New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
How to write additional verification rules for ql rules #5276
Comments
Could you clarify what you mean by "When a certain condition is met, taint tracking is not performed"? Do you mean you WANT taint tracking not to be performed under a particular condition? Or is it that taint tracking is CURRENTLY not performed under some condition, and you think it should be? In either case, could you give an example of the sort of condition you're talking about? |
@smowton According to the execution process of |
We don't analyse the relationships between Filters and Servlets -- we will assume both a Filter and a Servlet can be run with any input. If for example in your particular example a Filter will always have made the query-string safe, then you should define a sanitizer for your Servlet that excludes the query string from the usual set of inputs assumed to be under user control. If have some circumstances where the Filter will exit entirely, presumably this also will mean there are some inputs to the Servlet which are less dangerous than usual -- again, you will want to define sanitizers that exclude the inputs that should be considered safe. If you want more specific advice, please let me know what your Filter does and perhaps and I can suggest an appropriate exclusion from your Servlet's Configuration. |
@smowton Thanks for the answer. I probably understand what you mean. If this is the case, I need to filter the I don't have a general case here, if there is one, I'm happy to provide it. |
When I write the ql rules, if the source and sink are in the
TestServlet
class, but there are methods in theTestFilter
class to process the request and response, how do I need to write the rules here? When a certain condition is met, taint tracking is not performed.The text was updated successfully, but these errors were encountered: