Skip to content

Commit 80012b1

Browse files
egregius313egregius313
committed
Refactor Security.CWE.CWE-601.UrlRedirect
1 parent 481d1f9 commit 80012b1

File tree

2 files changed

+18
-16
lines changed

2 files changed

+18
-16
lines changed

java/ql/src/Security/CWE/CWE-601/UrlRedirect.ql

Lines changed: 9 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -14,17 +14,18 @@
1414
import java
1515
import semmle.code.java.dataflow.FlowSources
1616
import semmle.code.java.security.UrlRedirect
17-
import DataFlow::PathGraph
1817

19-
class UrlRedirectConfig extends TaintTracking::Configuration {
20-
UrlRedirectConfig() { this = "UrlRedirectConfig" }
18+
private module UrlRedirectConfig implements DataFlow::ConfigSig {
19+
predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource }
2120

22-
override predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource }
23-
24-
override predicate isSink(DataFlow::Node sink) { sink instanceof UrlRedirectSink }
21+
predicate isSink(DataFlow::Node sink) { sink instanceof UrlRedirectSink }
2522
}
2623

27-
from DataFlow::PathNode source, DataFlow::PathNode sink, UrlRedirectConfig conf
28-
where conf.hasFlowPath(source, sink)
24+
module UrlRedirectFlow = TaintTracking::Make<UrlRedirectConfig>;
25+
26+
import UrlRedirectFlow::PathGraph
27+
28+
from UrlRedirectFlow::PathNode source, UrlRedirectFlow::PathNode sink
29+
where UrlRedirectFlow::hasFlowPath(source, sink)
2930
select sink.getNode(), source, sink, "Untrusted URL redirection depends on a $@.", source.getNode(),
3031
"user-provided value"

java/ql/src/Security/CWE/CWE-601/UrlRedirectLocal.ql

Lines changed: 9 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -14,17 +14,18 @@
1414
import java
1515
import semmle.code.java.dataflow.FlowSources
1616
import semmle.code.java.security.UrlRedirect
17-
import DataFlow::PathGraph
1817

19-
class UrlRedirectLocalConfig extends TaintTracking::Configuration {
20-
UrlRedirectLocalConfig() { this = "UrlRedirectLocalConfig" }
18+
private module UrlRedirectLocalConfig implements DataFlow::ConfigSig {
19+
predicate isSource(DataFlow::Node source) { source instanceof LocalUserInput }
2120

22-
override predicate isSource(DataFlow::Node source) { source instanceof LocalUserInput }
23-
24-
override predicate isSink(DataFlow::Node sink) { sink instanceof UrlRedirectSink }
21+
predicate isSink(DataFlow::Node sink) { sink instanceof UrlRedirectSink }
2522
}
2623

27-
from DataFlow::PathNode source, DataFlow::PathNode sink, UrlRedirectLocalConfig conf
28-
where conf.hasFlowPath(source, sink)
24+
module UrlRedirectLocalFlow = TaintTracking::Make<UrlRedirectLocalConfig>;
25+
26+
import UrlRedirectLocalFlow::PathGraph
27+
28+
from UrlRedirectLocalFlow::PathNode source, UrlRedirectLocalFlow::PathNode sink
29+
where UrlRedirectLocalFlow::hasFlowPath(source, sink)
2930
select sink.getNode(), source, sink, "Untrusted URL redirection depends on a $@.", source.getNode(),
3031
"user-provided value"

0 commit comments

Comments
 (0)