Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #16297 from michaelnebel/java/improveapitelemetry
Java: Identify more APIs as supported in the telemetry queries.
- Loading branch information
Showing
37 changed files
with
329 additions
and
92 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,39 @@ | ||
/** Provides classes representing various flow sinks for data flow / taint tracking. */ | ||
|
||
private import semmle.code.java.dataflow.FlowSinks as FlowSinks | ||
|
||
final class SinkNode = FlowSinks::ApiSinkNode; | ||
|
||
/** | ||
* Module that adds all API like sinks to `SinkNode`, excluding sinks for cryptography based | ||
* queries, and queries where sinks are not succifiently defined (eg. using broad method name matching). | ||
*/ | ||
private module AllApiSinks { | ||
private import semmle.code.java.security.AndroidSensitiveCommunicationQuery | ||
private import semmle.code.java.security.ArbitraryApkInstallation | ||
private import semmle.code.java.security.CleartextStorageAndroidDatabaseQuery | ||
private import semmle.code.java.security.CleartextStorageAndroidFilesystemQuery | ||
private import semmle.code.java.security.CleartextStorageCookieQuery | ||
private import semmle.code.java.security.CleartextStorageSharedPrefsQuery | ||
private import semmle.code.java.security.ExternallyControlledFormatStringQuery | ||
private import semmle.code.java.security.InsecureBasicAuth | ||
private import semmle.code.java.security.IntentUriPermissionManipulation | ||
private import semmle.code.java.security.InsecureLdapAuth | ||
private import semmle.code.java.security.InsecureTrustManager | ||
private import semmle.code.java.security.JndiInjection | ||
private import semmle.code.java.security.JWT | ||
private import semmle.code.java.security.OgnlInjection | ||
private import semmle.code.java.security.SensitiveResultReceiverQuery | ||
private import semmle.code.java.security.SensitiveUiQuery | ||
private import semmle.code.java.security.SpelInjection | ||
private import semmle.code.java.security.SpelInjectionQuery | ||
private import semmle.code.java.security.QueryInjection | ||
private import semmle.code.java.security.TempDirLocalInformationDisclosureQuery | ||
private import semmle.code.java.security.UnsafeAndroidAccess | ||
private import semmle.code.java.security.UnsafeContentUriResolution | ||
private import semmle.code.java.security.UnsafeDeserializationQuery | ||
private import semmle.code.java.security.UrlRedirect | ||
private import semmle.code.java.security.WebviewDebuggingEnabledQuery | ||
private import semmle.code.java.security.XPath | ||
private import semmle.code.java.security.XSS | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
/** Provides classes representing various flow sources for data flow / taint tracking. */ | ||
|
||
private import semmle.code.java.dataflow.FlowSources as FlowSources | ||
|
||
final class SourceNode = FlowSources::ApiSourceNode; | ||
|
||
/** | ||
* Module that adds all API like sources to `SourceNode`, excluding some sources for cryptography based | ||
* queries, and queries where sources are not succifiently defined (eg. using broad method name matching). | ||
*/ | ||
private module AllApiSources { | ||
private import semmle.code.java.security.ArbitraryApkInstallation | ||
private import semmle.code.java.security.CleartextStorageAndroidDatabaseQuery | ||
private import semmle.code.java.security.CleartextStorageAndroidFilesystemQuery | ||
private import semmle.code.java.security.CleartextStorageCookieQuery | ||
private import semmle.code.java.security.CleartextStorageSharedPrefsQuery | ||
private import semmle.code.java.security.ImplicitPendingIntentsQuery | ||
private import semmle.code.java.security.ImproperIntentVerificationQuery | ||
private import semmle.code.java.security.InsecureTrustManager | ||
private import semmle.code.java.security.JWT | ||
private import semmle.code.java.security.StackTraceExposureQuery | ||
private import semmle.code.java.security.ZipSlipQuery | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
/** Provides classes representing various flow sinks for data flow / taint tracking. */ | ||
|
||
private import java | ||
private import semmle.code.java.dataflow.ExternalFlow | ||
private import semmle.code.java.dataflow.DataFlow | ||
|
||
/** | ||
* A data flow sink node for an API, which should be considered | ||
* supported for a modeling perspective. | ||
*/ | ||
abstract class ApiSinkNode extends DataFlow::Node { } | ||
|
||
/** | ||
* Add all sink models as data sinks. | ||
*/ | ||
private class ApiSinkNodeExternal extends ApiSinkNode { | ||
ApiSinkNodeExternal() { sinkNode(this, _) } | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
12 changes: 9 additions & 3 deletions
12
java/ql/lib/semmle/code/java/security/ExternallyControlledFormatStringQuery.qll
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.