/java/index.ts
@@ -7,9 +7,36 @@ export const java: ModelsAsDataLanguage = {
    ...staticLanguage.predicates,
    sink: {
      ...staticLanguage.predicates.sink,
+      supportedKinds: [
+        ...staticLanguage.predicates.sink.supportedKinds,
+        // https://github.com/github/codeql/blob/0c5ea975a4c4dc5c439b908c006e440cb9bdf926/shared/mad/codeql/mad/ModelValidation.qll#L32-L37
+        "bean-validation",
+        "fragment-injection",
+        "groovy-injection",
+        "hostname-verification",
+        "information-leak",
+        "intent-redirection",
+        "jexl-injection",
+        "jndi-injection",
+        "mvel-injection",
+        "notification",
+        "ognl-injection",
+        "pending-intents",
+        "response-splitting",
+        "trust-boundary-violation",
+        "template-injection",
+        "xpath-injection",
+        "xslt-injection",
+      ],
    },
    source: {
      ...staticLanguage.predicates.source,
+      supportedKinds: [
+        ...staticLanguage.predicates.source.supportedKinds,
+        // https://github.com/github/codeql/blob/0c5ea975a4c4dc5c439b908c006e440cb9bdf926/shared/mad/codeql/mad/ModelValidation.qll#L120-L121
+        "android-external-storage-dir",
+        "contentprovider",
+      ],
    },
  },
 };
--- a/extensions/ql-vscode/src/model-editor/languages/shared.ts
+++ b/extensions/ql-vscode/src/model-editor/languages/shared.ts
@@ -6,10 +6,13 @@ export const sharedExtensiblePredicates = {
 };

 export const sharedKinds = {
-  source: ["local", "remote"],
+  // https://github.com/github/codeql/blob/0c5ea975a4c4dc5c439b908c006e440cb9bdf926/shared/mad/codeql/mad/ModelValidation.qll#L118-L119
+  source: ["local", "remote", "file", "commandargs", "database", "environment"],
+  // Bhttps://github.com/github/codeql/blob/0c5ea975a4c4dc5c439b908c006e440cb9bdf926/shared/mad/codeql/mad/ModelValidation.qll#L28-L31
  sink: [
    "code-injection",
    "command-injection",
+    "environment-injection",
    "file-content-store",
    "html-injection",
    "js-injection",
@@ -20,6 +23,8 @@ export const sharedKinds = {
    "sql-injection",
    "url-redirection",
  ],
+  // https://github.com/github/codeql/blob/0c5ea975a4c4dc5c439b908c006e440cb9bdf926/shared/mad/codeql/mad/ModelValidation.qll#L142-L143
  summary: ["taint", "value"],
+  // https://github.com/github/codeql/blob/0c5ea975a4c4dc5c439b908c006e440cb9bdf926/shared/mad/codeql/mad/ModelValidation.qll#L155-L156
  neutral: ["summary", "source", "sink"],
 };