11/**
2- * Provides a taint-tracking configuration for detecting LDAP injection vulnerabilities
2+ * Provides taint-tracking configurations for detecting LDAP injection vulnerabilities
3+ *
4+ * Note, for performance reasons: only import this file if
5+ * `LdapInjection::Configuration` is needed, otherwise
6+ * `LdapInjectionCustomizations` should be imported instead.
37 */
48
59import python
@@ -8,9 +12,20 @@ import semmle.python.dataflow.new.DataFlow
812import semmle.python.dataflow.new.TaintTracking
913import semmle.python.dataflow.new.RemoteFlowSources
1014
15+ /**
16+ * Provides aint-tracking configurations for detecting LDAP injection vulnerabilities.class
17+ *
18+ * Two configurations are provided. One is for detecting LDAP injection
19+ * via the distinguished name (DN). The other is for detecting LDAP injection
20+ * via the filter. These require different escapings.
21+ */
1122module LdapInjection {
1223 import LdapInjectionCustomizations:: LdapInjection
1324
25+ /**
26+ * A taint-tracking configuration for detecting LDAP injection vulnerabilities
27+ * via the distinguished name (DN) parameter of an LDAP search.
28+ */
1429 class DnConfiguration extends TaintTracking:: Configuration {
1530 DnConfiguration ( ) { this = "LdapDnInjection" }
1631
@@ -25,6 +40,10 @@ module LdapInjection {
2540 }
2641 }
2742
43+ /**
44+ * A taint-tracking configuration for detecting LDAP injection vulnerabilities
45+ * via the filter parameter of an LDAP search.
46+ */
2847 class FilterConfiguration extends TaintTracking:: Configuration {
2948 FilterConfiguration ( ) { this = "LdapFilterInjection" }
3049
@@ -41,6 +60,7 @@ module LdapInjection {
4160
4261 import DataFlow:: PathGraph
4362
63+ /** Holds if there is an LDAP injection from `source` to `sink` */
4464 predicate ldapInjection ( DataFlow:: PathNode source , DataFlow:: PathNode sink ) {
4565 any ( DnConfiguration dnConfig ) .hasFlowPath ( source , sink )
4666 or
0 commit comments