|
1 | 1 | /** Provides classes representing various flow sinks for data flow / taint tracking. */
|
2 | 2 |
|
3 | 3 | private import semmle.code.java.dataflow.DataFlow
|
4 |
| -private import semmle.code.java.dataflow.ExternalFlow |
| 4 | +private import semmle.code.java.dataflow.FlowSinks as FlowSinks |
5 | 5 |
|
6 |
| -/** |
7 |
| - * A data flow sink node. |
8 |
| - */ |
9 |
| -abstract class SinkNode extends DataFlow::Node { } |
| 6 | +final class SinkNode = FlowSinks::ApiSinkNode; |
10 | 7 |
|
11 | 8 | /**
|
12 | 9 | * Module that adds all API like sinks to `SinkNode`, excluding sinks for cryptography based
|
13 | 10 | * queries, and queries where sinks are not succifiently defined (eg. using broad method name matching).
|
14 | 11 | */
|
15 |
| -private module ApiSinks { |
16 |
| - private import semmle.code.java.security.AndroidSensitiveCommunicationQuery as AndroidSensitiveCommunicationQuery |
17 |
| - private import semmle.code.java.security.ArbitraryApkInstallation as ArbitraryApkInstallation |
18 |
| - private import semmle.code.java.security.CleartextStorageAndroidDatabaseQuery as CleartextStorageAndroidDatabaseQuery |
19 |
| - private import semmle.code.java.security.CleartextStorageAndroidFilesystemQuery as CleartextStorageAndroidFilesystemQuery |
20 |
| - private import semmle.code.java.security.CleartextStorageCookieQuery as CleartextStorageCookieQuery |
21 |
| - private import semmle.code.java.security.CleartextStorageSharedPrefsQuery as CleartextStorageSharedPrefsQuery |
22 |
| - private import semmle.code.java.security.ExternallyControlledFormatStringQuery as ExternallyControlledFormatStringQuery |
23 |
| - private import semmle.code.java.security.InsecureBasicAuth as InsecureBasicAuth |
24 |
| - private import semmle.code.java.security.IntentUriPermissionManipulation as IntentUriPermissionManipulation |
25 |
| - private import semmle.code.java.security.InsecureLdapAuth as InsecureLdapAuth |
26 |
| - private import semmle.code.java.security.InsecureTrustManager as InsecureTrustManager |
27 |
| - private import semmle.code.java.security.JndiInjection as JndiInjection |
28 |
| - private import semmle.code.java.security.JWT as Jwt |
29 |
| - private import semmle.code.java.security.OgnlInjection as OgnlInjection |
30 |
| - private import semmle.code.java.security.SensitiveResultReceiverQuery as SensitiveResultReceiverQuery |
31 |
| - private import semmle.code.java.security.SensitiveUiQuery as SensitiveUiQuery |
32 |
| - private import semmle.code.java.security.SpelInjection as SpelInjection |
33 |
| - private import semmle.code.java.security.SpelInjectionQuery as SpelInjectionQuery |
34 |
| - private import semmle.code.java.security.QueryInjection as QueryInjection |
35 |
| - private import semmle.code.java.security.TempDirLocalInformationDisclosureQuery as TempDirLocalInformationDisclosureQuery |
36 |
| - private import semmle.code.java.security.UnsafeAndroidAccess as UnsafeAndroidAccess |
37 |
| - private import semmle.code.java.security.UnsafeContentUriResolution as UnsafeContentUriResolution |
38 |
| - private import semmle.code.java.security.UnsafeDeserializationQuery as UnsafeDeserializationQuery |
39 |
| - private import semmle.code.java.security.UrlRedirect as UrlRedirect |
40 |
| - private import semmle.code.java.security.WebviewDebuggingEnabledQuery as WebviewDebuggingEnabledQuery |
41 |
| - private import semmle.code.java.security.XPath as Xpath |
42 |
| - private import semmle.code.java.security.XSS as Xss |
43 |
| - |
44 |
| - private class AndoidIntentRedirectionQuerySinks extends SinkNode instanceof AndroidSensitiveCommunicationQuery::SensitiveCommunicationSink |
45 |
| - { } |
46 |
| - |
47 |
| - private class ArbitraryApkInstallationSinks extends SinkNode instanceof ArbitraryApkInstallation::SetDataSink |
48 |
| - { } |
49 |
| - |
50 |
| - private class CleartextStorageAndroidDatabaseQuerySinks extends SinkNode instanceof CleartextStorageAndroidDatabaseQuery::LocalDatabaseSink |
51 |
| - { } |
52 |
| - |
53 |
| - private class CleartextStorageAndroidFilesystemQuerySinks extends SinkNode instanceof CleartextStorageAndroidFilesystemQuery::LocalFileSink |
54 |
| - { } |
55 |
| - |
56 |
| - private class CleartextStorageCookieQuerySinks extends SinkNode instanceof CleartextStorageCookieQuery::CookieStoreSink |
57 |
| - { } |
58 |
| - |
59 |
| - private class CleartextStorageSharedPrefsQuerySinks extends SinkNode instanceof CleartextStorageSharedPrefsQuery::SharedPreferencesSink |
60 |
| - { } |
61 |
| - |
62 |
| - private class ExternallyControlledFormatStringQuerySinks extends SinkNode instanceof ExternallyControlledFormatStringQuery::StringFormatSink |
63 |
| - { } |
64 |
| - |
65 |
| - private class InsecureBasicAuthSinks extends SinkNode instanceof InsecureBasicAuth::InsecureBasicAuthSink |
66 |
| - { } |
67 |
| - |
