11import actions
22import codeql.actions.DataFlow
33import codeql.actions.dataflow.ExternalFlow
4+ import codeql.actions.Ast:: Utils as Utils
45
56/**
67 * A data flow source.
@@ -24,90 +25,100 @@ abstract class RemoteFlowSource extends SourceNode {
2425
2526bindingset [ context]
2627private predicate isExternalUserControlledIssue ( string context ) {
27- context .regexpMatch ( "\\bgithub\\s*\\.\\s*event\\s*\\.\\s*issue\\s*\\.\\s*title\\b" ) or
28- context .regexpMatch ( "\\bgithub\\s*\\.\\s*event\\s*\\.\\s*issue\\s*\\.\\s*body\\b" )
28+ exists ( string reg |
29+ reg = [ "\\bgithub\\.event\\.issue\\.title\\b" , "\\bgithub\\.event\\.issue\\.body\\b" ]
30+ |
31+ Utils:: normalizeExpr ( context ) .regexpMatch ( reg )
32+ )
2933}
3034
3135bindingset [ context]
3236private predicate isExternalUserControlledPullRequest ( string context ) {
3337 exists ( string reg |
3438 reg =
3539 [
36- "\\bgithub\\s*\\.\\s*event\\s*\\.\\s*pull_request\\s*\\.\\s*title\\b" ,
37- "\\bgithub\\s*\\.\\s*event\\s*\\.\\s*pull_request\\s*\\.\\s*body\\b" ,
38- "\\bgithub\\s*\\.\\s*event\\s*\\.\\s*pull_request\\s*\\.\\s*head\\s*\\.\\s*label\\b" ,
39- "\\bgithub\\s*\\.\\s*event\\s*\\.\\s*pull_request\\s*\\.\\s*head\\s*\\.\\s*repo\\s*\\.\\s*default_branch\\b" ,
40- "\\bgithub\\s*\\.\\s*event\\s*\\.\\s*pull_request\\s*\\.\\s*head\\s*\\.\\s*repo\\s*\\.\\s*description\\b" ,
41- "\\bgithub\\s*\\.\\s*event\\s*\\.\\s*pull_request\\s*\\.\\s*head\\s*\\.\\s*repo\\s*\\.\\s*homepage\\b" ,
42- "\\bgithub\\s*\\.\\s*event\\s*\\.\\s*pull_request\\s*\\.\\s*head\\s*\\.\\s*ref\\b" ,
43- "\\bgithub\\s*\\.\\s*head_ref\\b"
40+ "\\bgithub\\.event\\.pull_request\\.title\\b" , "\\bgithub\\.event\\.pull_request\\.body\\b" ,
41+ "\\bgithub\\.event\\.pull_request\\.head\\.label\\b" ,
42+ "\\bgithub\\.event\\.pull_request\\.head\\.repo\\.default_branch\\b" ,
43+ "\\bgithub\\.event\\.pull_request\\.head\\.repo\\.description\\b" ,
44+ "\\bgithub\\.event\\.pull_request\\.head\\.repo\\.homepage\\b" ,
45+ "\\bgithub\\.event\\.pull_request\\.head\\.ref\\b" , "\\bgithub\\.head_ref\\b"
4446 ]
4547 |
46- context .regexpMatch ( reg )
48+ Utils :: normalizeExpr ( context ) .regexpMatch ( reg )
4749 )
4850}
4951
5052bindingset [ context]
5153private predicate isExternalUserControlledReview ( string context ) {
52- context .regexpMatch ( "\\bgithub\\s*\\.\\s* event\\s*\\.\\s* review\\s*\\.\\s* body\\b" )
54+ Utils :: normalizeExpr ( context ) .regexpMatch ( "\\bgithub\\. event\\. review\\. body\\b" )
5355}
5456
5557bindingset [ context]
5658private predicate isExternalUserControlledComment ( string context ) {
