Skip to content

Commit 51df84e

Browse files
Jami CogswellJami Cogswell
Jami Cogswell
authored and
Jami Cogswell
committed
Java: update set-hostname-verifier sink kind to hostname-verification
1 parent b23f384 commit 51df84e

File tree

3 files changed

+4
-4
lines changed

3 files changed

+4
-4
lines changed

java/ql/lib/ext/javax.net.ssl.model.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -3,5 +3,5 @@ extensions:
33
pack: codeql/java-all
44
extensible: sinkModel
55
data:
6-
- ["javax.net.ssl", "HttpsURLConnection", True, "setDefaultHostnameVerifier", "", "", "Argument[0]", "set-hostname-verifier", "manual"]
7-
- ["javax.net.ssl", "HttpsURLConnection", True, "setHostnameVerifier", "", "", "Argument[0]", "set-hostname-verifier", "manual"]
6+
- ["javax.net.ssl", "HttpsURLConnection", True, "setDefaultHostnameVerifier", "", "", "Argument[0]", "hostname-verification", "manual"]
7+
- ["javax.net.ssl", "HttpsURLConnection", True, "setHostnameVerifier", "", "", "Argument[0]", "hostname-verification", "manual"]

java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -277,7 +277,7 @@ module ModelValidation {
277277
"open-url", "jndi-injection", "ldap-injection", "sql-injection", "jdbc-url",
278278
"log-injection", "mvel-injection", "xpath-injection", "groovy-injection", "xss",
279279
"ognl-injection", "intent-redirection", "pending-intents", "url-redirection",
280-
"create-file", "read-file", "write-file", "set-hostname-verifier", "header-splitting",
280+
"create-file", "read-file", "write-file", "hostname-verification", "header-splitting",
281281
"information-leak", "xslt-injection", "jexl-injection", "bean-validation",
282282
"template-injection", "fragment-injection", "command-injection"
283283
] and

java/ql/lib/semmle/code/java/security/UnsafeHostnameVerificationQuery.qll

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -74,7 +74,7 @@ module TrustAllHostnameVerifierFlow = DataFlow::Global<TrustAllHostnameVerifierC
7474
* A sink that sets the `HostnameVerifier` on `HttpsURLConnection`.
7575
*/
7676
private class HostnameVerifierSink extends DataFlow::Node {
77-
HostnameVerifierSink() { sinkNode(this, "set-hostname-verifier") }
77+
HostnameVerifierSink() { sinkNode(this, "hostname-verification") }
7878
}
7979

8080
/**

0 commit comments

Comments
 (0)