Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit f7c07d5

Browse files
egregius313egregius313
committed
Credential-other sinks
1 parent 49218cd commit f7c07d5

15 files changed

Lines changed: 128 additions & 0 deletions

java/ql/lib/ext/ch.ethz.ssh2.model.yml

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,7 @@
1+
extensions:
2+
- addsTo:
3+
pack: codeql/java-all
4+
extensible: sinkModel
5+
data:
6+
- ["ch.ethz.ssh2", "Connection", False, "authenticateWithPassword", "(String, String)", "credential-other", "Argument[0]", "manual"]
7+
- ["ch.ethz.ssh2", "Connection", False, "authenticateWithPassword", "(String, String)", "credential-other", "Argument[1]", "manual"]

java/ql/lib/ext/com.amazonaws.auth.model.yml

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,7 @@
1+
extensions:
2+
- addsTo:
3+
pack: codeql/java-all
4+
extensible: sinkModel
5+
data:
6+
- ["com.amazonaws.auth", "BasicAWSCredentials", False, "BasicAWSCredentials", "(String, String)", "credential-other", "Argument[0]", "manual"]
7+
- ["com.amazonaws.auth", "BasicAWSCredentials", False, "BasicAWSCredentials", "(String, String)", "credential-other", "Argument[1]", "manual"]

java/ql/lib/ext/com.auth0.jwt.algorithms.model.yml

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,11 @@
1+
extensions:
2+
- addsTo:
3+
pack: codeql/java-all
4+
extensible: sinkModel
5+
data:
6+
- ["com.auth0.jwt.algorithms", "Algorithm", False, "HMAC256", "(String)", "credential-other", "Argument[0]", "manual"]
7+
- ["com.auth0.jwt.algorithms", "Algorithm", False, "HMAC256", "(byte[])", "credential-other", "Argument[0]", "manual"]
8+
- ["com.auth0.jwt.algorithms", "Algorithm", False, "HMAC384", "(String)", "credential-other", "Argument[0]", "manual"]
9+
- ["com.auth0.jwt.algorithms", "Algorithm", False, "HMAC384", "(byte[])", "credential-other", "Argument[0]", "manual"]
10+
- ["com.auth0.jwt.algorithms", "Algorithm", False, "HMAC512", "(String)", "credential-other", "Argument[0]", "manual"]
11+
- ["com.auth0.jwt.algorithms", "Algorithm", False, "HMAC512", "(byte[])", "credential-other", "Argument[0]", "manual"]

java/ql/lib/ext/com.azure.identity.model.yml

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,8 @@
1+
extensions:
2+
- addsTo:
3+
pack: codeql/java-all
4+
extensible: sinkModel
5+
data:
6+
- ["com.azure.identity", "ClientSecretCredentialBuilder", False, "clientSecret", "(String)", "credential-other", "Argument[0]", "manual"]
7+
- ["com.azure.identity", "UsernamePasswordCredentialBuilder", False, "password", "(String)", "credential-other", "Argument[0]", "manual"]
8+
- ["com.azure.identity", "UsernamePasswordCredentialBuilder", False, "username", "(String)", "credential-other", "Argument[0]", "manual"]

java/ql/lib/ext/com.jcraft.jsch.model.yml

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,10 @@ extensions:
44
extensible: sinkModel
55
data:
66
- ["com.jcraft.jsch", "JSch", True, "getSession", "(String,String,int)", "", "Argument[1]", "request-forgery", "ai-manual"]
7+
- ["com.jcraft.jsch", "JSch", False, "getSession", "(String, String)", "credential-other", "Argument[0]", "manual"]
8+
- ["com.jcraft.jsch", "JSch", False, "getSession", "(String, String, int)", "credential-other", "Argument[0]", "manual"]
9+
- ["com.jcraft.jsch", "Session", False, "setPassword", "(String)", "credential-other", "Argument[0]", "manual"]
10+
- ["com.jcraft.jsch", "Session", False, "setPassword", "(byte[])", "credential-other", "Argument[0]", "manual"]
711
- addsTo:
812
pack: codeql/java-all
913
extensible: summaryModel

java/ql/lib/ext/com.microsoft.sqlserver.jdbc.model.yml

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,9 @@
1+
extensions:
2+
- addsTo:
3+
pack: codeql/java-all
4+
extensible: sinkModel
5+
data:
6+
- ["com.microsoft.sqlserver.jdbc", "SQLServerDataSource", False, "getConnection", "(String, String)", "credential-other", "Argument[0]", "manual"]
7+
- ["com.microsoft.sqlserver.jdbc", "SQLServerDataSource", False, "getConnection", "(String, String)", "credential-other", "Argument[1]", "manual"]
8+
- ["com.microsoft.sqlserver.jdbc", "SQLServerDataSource", False, "setPassword", "(String)", "credential-other", "Argument[0]", "manual"]
9+
- ["com.microsoft.sqlserver.jdbc", "SQLServerDataSource", False, "setUser", "(String)", "credential-other", "Argument[0]", "manual"]

