Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Go/Java/C#: Rename ThreatModelFlowSource to ActiveThreatModelSource #17424

Merged
merged 5 commits into from
Sep 26, 2024
Merged
Show file tree
Hide file tree
Changes from 3 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
---
category: deprecated
---
* The class `ThreatModelFlowSource` has been renamed to `ActiveThreatModelSource` to more clearly reflect it only contains the currently active threat model sources. `ThreatModelFlowSource` has been marked as deprecated.
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ private predicate needsChecks(ActionMethod m) { m.isEdit() and not m.isAdmin() }
* that may indicate that it's used as the ID for some resource
*/
private predicate hasIdParameter(ActionMethod m) {
exists(ThreatModelFlowSource src | src.getEnclosingCallable() = m |
exists(ActiveThreatModelSource src | src.getEnclosingCallable() = m |
src.asParameter().getName().toLowerCase().matches(["%id", "%idx"])
or
// handle cases like `Request.QueryString["Id"]`
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,7 @@ deprecated class RemoteSource extends DataFlow::Node instanceof RemoteFlowSource
deprecated class LocalSource extends DataFlow::Node instanceof LocalFlowSource { }

/** A source supported by the current threat model. */
class ThreatModelSource extends Source instanceof ThreatModelFlowSource { }
class ThreatModelSource extends Source instanceof ActiveThreatModelSource { }

private class SimpleTypeSanitizer extends Sanitizer, SimpleTypeSanitizedExpr { }

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@ module CommandInjection = TaintTracking::Global<CommandInjectionConfig>;
deprecated class RemoteSource extends DataFlow::Node instanceof RemoteFlowSource { }

/** A source supported by the current threat model. */
class ThreatModelSource extends Source instanceof ThreatModelFlowSource { }
class ThreatModelSource extends Source instanceof ActiveThreatModelSource { }

/** Command Injection sinks defined through Models as Data. */
private class ExternalCommandInjectionExprSink extends Sink {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@ module ConditionalBypass = TaintTracking::Global<ConditionalBypassConfig>;
deprecated class RemoteSource extends DataFlow::Node instanceof RemoteFlowSource { }

/** A source supported by the current threat model. */
class ThreatModelSource extends Source instanceof ThreatModelFlowSource { }
class ThreatModelSource extends Source instanceof ActiveThreatModelSource { }

/** The result of a reverse dns may be user-controlled. */
class ReverseDnsSource extends Source {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -73,14 +73,14 @@ class ExternalApiDataNode extends DataFlow::Node {
}
}

/** A configuration for tracking flow from `ThreatModelFlowSource`s to `ExternalApiDataNode`s. */
/** A configuration for tracking flow from `ActiveThreatModelSource`s to `ExternalApiDataNode`s. */
private module RemoteSourceToExternalApiConfig implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

predicate isSink(DataFlow::Node sink) { sink instanceof ExternalApiDataNode }
}

/** A module for tracking flow from `ThreatModelFlowSource`s to `ExternalApiDataNode`s. */
/** A module for tracking flow from `ActiveThreatModelSource`s to `ExternalApiDataNode`s. */
module RemoteSourceToExternalApi = TaintTracking::Global<RemoteSourceToExternalApiConfig>;

/** A node representing untrusted data being passed to an external API. */
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,7 @@ module LdapInjection = TaintTracking::Global<LdapInjectionConfig>;
deprecated class RemoteSource extends DataFlow::Node instanceof RemoteFlowSource { }

/** A source supported by the current threat model. */
class ThreatModelSource extends Source instanceof ThreatModelFlowSource { }
class ThreatModelSource extends Source instanceof ActiveThreatModelSource { }

/** LDAP sinks defined through Models as Data. */
private class ExternalLdapExprSink extends Sink {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ private module LogForgingConfig implements DataFlow::ConfigSig {
module LogForging = TaintTracking::Global<LogForgingConfig>;

/** A source of remote user input. */
private class ThreatModelSource extends Source instanceof ThreatModelFlowSource { }
private class ThreatModelSource extends Source instanceof ActiveThreatModelSource { }

private class HtmlSanitizer extends Sanitizer {
HtmlSanitizer() { this.asExpr() instanceof HtmlSanitizedExpr }
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ private module MissingXmlValidationConfig implements DataFlow::ConfigSig {
module MissingXmlValidation = TaintTracking::Global<MissingXmlValidationConfig>;

