Skip to content

Commit a757178

Browse files
owen-mcowen-mc
committed
Refactor logInjectionGuard part 2
1 parent 2b2f342 commit a757178

File tree

1 file changed

+16
-25
lines changed

1 file changed

+16
-25
lines changed

java/ql/lib/semmle/code/java/security/LogInjection.qll

Lines changed: 16 additions & 25 deletions
Original file line numberDiff line numberDiff line change
@@ -103,35 +103,26 @@ private predicate logInjectionGuard(Guard g, Expr e, boolean branch) {
103103
branch = false
104104
)
105105
or
106-
exists(MethodCall ma, CompileTimeConstantExpr target |
107-
ma = g and
108-
target = ma.getArgument(0)
106+
exists(RegexMatch rm, CompileTimeConstantExpr target |
107+
rm = g and
108+
target = rm.getRegex() and
109+
e = rm.getString()
109110
|
110-
ma.getMethod().hasName("matches") and
111+
// Allow anything except line breaks
111112
(
112-
ma.getMethod().getDeclaringType() instanceof TypeString and
113-
e = ma.getQualifier()
113+
not target.getStringValue().matches("%[^%]%") and
114+
not target.getStringValue().matches("%" + ["\n", "\r", "\\n", "\\r", "\\R"] + "%")
114115
or
115-
ma.getMethod().getDeclaringType().hasQualifiedName("java.util.regex", "Pattern") and
116-
e = ma.getArgument(1)
116+
target.getStringValue().matches("%[^%" + ["\n", "\r", "\\n", "\\r", "\\R"] + "%]%")
117117
) and
118+
branch = true
119+
or
120+
// Disallow line breaks
118121
(
119-
// Allow anything except line breaks
120-
(
121-
not target.getStringValue().matches("%[^%]%") and
122-
not target.getStringValue().matches("%" + ["\n", "\r", "\\n", "\\r", "\\R"] + "%")
123-
or
124-
target.getStringValue().matches("%[^%" + ["\n", "\r", "\\n", "\\r", "\\R"] + "%]%")
125-
) and
126-
branch = true
127-
or
128-
// Disallow line breaks
129-
(
130-
not target.getStringValue().matches("%[^%" + ["\n", "\r", "\\n", "\\r", "\\R"] + "%]%") and
131-
// Assuming a regex containing line breaks is correctly matching line breaks in a string
132-
target.getStringValue().matches("%" + ["\n", "\r", "\\n", "\\r", "\\R"] + "%")
133-
) and
134-
branch = false
135-
)
122+
not target.getStringValue().matches("%[^%" + ["\n", "\r", "\\n", "\\r", "\\R"] + "%]%") and
123+
// Assuming a regex containing line breaks is correctly matching line breaks in a string
124+
target.getStringValue().matches("%" + ["\n", "\r", "\\n", "\\r", "\\R"] + "%")
125+
) and
126+
branch = false
136127
)
137128
}

0 commit comments

Comments
 (0)