File tree Expand file tree Collapse file tree 3 files changed +9
-8
lines changed
semmle/code/java/security Expand file tree Collapse file tree 3 files changed +9
-8
lines changed Original file line number Diff line number Diff line change 1+ ---
2+ category : minorAnalysis
3+ ---
4+ * Added the extensible abstract class ` JndiInjectionSanitizer ` . Now this class can be extended to add more sanitizers to the ` java/jndi-injection ` query.
Original file line number Diff line number Diff line change @@ -9,6 +9,9 @@ private import semmle.code.java.frameworks.SpringLdap
99/** A data flow sink for unvalidated user input that is used in JNDI lookup. */
1010abstract class JndiInjectionSink extends DataFlow:: Node { }
1111
12+ /** A sanitizer for JNDI injection vulnerabilities. */
13+ abstract class JndiInjectionSanitizer extends DataFlow:: Node { }
14+
1215/**
1316 * A unit class for adding additional taint steps.
1417 *
Original file line number Diff line number Diff line change @@ -17,8 +17,8 @@ class JndiInjectionFlowConfig extends TaintTracking::Configuration {
1717 override predicate isSink ( DataFlow:: Node sink ) { sink instanceof JndiInjectionSink }
1818
1919 override predicate isSanitizer ( DataFlow:: Node node ) {
20- node .getType ( ) instanceof PrimitiveType or node . getType ( ) instanceof BoxedType
21- or
20+ node .getType ( ) instanceof PrimitiveType or
21+ node . getType ( ) instanceof BoxedType or
2222 node instanceof JndiInjectionSanitizer
2323 }
2424
@@ -27,12 +27,6 @@ class JndiInjectionFlowConfig extends TaintTracking::Configuration {
2727 }
2828}
2929
30- /**
31- * A Class to be extended for Sanitizer Customizations
32- */
33-
34- abstract class JndiInjectionSanitizer extends DataFlow:: Node { }
35-
3630/**
3731 * A method that does a JNDI lookup when it receives a `SearchControls` argument with `setReturningObjFlag` = `true`
3832 */
You can’t perform that action at this time.
0 commit comments