Skip to content

Commit e87747c

Browse files
michaelnebelmichaelnebel
committed
Document a few sink kinds.
1 parent e563787 commit e87747c

File tree

1 file changed

+16
-30
lines changed

1 file changed

+16
-30
lines changed

docs/codeql/codeql-language-guides/customizing-library-models-for-java.rst

Lines changed: 16 additions & 30 deletions
Original file line numberDiff line numberDiff line change
@@ -311,9 +311,10 @@ As most sources are used by all taint tracking queries there are only a few diff
311311
The following source kinds are supported:
312312

313313
- **remote**: A remote source of possibly tainted data. This is the most common kind for a source. Sources of this kind are used for almost all taint tracking queries.
314-
- **contentprovider**: ?
315-
- **android-widget**: ?
316-
- **android-external-storage-dir**: ?
314+
315+
Below is an enumeration of the remaining source kinds, but they are out of scope for this documentation:
316+
317+
- **contentprovider**, **android-widget**, **android-external-storage-dir**.
317318

318319
sinkModel(package, type, subtypes, name, signature, ext, input, kind, provenance)
319320
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -325,33 +326,18 @@ Taint sink. As opposed to source kinds, there are many different kinds of sinks
325326

326327
The following sink kinds are supported:
327328

328-
- **open-url**: ?
329-
- **jndi-injection**: ?
330-
- **ldap**: ?
331-
- **sql**: ?
332-
- **jdbc-url**: ?
333-
- **logging**: ?
334-
- **mvel**: ?
335-
- **xpath**: ?
336-
- **groovy**: ?
337-
- **xss**: ?
338-
- **ognl-injection**: ?
339-
- **intent-start**: ?
340-
- **pending-intent-sent**: ?
341-
- **url-open-stream**: ?
342-
- **url-redirect**: ?
343-
- **create-file**: ?
344-
- **read-file**: ?
345-
- **write-file**: ?
346-
- **set-hostname-verifier**: ?
347-
- **header-splitting**: ?
348-
- **information-leak**: ?
349-
- **xslt**: ?
350-
- **jexl**: ?
351-
- **bean-validation**: ?
352-
- **ssti**: ?
353-
- **fragment-injection**: ?
354-
- **regex-use[**\ `arg`\ **]**: ?
329+
- **sql**: A SQL injection vulnerability sink.
330+
- **xss**: A cross-site scripting vulnerability sink.
331+
- **logging**: A log output sink.
332+
333+
Below is an enumeration of the remaining sinks, but they are out of scope for this documentation:
334+
335+
- **open-url**, **jndi-injection**, **ldap**, **jdbc-url**
336+
- **mvel**, **xpath**, **groovy**, **ognl-injection**
337+
- **intent-start**, **pending-intent-sent**, **url-open-stream**, **url-redirect**
338+
- **create-file**, **read-file**, **write-file**, **set-hostname-verifier**
339+
- **header-splitting**, **information-leak**, **xslt**, **jexl**
340+
- **bean-validation**, **ssti**, **fragment-injection**, **regex-use[**\ `arg`\ **]**
355341

356342
summaryModel(package, type, subtypes, name, signature, ext, input, output, kind, provenance)
357343
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

0 commit comments

Comments
 (0)