Skip to content

Commit acd0fa4

Browse files
michaelnebelmichaelnebel
committed
Java: Deprecate the content of ExternallyControlledFormatStringLocalQuery and remove the externally controlled format string local query variant.
1 parent 85a4dd0 commit acd0fa4

7 files changed

+26
-53
lines changed

java/ql/lib/semmle/code/java/security/ExternallyControlledFormatStringLocalQuery.qll

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,7 @@ private import semmle.code.java.dataflow.FlowSources
55
private import semmle.code.java.StringFormat
66

77
/** A taint-tracking configuration to reason about externally-controlled format strings from local sources. */
8-
module ExternallyControlledFormatStringLocalConfig implements DataFlow::ConfigSig {
8+
deprecated module ExternallyControlledFormatStringLocalConfig implements DataFlow::ConfigSig {
99
predicate isSource(DataFlow::Node source) { source instanceof LocalUserInput }
1010

1111
predicate isSink(DataFlow::Node sink) {
@@ -18,7 +18,9 @@ module ExternallyControlledFormatStringLocalConfig implements DataFlow::ConfigSi
1818
}
1919

2020
/**
21+
* DEPRECATED: Use `ExternallyControlledFormatStringFlow` instead and configure threat model sources to include `local`.
22+
*
2123
* Taint-tracking flow for externally-controlled format strings from local sources.
2224
*/
23-
module ExternallyControlledFormatStringLocalFlow =
25+
deprecated module ExternallyControlledFormatStringLocalFlow =
2426
TaintTracking::Global<ExternallyControlledFormatStringLocalConfig>;

java/ql/src/Security/CWE/CWE-134/ExternallyControlledFormatStringLocal.qhelp

Lines changed: 0 additions & 5 deletions
This file was deleted.

java/ql/src/Security/CWE/CWE-134/ExternallyControlledFormatStringLocal.ql

Lines changed: 0 additions & 25 deletions
This file was deleted.

java/ql/test/query-tests/security/CWE-134/semmle/tests/ExternallyControlledFormatString.expected

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,12 +1,28 @@
11
edges
2+
| Test.java:17:27:17:60 | getProperty(...) : String | Test.java:19:19:19:30 | userProperty | provenance | Src:MaD:43040 |
3+
| Test.java:17:27:17:60 | getProperty(...) : String | Test.java:21:23:21:34 | userProperty | provenance | Src:MaD:43040 Sink:MaD:42905 |
4+
| Test.java:17:27:17:60 | getProperty(...) : String | Test.java:23:23:23:34 | userProperty | provenance | Src:MaD:43040 Sink:MaD:42908 |
5+
| Test.java:17:27:17:60 | getProperty(...) : String | Test.java:25:28:25:39 | userProperty | provenance | Src:MaD:43040 |
6+
| Test.java:17:27:17:60 | getProperty(...) : String | Test.java:27:44:27:55 | userProperty | provenance | Src:MaD:43040 |
27
| Test.java:33:30:33:74 | getParameter(...) : String | Test.java:34:20:34:32 | userParameter : String | provenance | Src:MaD:44662 |
38
| Test.java:34:20:34:32 | userParameter : String | Test.java:37:31:37:43 | format : String | provenance | |
49
| Test.java:37:31:37:43 | format : String | Test.java:39:25:39:30 | format | provenance | Sink:MaD:42905 |
510
nodes
11+
| Test.java:17:27:17:60 | getProperty(...) : String | semmle.label | getProperty(...) : String |
12+
| Test.java:19:19:19:30 | userProperty | semmle.label | userProperty |
13+
| Test.java:21:23:21:34 | userProperty | semmle.label | userProperty |
14+
| Test.java:23:23:23:34 | userProperty | semmle.label | userProperty |
15+
| Test.java:25:28:25:39 | userProperty | semmle.label | userProperty |
16+
| Test.java:27:44:27:55 | userProperty | semmle.label | userProperty |
617
| Test.java:33:30:33:74 | getParameter(...) : String | semmle.label | getParameter(...) : String |
718
| Test.java:34:20:34:32 | userParameter : String | semmle.label | userParameter : String |
819
| Test.java:37:31:37:43 | format : String | semmle.label | format : String |
920
| Test.java:39:25:39:30 | format | semmle.label | format |
1021
subpaths
1122
#select
23+
| Test.java:19:19:19:30 | userProperty | Test.java:17:27:17:60 | getProperty(...) : String | Test.java:19:19:19:30 | userProperty | Format string depends on a $@. | Test.java:17:27:17:60 | getProperty(...) | user-provided value |
24+
| Test.java:21:23:21:34 | userProperty | Test.java:17:27:17:60 | getProperty(...) : String | Test.java:21:23:21:34 | userProperty | Format string depends on a $@. | Test.java:17:27:17:60 | getProperty(...) | user-provided value |
25+
| Test.java:23:23:23:34 | userProperty | Test.java:17:27:17:60 | getProperty(...) : String | Test.java:23:23:23:34 | userProperty | Format string depends on a $@. | Test.java:17:27:17:60 | getProperty(...) | user-provided value |
26+
| Test.java:25:28:25:39 | userProperty | Test.java:17:27:17:60 | getProperty(...) : String | Test.java:25:28:25:39 | userProperty | Format string depends on a $@. | Test.java:17:27:17:60 | getProperty(...) | user-provided value |
27+
| Test.java:27:44:27:55 | userProperty | Test.java:17:27:17:60 | getProperty(...) : String | Test.java:27:44:27:55 | userProperty | Format string depends on a $@. | Test.java:17:27:17:60 | getProperty(...) | user-provided value |
1228
| Test.java:39:25:39:30 | format | Test.java:33:30:33:74 | getParameter(...) : String | Test.java:39:25:39:30 | format | Format string depends on a $@. | Test.java:33:30:33:74 | getParameter(...) | user-provided value |

java/ql/test/query-tests/security/CWE-134/semmle/tests/ExternallyControlledFormatString.ext.yml

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,6 @@
1+
extensions:
2+
- addsTo:
3+
pack: codeql/threat-models
4+
extensible: threatModelConfiguration
5+
data:
6+
- ["local", true, 0]

java/ql/test/query-tests/security/CWE-134/semmle/tests/ExternallyControlledFormatStringLocal.expected

Lines changed: 0 additions & 20 deletions
This file was deleted.

java/ql/test/query-tests/security/CWE-134/semmle/tests/ExternallyControlledFormatStringLocal.qlref

Lines changed: 0 additions & 1 deletion
This file was deleted.

0 commit comments

Comments
 (0)