-
Notifications
You must be signed in to change notification settings - Fork 4
Expand file tree
/
Copy pathtest.ql
More file actions
38 lines (32 loc) · 917 Bytes
/
test.ql
File metadata and controls
38 lines (32 loc) · 917 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
/**
* @name Insertion of sensitive information into log files testfile for pieces of query
* @ kind problem
* @problem.severity warning
* @id javascript/sensitive-log-test
*/
import javascript
import advanced_security.javascript.frameworks.cap.CDS
import advanced_security.javascript.frameworks.cap.CAPLogInjectionQuery
//annotations check
// from SensitiveAnnotatedElement c
// select c, ""
// class SensitiveExposureSource extends DataFlow::Node {
// SensitiveExposureSource() {
// exists(PropRead p, SensitiveAnnotatedElement c |
// p.getPropertyName() = c.getEntityOrFieldName() and
// this = p
// )
// }
// }
//source check
// from SensitiveExposureSource s
// select s, ""
//sink check
// from CdsLogSink s
// select s , ""
from SensitiveAnnotatedElement c, string name
where
name = c.(CdlEntity).getName()
or
name = c.(CdlAttribute).getName()
select c, name