/**
* DEPRECATED: Use `ThreatModelFlowSource` instead.
* DEPRECATED: Use `ActiveThreatModelSource` instead.
*
* A source of remote user input.
*/
Expand All @@ -57,7 +57,7 @@ deprecated class RemoteSource extends DataFlow::Node instanceof RemoteFlowSource
/**
* A source supported by the current threat model.
*/
class ThreatModelSource extends Source instanceof ThreatModelFlowSource { }
class ThreatModelSource extends Source instanceof ActiveThreatModelSource { }

/**
* The input argument to a call to `XmlReader.Create` where the input will not be validated against
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ module ReDoS = TaintTracking::Global<ReDoSConfig>;
deprecated class RemoteSource extends DataFlow::Node instanceof RemoteFlowSource { }

/** A source supported by the current threat model. */
class ThreatModelSource extends Source instanceof ThreatModelFlowSource { }
class ThreatModelSource extends Source instanceof ActiveThreatModelSource { }

/**
* An expression that represents a regular expression with potential exponential behavior.
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ module RegexInjection = TaintTracking::Global<RegexInjectionConfig>;
deprecated class RemoteSource extends DataFlow::Node instanceof RemoteFlowSource { }

/** A source supported by the current threat model. */
class ThreatModelSource extends Source instanceof ThreatModelFlowSource { }
class ThreatModelSource extends Source instanceof ActiveThreatModelSource { }

/**
* A `pattern` argument to a construction of a `Regex`.
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@ deprecated class RemoteSource extends DataFlow::Node instanceof RemoteFlowSource
deprecated class LocalSource extends DataFlow::Node instanceof LocalFlowSource { }

/** A source supported by the current threat model. */
class ThreatModelSource extends Source instanceof ThreatModelFlowSource { }
class ThreatModelSource extends Source instanceof ActiveThreatModelSource { }

/** An argument to the `ConnectionString` property on a data connection class. */
class SqlConnectionStringSink extends Sink {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -65,7 +65,7 @@ deprecated class RemoteSource extends DataFlow::Node instanceof RemoteFlowSource
deprecated class LocalSource extends DataFlow::Node instanceof LocalFlowSource { }

/** A source supported by the current threat model. */
class ThreatModelSource extends Source instanceof ThreatModelFlowSource { }
class ThreatModelSource extends Source instanceof ActiveThreatModelSource { }

/** An SQL expression passed to an API call that executes SQL. */
class SqlInjectionExprSink extends Sink {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ module TaintedPath = TaintTracking::Global<TaintedPathConfig>;
deprecated class RemoteSource extends DataFlow::Node instanceof RemoteFlowSource { }

/** A source supported by the current threat model. */
class ThreatModelSource extends Source instanceof ThreatModelFlowSource { }
class ThreatModelSource extends Source instanceof ActiveThreatModelSource { }

/**
* A path argument to a `File` method call.
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ abstract private class ConstructorOrStaticMethodSink extends Sink { }
*/
abstract class Sanitizer extends DataFlow::Node { }

private class ThreatModelSource extends Source instanceof ThreatModelFlowSource { }
private class ThreatModelSource extends Source instanceof ActiveThreatModelSource { }

/**
* User input to object method call deserialization flow tracking configuration.
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,7 @@ module UrlRedirect = TaintTracking::Global<UrlRedirectConfig>;
deprecated class RemoteSource extends DataFlow::Node instanceof RemoteFlowSource { }

/** A source supported by the current threat model. */
class ThreatModelSource extends Source instanceof ThreatModelFlowSource { }
class ThreatModelSource extends Source instanceof ActiveThreatModelSource { }

/** URL Redirection sinks defined through Models as Data. */
private class ExternalUrlRedirectExprSink extends Sink {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ private import semmle.code.csharp.security.Sanitizers
*/
abstract class Source extends DataFlow::Node { }

private class ThreatModelSource extends Source instanceof ThreatModelFlowSource { }
private class ThreatModelSource extends Source instanceof ActiveThreatModelSource { }

/**
* A data flow sink for untrusted user input used in XML processing.
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,7 @@ module XpathInjection = TaintTracking::Global<XpathInjectionConfig>;
deprecated class RemoteSource extends DataFlow::Node instanceof RemoteFlowSource { }

/** A source supported by the current threat model. */
class ThreatModelSource extends Source instanceof ThreatModelFlowSource { }
class ThreatModelSource extends Source instanceof ActiveThreatModelSource { }

/** The `xpath` argument to an `XPathExpression.Compile(..)` call. */
class XPathExpressionCompileSink extends Sink {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -165,7 +165,7 @@ module XssTrackingConfig implements DataFlow::ConfigSig {
module XssTracking = TaintTracking::Global<XssTrackingConfig>;

