Skip to content

Java: Promote OGNL Injection query from experimental #5894

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
aschackmull merged 29 commits into from
Aug 3, 2021
Merged

Java: Promote OGNL Injection query from experimental #5894

Changes from 1 commit
Commits
Show all changes
29 commits
Select commit Hold shift + click to select a range
53da3b6
Refactor to CSV sink model
atorralba May 11, 2021
fc03b92
Moved from experimental to standard
atorralba May 11, 2021
8754c85
Use InlineExpectationsTest
atorralba May 11, 2021
09b4060
Consider ExpressionAccessor
atorralba May 12, 2021
db73291
Add taint step for setExpression
atorralba May 13, 2021
1fbdf6e
Add change note
atorralba May 13, 2021
50e1b42
Add missing QLDoc
atorralba May 13, 2021
132a187
Add missing QLDoc
atorralba May 13, 2021
ed13c17
Fix qhelp file
atorralba May 17, 2021
8d68200
Fix QLDocs
atorralba May 17, 2021
1815656
Use set literals for OGNL packages
atorralba May 17, 2021
e587465
Merge branch 'main' into atorralba/promote-ognl-injection
atorralba May 19, 2021
43d4575
Add createParser as taint preserving callable
atorralba May 19, 2021
47fffb0
Merge branch 'main' into atorralba/promote-ognl-injection
atorralba Jun 16, 2021
b6904a7
Merge branch 'main' into atorralba/promote-ognl-injection
atorralba Jul 20, 2021
3259ead
Decouple OgnlInjection.qll to reuse the taint tracking configuration
atorralba Jul 20, 2021
7a898a0
Fix release note
atorralba Jul 20, 2021
b20d53c
Update java/ql/src/semmle/code/java/security/OgnlInjection.qll
atorralba Jul 29, 2021
d9fb650
JacksonCreateParserMethod converted to CSV summay model
atorralba Jul 29, 2021
3edc8bc
Doc improvements
atorralba Jul 29, 2021
2628d3d
Improve csv sink models
atorralba Jul 29, 2021
632ae74
Fix JacksonModel duplicate row
atorralba Aug 2, 2021
351a245
Add tests for JacksonSerializability
atorralba Aug 2, 2021
9b384d8
Merge branch 'main' into atorralba/promote-ognl-injection
atorralba Aug 2, 2021
f4b78ef
Fix stubs
atorralba Aug 2, 2021
8b50b3d
Add jackson-core to test dependencies
atorralba Aug 2, 2021
08bdd1a
Merge branch 'main' into atorralba/promote-ognl-injection
atorralba Aug 2, 2021
a33e0bc
Fix tests affected by Jackson stubs changes
atorralba Aug 3, 2021
f5cbec4
Fix tests affected by Jackson stubs changes
atorralba Aug 3, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Fix qhelp file
  • Loading branch information
@atorralba
atorralba committed May 17, 2021
commit ed13c17ea851f05aa46c5b052cca872174999fe4
2 changes: 1 addition & 1 deletion java/ql/src/Security/CWE/CWE-917/OgnlInjection.qhelp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ attacker to modify Java objects' properties or execute arbitrary code.</p>

<recommendation>
<p>The general recommendation is to not evaluate untrusted ONGL expressions. If user provided OGNL
expressions must be evaluated, do this in sandbox (add `-Dognl.security.manager` to JVM arguments)
expressions must be evaluated, do this in sandbox (add <code>-Dognl.security.manager</code> to JVM arguments)
and validate the expressions before evaluation.</p>
</recommendation>

Expand Down