57- context .regexpMatch ( "\\bgithub\\s*\\.\\s* event\\s*\\.\\s* comment\\s*\\.\\s* body\\b" )
59+ Utils :: normalizeExpr ( context ) .regexpMatch ( "\\bgithub\\. event\\. comment\\. body\\b" )
5860}
5961
6062bindingset [ context]
6163private predicate isExternalUserControlledGollum ( string context ) {
62- context
63- .regexpMatch ( "\\bgithub\\s*\\.\\s*event\\s*\\.\\s*pages\\[[0-9]+\\]\\s*\\.\\s*page_name\\b" ) or
64- context .regexpMatch ( "\\bgithub\\s*\\.\\s*event\\s*\\.\\s*pages\\[[0-9]+\\]\\s*\\.\\s*title\\b" )
64+ exists ( string reg |
65+ reg =
66+ [
67+ "\\bgithub\\.event\\.pages\\[[0-9]+\\]\\.page_name\\b" ,
68+ "\\bgithub\\.event\\.pages\\[[0-9]+\\]\\.title\\b"
69+ ]
70+ |
71+ Utils:: normalizeExpr ( context ) .regexpMatch ( reg )
72+ )
6573}
6674
6775bindingset [ context]
6876private predicate isExternalUserControlledCommit ( string context ) {
6977 exists ( string reg |
7078 reg =
7179 [
72- "\\bgithub\\s*\\.\\s* event\\s*\\.\\s* commits\\[[0-9]+\\]\\s*\\.\\s* message\\b" ,
73- "\\bgithub\\s*\\.\\s* event\\s*\\.\\s* head_commit\\s*\\.\\s* message\\b" ,
74- "\\bgithub\\s*\\.\\s* event\\s*\\.\\s* head_commit\\s*\\.\\s* author\\s*\\.\\s* email\\b" ,
75- "\\bgithub\\s*\\.\\s* event\\s*\\.\\s* head_commit\\s*\\.\\s* author\\s*\\.\\s* name\\b" ,
76- "\\bgithub\\s*\\.\\s* event\\s*\\.\\s* head_commit\\s*\\.\\s* committer\\s*\\.\\s* email\\b" ,
77- "\\bgithub\\s*\\.\\s* event\\s*\\.\\s* head_commit\\s*\\.\\s* committer\\s*\\.\\s* name\\b" ,
78- "\\bgithub\\s*\\.\\s* event\\s*\\.\\s* commits\\[[0-9]+\\]\\s*\\.\\s* author\\s*\\.\\s* email\\b" ,
79- "\\bgithub\\s*\\.\\s* event\\s*\\.\\s* commits\\[[0-9]+\\]\\s*\\.\\s* author\\s*\\.\\s* name\\b" ,
80- "\\bgithub\\s*\\.\\s* event\\s*\\.\\s* commits\\[[0-9]+\\]\\s*\\.\\s* committer\\s*\\.\\s* email\\b" ,
81- "\\bgithub\\s*\\.\\s* event\\s*\\.\\s* commits\\[[0-9]+\\]\\s*\\.\\s* committer\\s*\\.\\s* name\\b" ,
80+ "\\bgithub\\. event\\. commits\\[[0-9]+\\]\\. message\\b" ,
81+ "\\bgithub\\. event\\. head_commit\\. message\\b" ,
82+ "\\bgithub\\. event\\. head_commit\\. author\\. email\\b" ,
83+ "\\bgithub\\. event\\. head_commit\\. author\\. name\\b" ,
84+ "\\bgithub\\. event\\. head_commit\\. committer\\. email\\b" ,
85+ "\\bgithub\\. event\\. head_commit\\. committer\\. name\\b" ,
86+ "\\bgithub\\. event\\. commits\\[[0-9]+\\]\\. author\\. email\\b" ,
87+ "\\bgithub\\. event\\. commits\\[[0-9]+\\]\\. author\\. name\\b" ,
88+ "\\bgithub\\. event\\. commits\\[[0-9]+\\]\\. committer\\. email\\b" ,
89+ "\\bgithub\\. event\\. commits\\[[0-9]+\\]\\. committer\\. name\\b" ,
8290 ]
8391 |
