Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 9e1b98e

Browse files
jorgectfjorgectf
committed
Detach MyBatisAbstractSqlMethodsStep from MyBatisAbstractSql 
1 parent 8790df7 commit 9e1b98e

1 file changed

Lines changed: 31 additions & 34 deletions

File tree

java/ql/lib/semmle/code/java/frameworks/MyBatis.qll

Lines changed: 31 additions & 34 deletions
Original file line numberDiff line numberDiff line change
@@ -116,38 +116,6 @@ private class MyBatisProvider extends RefType {
116116
}
117117
}
118118

119-
private class MyBatisAbstractSqlMethod extends Method {
120-
string taintedArgs;
121-
string signature;
122-
123-
MyBatisAbstractSqlMethod() {
124-
this.getDeclaringType().getSourceDeclaration() instanceof MyBatisAbstractSql and
125-
(
126-
this.hasName([
127-
"UPDATE", "SET", "INSERT_INTO", "SELECT", "OFFSET_ROWS", "LIMIT", "OFFSET",
128-
"FETCH_FIRST_ROWS_ONLY", "DELETE_FROM", "INNER_JOIN", "ORDER_BY", "WHERE", "HAVING",
129-
"OUTER_JOIN", "LEFT_OUTER_JOIN", "RIGHT_OUTER_JOIN", "GROUP_BY", "FROM", "SELECT_DISTINCT"
130-
]) and
131-
taintedArgs = "Argument[0]" and
132-
signature = "String"
133-
or
134-
this.hasName([
135-
"SET", "INTO_COLUMNS", "INTO_VALUES", "SELECT_DISTINCT", "FROM", "JOIN", "INNER_JOIN",
136-
"LEFT_OUTER_JOIN", "RIGHT_OUTER_JOIN", "OUTER_JOIN", "WHERE", "GROUP_BY", "HAVING",
137-
"ORDER_BY"
138-
]) and
139-
taintedArgs = "Argument[0].ArrayElement" and
140-
signature = "String[]"
141-
or
142-
this.hasName("VALUES") and taintedArgs = "Argument[0..1]" and signature = "String,String"
143-
)
144-
}
145-
146-
string getTaintedArgs() { result = taintedArgs }
147-
148-
string getCsvSignature() { result = signature }
149-
}
150-
151119
/**
152120
* A return statement of a method used in a MyBatis Provider.
153121
*
@@ -189,12 +157,41 @@ private class MyBatisAbstractSqlToStringStep extends SummaryModelCsv {
189157
}
190158
}
191159

160+
private class MyBatisAbstractSqlMethod extends string {
161+
string taintedArgs;
162+
string signature;
163+
164+
MyBatisAbstractSqlMethod() {
165+
this in [
166+
"UPDATE", "SET", "INSERT_INTO", "SELECT", "OFFSET_ROWS", "LIMIT", "OFFSET",
167+
"FETCH_FIRST_ROWS_ONLY", "DELETE_FROM", "INNER_JOIN", "ORDER_BY", "WHERE", "HAVING",
168+
"OUTER_JOIN", "LEFT_OUTER_JOIN", "RIGHT_OUTER_JOIN", "GROUP_BY", "FROM", "SELECT_DISTINCT"
169+
] and
170+
taintedArgs = "Argument[0]" and
171+
signature = "String"
172+
or
173+
this in [
174+
"SET", "INTO_COLUMNS", "INTO_VALUES", "SELECT_DISTINCT", "FROM", "JOIN", "INNER_JOIN",
175+
"LEFT_OUTER_JOIN", "RIGHT_OUTER_JOIN", "OUTER_JOIN", "WHERE", "GROUP_BY", "HAVING",
176+
"ORDER_BY"
177+
] and
178+
taintedArgs = "Argument[0].ArrayElement" and
179+
signature = "String[]"
180+
or
181+
this = "VALUES" and taintedArgs = "Argument[0..1]" and signature = "String,String"
182+
}
183+
184+
string getTaintedArgs() { result = taintedArgs }
185+
186+
string getCsvSignature() { result = signature }
187+
}
188+
192189
private class MyBatisAbstractSqlMethodsStep extends SummaryModelCsv {
193190
override predicate row(string row) {
194191
exists(MyBatisAbstractSqlMethod m |
195192
row =
196-
"org.apache.ibatis.jdbc;AbstractSQL;true;" + m.getName() + ";(" + m.getCsvSignature() +
197-
");;" + m.getTaintedArgs() + ";Argument[-1];taint"
193+
"org.apache.ibatis.jdbc;AbstractSQL;true;" + m + ";(" + m.getCsvSignature() + ");;" +
194+
m.getTaintedArgs() + ";Argument[-1];taint"
198195
)
199196
}
200197
}

0 commit comments

Comments
 (0)