68 |
| - private class InsecureTrustManagerSinks extends SinkNode instanceof InsecureTrustManager::InsecureTrustManagerSink |
69 |
| - { } |
70 |
| - |
71 |
| - private class IntentUriPermissionManipulationSinks extends SinkNode instanceof IntentUriPermissionManipulation::IntentUriPermissionManipulationSink |
72 |
| - { } |
73 |
| - |
74 |
| - private class InsecureLdapAuthSinks extends SinkNode instanceof InsecureLdapAuth::InsecureLdapUrlSink |
75 |
| - { } |
76 |
| - |
77 |
| - private class JndiInjectionSinks extends SinkNode instanceof JndiInjection::JndiInjectionSink { } |
78 |
| - |
79 |
| - private class JwtSinks extends SinkNode instanceof Jwt::JwtParserWithInsecureParseSink { } |
80 |
| - |
81 |
| - private class OgnlInjectionSinks extends SinkNode instanceof OgnlInjection::OgnlInjectionSink { } |
82 |
| - |
83 |
| - private class SensitiveResultReceiverQuerySinks extends SinkNode instanceof SensitiveResultReceiverQuery::SensitiveResultReceiverSink |
84 |
| - { } |
85 |
| - |
86 |
| - private class SensitiveUiQuerySinks extends SinkNode instanceof SensitiveUiQuery::TextFieldSink { |
87 |
| - } |
88 |
| - |
89 |
| - private class SpelInjectionSinks extends SinkNode instanceof SpelInjection::SpelExpressionEvaluationSink |
90 |
| - { } |
91 |
| - |
92 |
| - private class QueryInjectionSinks extends SinkNode instanceof QueryInjection::QueryInjectionSink { |
93 |
| - } |
94 |
| - |
95 |
| - private class TempDirLocalInformationDisclosureSinks extends SinkNode instanceof TempDirLocalInformationDisclosureQuery::MethodFileDirectoryCreationSink |
96 |
| - { } |
97 |
| - |
98 |
| - private class UnsafeAndroidAccessSinks extends SinkNode instanceof UnsafeAndroidAccess::UrlResourceSink |
99 |
| - { } |
100 |
| - |
101 |
| - private class UnsafeContentUriResolutionSinks extends SinkNode instanceof UnsafeContentUriResolution::ContentUriResolutionSink |
102 |
| - { } |
103 |
| - |
104 |
| - private class UnsafeDeserializationQuerySinks extends SinkNode instanceof UnsafeDeserializationQuery::UnsafeDeserializationSink |
105 |
| - { } |
106 |
| - |
107 |
| - private class UrlRedirectSinks extends SinkNode instanceof UrlRedirect::UrlRedirectSink { } |
108 |
| - |
109 |
| - private class WebviewDebugEnabledQuery extends SinkNode instanceof WebviewDebuggingEnabledQuery::WebviewDebugSink |
110 |
| - { } |
111 |
| - |
112 |
| - private class XPathSinks extends SinkNode instanceof Xpath::XPathInjectionSink { } |
113 |
| - |
114 |
| - private class XssSinks extends SinkNode instanceof Xss::XssSink { } |
115 |
| - |
116 |
| - /** |
117 |
| - * Add all models as data sinks. |
118 |
| - */ |
119 |
| - private class SinkNodeExternal extends SinkNode { |
120 |
| - SinkNodeExternal() { sinkNode(this, _) } |
121 |
| - } |
| 12 | +private module AllApiSinks { |
| 13 | + private import semmle.code.java.security.AndroidSensitiveCommunicationQuery |
| 14 | + private import semmle.code.java.security.ArbitraryApkInstallation |
| 15 | + private import semmle.code.java.security.CleartextStorageAndroidDatabaseQuery |
| 16 | + private import semmle.code.java.security.CleartextStorageAndroidFilesystemQuery |
| 17 | + private import semmle.code.java.security.CleartextStorageCookieQuery |
| 18 | + private import semmle.code.java.security.CleartextStorageSharedPrefsQuery |
| 19 | + private import semmle.code.java.security.ExternallyControlledFormatStringQuery |
| 20 | + private import semmle.code.java.security.InsecureBasicAuth |
| 21 | + private import semmle.code.java.security.IntentUriPermissionManipulation |
| 22 | + private import semmle.code.java.security.InsecureLdapAuth |
| 23 | + private import semmle.code.java.security.InsecureTrustManager |
| 24 | + private import semmle.code.java.security.JndiInjection |
| 25 | + private import semmle.code.java.security.JWT |
| 26 | + private import semmle.code.java.security.OgnlInjection |
| 27 | + private import semmle.code.java.security.SensitiveResultReceiverQuery |
| 28 | + private import semmle.code.java.security.SensitiveUiQuery |
| 29 | + private import semmle.code.java.security.SpelInjection |
| 30 | + private import semmle.code.java.security.SpelInjectionQuery |
| 31 | + private import semmle.code.java.security.QueryInjection |
| 32 | + private import semmle.code.java.security.TempDirLocalInformationDisclosureQuery |
| 33 | + private import semmle.code.java.security.UnsafeAndroidAccess |
| 34 | + private import semmle.code.java.security.UnsafeContentUriResolution |
| 35 | + private import semmle.code.java.security.UnsafeDeserializationQuery |
| 36 | + private import semmle.code.java.security.UrlRedirect |
| 37 | + private import semmle.code.java.security.WebviewDebuggingEnabledQuery |
| 38 | + private import semmle.code.java.security.XPath |
| 39 | + private import semmle.code.java.security.XSS |
122 | 40 | }
|
0 commit comments