File tree Expand file tree Collapse file tree 1 file changed +10
-2
lines changed
java/ql/src/Security/CWE/CWE-614 Expand file tree Collapse file tree 1 file changed +10
-2
lines changed Original file line number Diff line number Diff line change @@ -26,11 +26,19 @@ predicate isSafeSecureCookieSetting(Expr e) {
2626 )
2727}
2828
29- from MethodAccess add
29+ class SecureCookieConfiguration extends DataFlow:: Configuration {
30+ SecureCookieConfiguration ( ) { this = "SecureCookieConfiguration" }
31+
32+ override predicate isSource ( DataFlow:: Node source ) { any ( ) }
33+
34+ override predicate isSink ( DataFlow:: Node sink ) { any ( ) }
35+ }
36+
37+ from MethodAccess add , SecureCookieConfiguration df
3038where
3139 add .getMethod ( ) instanceof ResponseAddCookieMethod and
3240 not exists ( Variable cookie , MethodAccess m |
33- add . getArgument ( 0 ) = cookie .getAnAccess ( ) and
41+ df . hasFlow ( DataFlow :: exprNode ( cookie .getAnAccess ( ) ) , DataFlow :: exprNode ( add . getArgument ( 0 ) ) ) and
3442 m .getMethod ( ) .getName ( ) = "setSecure" and
3543 forex ( DataFlow:: Node argSource |
3644 DataFlow:: localFlow ( argSource , DataFlow:: exprNode ( m .getArgument ( 0 ) ) ) and
You can’t perform that action at this time.
0 commit comments