84- context .regexpMatch ( reg )
92+ Utils :: normalizeExpr ( context ) .regexpMatch ( reg )
8593 )
8694}
8795
8896bindingset [ context]
8997private predicate isExternalUserControlledDiscussion ( string context ) {
90- context .regexpMatch ( "\\bgithub\\s*\\.\\s*event\\s*\\.\\s*discussion\\s*\\.\\s*title\\b" ) or
91- context .regexpMatch ( "\\bgithub\\s*\\.\\s*event\\s*\\.\\s*discussion\\s*\\.\\s*body\\b" )
98+ exists ( string reg |
99+ reg = [ "\\bgithub\\.event\\.discussion\\.title\\b" , "\\bgithub\\.event\\.discussion\\.body\\b" ]
100+ |
101+ Utils:: normalizeExpr ( context ) .regexpMatch ( reg )
102+ )
92103}
93104
94105bindingset [ context]
95106private predicate isExternalUserControlledWorkflowRun ( string context ) {
96107 exists ( string reg |
97108 reg =
98109 [
99- "\\bgithub\\s*\\.\\s* event\\s*\\.\\s* workflow\\s*\\.\\s* path\\b" ,
100- "\\bgithub\\s*\\.\\s* event\\s*\\.\\s* workflow_run\\s*\\.\\s* head_branch\\b" ,
101- "\\bgithub\\s*\\.\\s* event\\s*\\.\\s* workflow_run\\s*\\.\\s* display_title\\b" ,
102- "\\bgithub\\s*\\.\\s* event\\s*\\.\\s* workflow_run\\s*\\.\\s* head_repository\\b\\s*\\.\\s* description\\b" ,
103- "\\bgithub\\s*\\.\\s* event\\s*\\.\\s* workflow_run\\s*\\.\\s* head_commit\\b\\s*\\.\\s* message\\b" ,
104- "\\bgithub\\s*\\.\\s* event\\s*\\.\\s* workflow_run\\s*\\.\\s* head_commit\\b\\s*\\.\\s* author\\b\\s*\\.\\s* email\\b" ,
105- "\\bgithub\\s*\\.\\s* event\\s*\\.\\s* workflow_run\\s*\\.\\s* head_commit\\b\\s*\\.\\s* author\\b\\s*\\.\\s* name\\b" ,
106- "\\bgithub\\s*\\.\\s* event\\s*\\.\\s* workflow_run\\s*\\.\\s* head_commit\\b\\s*\\.\\s* committer\\b\\s*\\.\\s* email\\b" ,
107- "\\bgithub\\s*\\.\\s* event\\s*\\.\\s* workflow_run\\s*\\.\\s* head_commit\\b\\s*\\.\\s* committer\\b\\s*\\.\\s* name\\b" ,
110+ "\\bgithub\\. event\\. workflow\\. path\\b" ,
111+ "\\bgithub\\. event\\. workflow_run\\. head_branch\\b" ,
112+ "\\bgithub\\. event\\. workflow_run\\. display_title\\b" ,
113+ "\\bgithub\\. event\\. workflow_run\\. head_repository\\. description\\b" ,
114+ "\\bgithub\\. event\\. workflow_run\\. head_commit\\. message\\b" ,
115+ "\\bgithub\\. event\\. workflow_run\\. head_commit\\. author\\. email\\b" ,
116+ "\\bgithub\\. event\\. workflow_run\\. head_commit\\. author\\. name\\b" ,
117+ "\\bgithub\\. event\\. workflow_run\\. head_commit\\. committer\\. email\\b" ,
118+ "\\bgithub\\. event\\. workflow_run\\. head_commit\\. committer\\. name\\b" ,
108119 ]
109120 |
110- context .regexpMatch ( reg )
121+ Utils :: normalizeExpr ( context ) .regexpMatch ( reg )
111122 )
112123}
113124
0 commit comments