Skip to content

Java: Make ExecTainted easier to extend #5746

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Apr 22, 2021
Merged

Java: Make ExecTainted easier to extend #5746

merged 5 commits into from
Apr 22, 2021

Conversation

owen-mc
Copy link
Contributor

@owen-mc owen-mc commented Apr 21, 2021
edited
Loading

No change in behaviour - this is just a refactoring. To add a method that executes a command, you can now define a class
extending ExecMethod.

@owen-mc
Make ExecTainted easier to extend
9c72e73 
To add a method that executes a command, you can now define a class
extending ExecMethod.
@owen-mc owen-mc requested a review from a team as a code owner April 21, 2021 13:58
@github-actions github-actions bot added the Java label Apr 21, 2021
@owen-mc owen-mc added the no-change-note-required This PR does not need a change note label Apr 21, 2021
smowton
smowton reviewed Apr 21, 2021
View reviewed changes
Copy link
Contributor

@smowton smowton left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You should generalise this a little: let ExecCallable extend Callable instead of Method (then ProcessBuilder's constructor can be an instance), and give it an abstract getAnExecutedArgument, which all overrides will currently define as getArgument(0), though e.g. myExec(int flags, String command) would define as getArgument(1).

@p0wn4j p0wn4j mentioned this pull request Apr 21, 2021
Merged
aschackmull
aschackmull reviewed Apr 21, 2021
View reviewed changes
java/ql/src/semmle/code/java/JDK.qll Outdated
@@ -180,21 +180,36 @@ class TypeFile extends Class {
/**
* Any of the methods named `command` on class `java.lang.ProcessBuilder`.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

qldoc needs fixing

aschackmull
aschackmull reviewed Apr 21, 2021
View reviewed changes
java/ql/src/semmle/code/java/frameworks/apache/Exec.qll Outdated
@@ -6,16 +6,20 @@ library class TypeCommandLine extends Class {
TypeCommandLine() { hasQualifiedName("org.apache.commons.exec", "CommandLine") }
}

library class MethodCommandLineParse extends ExecMethod {
library class MethodCommandLineParse extends Method, ExecCallable {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's get rid of the archaic library annotations while we're editing this file. And a few qldoc additions seems like easy inclusions as well.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shall I replace library with private?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If the class isn't referenced anywhere else (i.e. things still compile), then yes, I think that's fine (even though it technically is a breaking change).

aschackmull
aschackmull reviewed Apr 21, 2021
View reviewed changes
java/ql/src/semmle/code/java/security/ExternalProcess.qll Outdated
@@ -6,7 +6,9 @@ import semmle.code.java.frameworks.apache.Exec
/**
* A method that executes a command.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

qldoc needs fixing

aschackmull
aschackmull reviewed Apr 21, 2021
View reviewed changes
java/ql/src/semmle/code/java/security/ExternalProcess.qll Outdated
Comment on lines 21 to 26
execCall.getArgument(i) = this and
execCallable = execCall.getCallee() and
i = execCallable.getAnExecutedArgument()
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please check locally that the join-order of this looks reasonable, i.e. execute a query that depends on this predicate and check in the log that it doesn't start the pipeline with a join on i.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You're right, it joins on i first. Adding pragma[only_bind_into] in the expected place fixed it.

aschackmull
aschackmull reviewed Apr 22, 2021
View reviewed changes
aschackmull
aschackmull reviewed Apr 22, 2021
View reviewed changes
Copy link
Contributor

@aschackmull aschackmull left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

One more inline comment, otherwise LGTM. Needs autoformat of a couple of files.

@owen-mc owen-mc force-pushed the java/refactor-exec-tainted branch from e856868 to 4b8d4f5 Compare April 22, 2021 08:31
@owen-mc @aschackmull
Make imports private
8a01799 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
@owen-mc owen-mc merged commit fea9f5f into github:main Apr 22, 2021
@owen-mc owen-mc deleted the java/refactor-exec-tainted branch April 22, 2021 09:14
@owen-mc owen-mc changed the title Make ExecTainted easier to extend Java: Make ExecTainted easier to extend Aug 5, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@smowton smowton smowton left review comments

@aschackmull aschackmull aschackmull approved these changes

Assignees
No one assigned
Labels
Java no-change-note-required This PR does not need a change note
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@owen-mc @smowton @aschackmull