Skip to content

Commit 30d0b9d

Browse files
author
Alvaro Muñoz
committed
Add context paths containing tainted fields
1 parent 3120d4b commit 30d0b9d

File tree

1 file changed

+13
-17
lines changed

1 file changed

+13
-17
lines changed

ql/lib/codeql/actions/dataflow/FlowSources.qll

Lines changed: 13 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -76,22 +76,6 @@ private predicate textEvent(string context) {
7676
)
7777
}
7878

79-
// bindingset[context]
80-
// private predicate repoNameEvent(string context) {
81-
// exists(string reg |
82-
// reg =
83-
// [
84-
// // repo name
85-
// // Owner: All characters must be either a hyphen (-) or alphanumeric
86-
// // Repo: All code points must be either a hyphen (-), an underscore (_), a period (.), or an ASCII alphanumeric code point
87-
// "github\\.event\\.workflow_run\\.pull_requests\\[[0-9]+\\]\\.head\\.repo\\.name", // repo name
88-
// "github\\.event\\.workflow_run\\.head_repository\\.name", // repo name
89-
// "github\\.event\\.workflow_run\\.head_repository\\.full_name", // nwo
90-
// ]
91-
// |
92-
// Utils::normalizeExpr(context).regexpMatch(Utils::wrapRegexp(reg))
93-
// )
94-
// }
9579
bindingset[context]
9680
private predicate branchEvent(string context) {
9781
exists(string reg |
@@ -194,7 +178,19 @@ private predicate jsonEvent(string context) {
194178
reg =
195179
[
196180
// json
197-
"github\\.event",
181+
"github\\.event", "github\\.event\\.client_payload", "github\\.event\\.comment",
182+
"github\\.event\\.commits", "github\\.event\\.discussion", "github\\.event\\.head_commit",
183+
"github\\.event\\.head_commit\\.author", "github\\.event\\.head_commit\\.committer",
184+
"github\\.event\\.inputs", "github\\.event\\.issue", "github\\.event\\.merge_group",
185+
"github\\.event\\.merge_group\\.committer", "github\\.event\\.pull_request",
186+
"github\\.event\\.pull_request\\.head", "github\\.event\\.pull_request\\.head\\.repo",
187+
"github\\.event\\.pages", "github\\.event\\.review", "github\\.event\\.workflow",
188+
"github\\.event\\.workflow_run", "github\\.event\\.workflow_run\\.head_branch",
189+
"github\\.event\\.workflow_run\\.head_commit",
190+
"github\\.event\\.workflow_run\\.head_commit\\.author",
191+
"github\\.event\\.workflow_run\\.head_commit\\.committer",
192+
"github\\.event\\.workflow_run\\.head_repository",
193+
"github\\.event\\.workflow_run\\.pull_requests",
198194
]
199195
|
200196
Utils::normalizeExpr(context).regexpMatch(Utils::wrapRegexp(reg))

0 commit comments

Comments
 (0)