Skip to content

Commit 7b53649

Browse files
owen-mcowen-mc
committed
Allow MaD sanitizers for java/error-message-exposure and java/stack-trace-exposure 
1 parent d5df8dd commit 7b53649

File tree

3 files changed

+11
-0
lines changed

3 files changed

+11
-0
lines changed

java/ql/lib/semmle/code/java/security/InformationLeak.qll

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -17,3 +17,10 @@ private class DefaultInformationLeakSink extends InformationLeakSink {
1717
this instanceof XssSink
1818
}
1919
}
20+
21+
/** A sanitizer for information leak. */
22+
abstract class InformationLeakSanitizer extends DataFlow::Node { }
23+
24+
private class ExternalInformationLeakSanitizer extends InformationLeakSanitizer {
25+
ExternalInformationLeakSanitizer() { barrierNode(this, "information-leak") }
26+
}

java/ql/lib/semmle/code/java/security/SensitiveDataExposureThroughErrorMessageQuery.qll

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -21,6 +21,8 @@ private module GetMessageFlowSourceToHttpResponseSinkFlowConfig implements DataF
2121
predicate isSource(DataFlow::Node src) { src instanceof GetMessageFlowSource }
2222

2323
predicate isSink(DataFlow::Node sink) { sink instanceof InformationLeakSink }
24+
25+
predicate isBarrier(DataFlow::Node node) { node instanceof InformationLeakSanitizer }
2426
}
2527

2628
private module GetMessageFlowSourceToHttpResponseSinkFlow =

java/ql/lib/semmle/code/java/security/StackTraceExposureQuery.qll

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -70,6 +70,8 @@ private module StackTraceStringToHttpResponseSinkFlowConfig implements DataFlow:
7070
predicate isSource(DataFlow::Node src) { stackTraceExpr(_, src.asExpr()) }
7171

7272
predicate isSink(DataFlow::Node sink) { sink instanceof InformationLeakSink }
73+
74+
predicate isBarrier(DataFlow::Node node) { node instanceof InformationLeakSanitizer }
7375
}
7476

7577
private module StackTraceStringToHttpResponseSinkFlow =

0 commit comments

Comments
 (0)