java/ql/lib/ext/com.mongodb.model.yml

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,15 @@
1+
extensions:
2+
- addsTo:
3+
pack: codeql/java-all
4+
extensible: sinkModel
5+
data:
6+
- ["com.mongodb", "MongoCredential", False, "createCredential", "(String, String, char[])", "credential-other", "Argument[0]", "manual"]
7+
- ["com.mongodb", "MongoCredential", False, "createCredential", "(String, String, char[])", "credential-other", "Argument[2]", "manual"]
8+
- ["com.mongodb", "MongoCredential", False, "createGSSAPICredential", "(String)", "credential-other", "Argument[0]", "manual"]
9+
- ["com.mongodb", "MongoCredential", False, "createMongoCRCredential", "(String, String, char[])", "credential-other", "Argument[0]", "manual"]
10+
- ["com.mongodb", "MongoCredential", False, "createMongoCRCredential", "(String, String, char[])", "credential-other", "Argument[2]", "manual"]
11+
- ["com.mongodb", "MongoCredential", False, "createMongoX509Credential", "(String)", "credential-other", "Argument[0]", "manual"]
12+
- ["com.mongodb", "MongoCredential", False, "createPlainCredential", "(String, String, char[])", "credential-other", "Argument[0]", "manual"]
13+
- ["com.mongodb", "MongoCredential", False, "createPlainCredential", "(String, String, char[])", "credential-other", "Argument[2]", "manual"]
14+
- ["com.mongodb", "MongoCredential", False, "createScramSha1Credential", "(String, String, char[])", "credential-other", "Argument[0]", "manual"]
15+
- ["com.mongodb", "MongoCredential", False, "createScramSha1Credential", "(String, String, char[])", "credential-other", "Argument[2]", "manual"]

java/ql/lib/ext/com.sshtools.j2ssh.authentication.model.yml

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,8 @@
1+
extensions:
2+
- addsTo:
3+
pack: codeql/java-all
4+
extensible: sinkModel
5+
data:
6+
- ["com.sshtools.j2ssh.authentication", "PasswordAuthenticationClient", False, "setPassword", "(String)", "credential-other", "Argument[0]", "manual"]
7+
- ["com.sshtools.j2ssh.authentication", "PasswordAuthenticationClient", False, "setUsername", "(String)", "credential-other", "Argument[0]", "manual"]
8+
- ["com.sshtools.j2ssh.authentication", "SshAuthenticationClient", False, "setUsername", "(String)", "credential-other", "Argument[0]", "manual"]

java/ql/lib/ext/com.trilead.ssh2.model.yml

Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,18 @@
1+
extensions:
2+
- addsTo:
3+
pack: codeql/java-all
4+
extensible: sinkModel
5+
data:
6+
- ["com.trilead.ssh2", "Connection", False, "authenticateWithDSA", "(String, String, String)", "credential-other", "Argument[0]", "manual"]
7+
- ["com.trilead.ssh2", "Connection", False, "authenticateWithDSA", "(String, String, String)", "credential-other", "Argument[1]", "manual"]
8+
- ["com.trilead.ssh2", "Connection", False, "authenticateWithDSA", "(String, String, String)", "credential-other", "Argument[2]", "manual"]
9+
- ["com.trilead.ssh2", "Connection", False, "authenticateWithNone", "(String)", "credential-other", "Argument[0]", "manual"]
10+
- ["com.trilead.ssh2", "Connection", False, "authenticateWithPassword", "(String, String)", "credential-other", "Argument[0]", "manual"]
11+
- ["com.trilead.ssh2", "Connection", False, "authenticateWithPassword", "(String, String)", "credential-other", "Argument[1]", "manual"]
12+
- ["com.trilead.ssh2", "Connection", False, "authenticateWithPublicKey", "(String, File, String)", "credential-other", "Argument[0]", "manual"]
13+
- ["com.trilead.ssh2", "Connection", False, "authenticateWithPublicKey", "(String, File, String)", "credential-other", "Argument[2]", "manual"]
14+
- ["com.trilead.ssh2", "Connection", False, "authenticateWithPublicKey", "(String, char[], String)", "credential-other", "Argument[0]", "manual"]
15+
- ["com.trilead.ssh2", "Connection", False, "authenticateWithPublicKey", "(String, char[], String)", "credential-other", "Argument[1]", "manual"]
16+
- ["com.trilead.ssh2", "Connection", False, "authenticateWithPublicKey", "(String, char[], String)", "credential-other", "Argument[2]", "manual"]
17+
- ["com.trilead.ssh2", "Connection", False, "getRemainingAuthMethods", "(String)", "credential-other", "Argument[0]", "manual"]
18+
- ["com.trilead.ssh2", "Connection", False, "isAuthMethodAvailable", "(String, String)", "credential-other", "Argument[0]", "manual"]

java/ql/lib/ext/javax.crypto.spec.model.yml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -23,3 +23,5 @@ extensions:
2323
- ["javax.crypto.spec", "DESedeKeySpec", False, "isParityAdjusted", "(byte[], int)", "crypto-parameter", "Argument[0]", "manual"]
2424
- ["javax.crypto.spec", "SecretKeySpec", False, "SecretKeySpec", "(byte[], String)", "crypto-parameter", "Argument[0]", "manual"]
2525
- ["javax.crypto.spec", "SecretKeySpec", False, "SecretKeySpec", "(byte[], int, int, String)", "crypto-parameter", "Argument[0]", "manual"]
26+
- ["javax.crypto.spec", "IvParameterSpec", False, "IvParameterSpec", "(byte[])", "credential-other", "Argument[0]", "manual"]
27+
- ["javax.crypto.spec", "IvParameterSpec", False, "IvParameterSpec", "(byte[], int, int)", "credential-other", "Argument[0]", "manual"]

0 commit comments

Comments
 (0)