Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Java: Introduce a common sanitizer type for types which cannot realistically carry taint. #15291

Open
wants to merge 5 commits into
base: main
Choose a base branch
from

Conversation

egregius313
Copy link
Contributor

Many queries have dataflow/taint-tracking configurations with an isBarrier definition which check if the node's type is a PrimitiveType, BoxedType, NumberType, etc.

This introduces a new library semmle.code.java.security.dataflow.CommonSanitizers which contains a new sanitizer class SimpleScalarSanitizer, which represents nodes which cannot realistically carry taint for most queries (e.g. primitives, their boxed equivalents, and numeric types).

It also converts existing configurations/sanitizer classes to use instanceof SimpleScalarSanitizer instead.

Important

I am still debating the naming of the library and class. If there is something better than "SimpleScalarSanitizer", I am open to changing the name.

The `SimpleScalarSanitizer` class represents common scalar types which
cannot realistically carry taint (e.g. primitives/numbers, and
eventually UUIDs and Dates)
@egregius313 egregius313 force-pushed the egregius313/java/dataflow/default-sanitizers branch from ca89eb1 to fa60cf9 Compare January 17, 2024 00:35
@egregius313 egregius313 marked this pull request as ready for review January 17, 2024 00:36
@egregius313 egregius313 requested a review from a team as a code owner January 17, 2024 00:36
@egregius313
Copy link
Contributor Author

DCA with nightly on security-extended is fine.

DCA on security-experimental seems to be having issues, but those issues are also happening with main, so it is not due to this PR as far as I can tell.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

1 participant