/** A source supported by the current threat model. */
private class ThreatModelSource extends Source instanceof ThreatModelFlowSource { }
private class ThreatModelSource extends Source instanceof ActiveThreatModelSource { }

private class SimpleTypeSanitizer extends Sanitizer, SimpleTypeSanitizedExpr { }

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -20,11 +20,18 @@ abstract class SourceNode extends DataFlow::Node {
}

/**
* DEPRECATED: Use `ActiveThreatModelSource` instead.
*
* A class of data flow sources that respects the
* current threat model configuration.
*/
class ThreatModelFlowSource extends DataFlow::Node {
ThreatModelFlowSource() {
deprecated class ThreatModelFlowSource = ActiveThreatModelSource;

/**
* A data flow source that is enabled in the current threat model configuration.
*/
class ActiveThreatModelSource extends DataFlow::Node {
ActiveThreatModelSource() {
exists(string kind |
// Specific threat model.
currentThreatModel(kind) and
Expand Down
2 changes: 1 addition & 1 deletion csharp/ql/src/Security Features/CWE-091/XMLInjection.ql
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ import XmlInjection::PathGraph
* A taint-tracking configuration for untrusted user input used in XML.
*/
module XmlInjectionConfig implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

predicate isSink(DataFlow::Node sink) {
exists(MethodCall mc |
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ import AssemblyPathInjection::PathGraph
* A taint-tracking configuration for untrusted user input used to load a DLL.
*/
module AssemblyPathInjectionConfig implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

predicate isSink(DataFlow::Node sink) {
exists(MethodCall mc, string name, int arg |
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ import semmle.code.csharp.frameworks.Format
import FormatString::PathGraph

module FormatStringConfig implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

predicate isSink(DataFlow::Node sink) {
sink.asExpr() = any(FormatCall call | call.hasInsertions()).getFormatExpr()
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,7 @@ module TaintedWebClient = TaintTracking::Global<TaintedWebClientConfig>;
deprecated class RemoteSource extends DataFlow::Node instanceof RemoteFlowSource { }

/** A source supported by the current threat model. */
class ThreatModelSource extends Source instanceof ThreatModelFlowSource { }
class ThreatModelSource extends Source instanceof ActiveThreatModelSource { }

/**
* A path argument to a `WebClient` method call that has an address argument.
Expand Down
2 changes: 1 addition & 1 deletion csharp/ql/src/experimental/CWE-918/RequestForgery.qll
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,7 @@ module RequestForgery {
/**
* A dataflow source for Server Side Request Forgery(SSRF) Vulnerabilities.
*/
private class ThreatModelSource extends Source instanceof ThreatModelFlowSource { }
private class ThreatModelSource extends Source instanceof ActiveThreatModelSource { }

/**
* An url argument to a `HttpRequestMessage` constructor call
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -2,5 +2,5 @@ import csharp
import semmle.code.csharp.security.dataflow.flowsources.FlowSources

from DataFlow::Node source
where source instanceof ThreatModelFlowSource
where source instanceof ActiveThreatModelSource
select source
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ import csharp
import semmle.code.csharp.security.dataflow.flowsources.FlowSources

module CommandLineFlowConfig implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

predicate isSink(DataFlow::Node sink) {
exists(MethodCall mc | mc.getTarget().hasName("Sink") | sink.asExpr() = mc.getArgument(0))
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -2,5 +2,5 @@ import csharp
import semmle.code.csharp.security.dataflow.flowsources.FlowSources

from DataFlow::Node source
where source instanceof ThreatModelFlowSource
where source instanceof ActiveThreatModelSource
select source, source.(SourceNode).getThreatModel()
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ import TestUtilities.InlineFlowTest
import TaintFlowTest<DatabaseConfig>

module DatabaseConfig implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

predicate isSink(DataFlow::Node sink) {
exists(MethodCall mc | mc.getTarget().hasName("Sink") | sink.asExpr() = mc.getArgument(0))
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ import TestUtilities.InlineFlowTest
import TaintFlowTest<FilesConfig>

module FilesConfig implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

predicate isSink(DataFlow::Node sink) {
exists(MethodCall mc | mc.getTarget().hasName("Sink") | sink.asExpr() = mc.getArgument(0))
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ private import semmle.code.csharp.dataflow.internal.ExternalFlow
private import semmle.code.csharp.security.dataflow.flowsources.FlowSources

private module ThreatModelConfig implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

predicate isSink(DataFlow::Node sink) { sinkNode(sink, _) }
}
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
---
category: deprecated
---
* The class `ThreatModelFlowSource` has been renamed to `ActiveThreatModelSource` to more clearly reflect it only contains the currently active threat model sources. `ThreatModelFlowSource` has been marked as deprecated.
Original file line number Diff line number Diff line change
Expand Up @@ -31,12 +31,12 @@ module CommandInjection {
abstract class Sanitizer extends DataFlow::Node { }

/**
* DEPRECATED: Use `ThreatModelFlowSource` or `Source` instead.
* DEPRECATED: Use `ActiveThreatModelSource` or `Source` instead.
*/
deprecated class UntrustedFlowAsSource = ThreatModelFlowAsSource;

/** A source of untrusted data, considered as a taint source for command injection. */
private class ThreatModelFlowAsSource extends Source instanceof ThreatModelFlowSource { }
private class ThreatModelFlowAsSource extends Source instanceof ActiveThreatModelSource { }

/** A command name, considered as a taint sink for command injection. */
class CommandNameAsSink extends Sink {
Expand Down
8 changes: 4 additions & 4 deletions go/ql/lib/semmle/go/security/ExternalAPIs.qll
Original file line number Diff line number Diff line change
Expand Up @@ -183,24 +183,24 @@ class UnknownExternalApiDataNode extends ExternalApiDataNode {
}

private module UntrustedDataConfig implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

predicate isSink(DataFlow::Node sink) { sink instanceof ExternalApiDataNode }
}

/**
* Tracks data flow from `ThreatModelFlowSource`s to `ExternalApiDataNode`s.
* Tracks data flow from `ActiveThreatModelSource`s to `ExternalApiDataNode`s.
*/
module UntrustedDataToExternalApiFlow = DataFlow::Global<UntrustedDataConfig>;

private module UntrustedDataToUnknownExternalApiConfig implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node source) { source instanceof ThreatModelFlowSource }
predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }

predicate isSink(DataFlow::Node sink) { sink instanceof UnknownExternalApiDataNode }
}

/**
* Tracks data flow from `ThreatModelFlowSource`s to `UnknownExternalApiDataNode`s.
* Tracks data flow from `ActiveThreatModelSource`s to `UnknownExternalApiDataNode`s.
*/
module UntrustedDataToUnknownExternalApiFlow =
DataFlow::Global<UntrustedDataToUnknownExternalApiConfig>;
Expand Down
11 changes: 9 additions & 2 deletions go/ql/lib/semmle/go/security/FlowSources.qll
Original file line number Diff line number Diff line change
Expand Up @@ -55,11 +55,18 @@ abstract class SourceNode extends DataFlow::Node {
}

/**
* DEPRECATED: Use `ActiveThreatModelSource` instead.
*
* A class of data flow sources that respects the
* current threat model configuration.
*/
class ThreatModelFlowSource extends DataFlow::Node {
ThreatModelFlowSource() {
deprecated class ThreatModelFlowSource = ActiveThreatModelSource;

/**
* A data flow source that is enabled in the current threat model configuration.
*/
class ActiveThreatModelSource extends DataFlow::Node {
ActiveThreatModelSource() {
exists(string kind |
// Specific threat model.
currentThreatModel(kind) and
Expand Down
4 changes: 2 additions & 2 deletions go/ql/lib/semmle/go/security/LogInjectionCustomizations.qll
Original file line number Diff line number Diff line change
Expand Up @@ -26,12 +26,12 @@ module LogInjection {
abstract class Sanitizer extends DataFlow::Node { }

/**
* DEPRECATED: Use `ThreatModelFlowSource` or `Source` instead.
* DEPRECATED: Use `ActiveThreatModelSource` or `Source` instead.
*/
deprecated class UntrustedFlowAsSource = ThreatModelFlowAsSource;

/** A source of untrusted data, considered as a taint source for log injection. */
private class ThreatModelFlowAsSource extends Source instanceof ThreatModelFlowSource { }
private class ThreatModelFlowAsSource extends Source instanceof ActiveThreatModelSource { }

/** An argument to a logging mechanism. */
class LoggerSink extends Sink {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ module MissingJwtSignatureCheck {
}
}

private class DefaultSource extends Source instanceof ThreatModelFlowSource { }
private class DefaultSource extends Source instanceof ActiveThreatModelSource { }

private class DefaultSink extends Sink {
DefaultSink() { sinkNode(this, "jwt") }
Expand Down
Loading
Loading