Skip to content

Commit

Permalink
Credential-other sinks
Browse files Browse the repository at this point in the history
  • Loading branch information
egregius313 committed Aug 16, 2023
1 parent 91f059b commit 6d638b7
Show file tree
Hide file tree
Showing 15 changed files with 128 additions and 0 deletions.
7 changes: 7 additions & 0 deletions java/ql/lib/ext/ch.ethz.ssh2.model.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
extensions:
- addsTo:
pack: codeql/java-all
extensible: sinkModel
data:
- ["ch.ethz.ssh2", "Connection", False, "authenticateWithPassword", "(String, String)", "credential-other", "Argument[0]", "manual"]
- ["ch.ethz.ssh2", "Connection", False, "authenticateWithPassword", "(String, String)", "credential-other", "Argument[1]", "manual"]
7 changes: 7 additions & 0 deletions java/ql/lib/ext/com.amazonaws.auth.model.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
extensions:
- addsTo:
pack: codeql/java-all
extensible: sinkModel
data:
- ["com.amazonaws.auth", "BasicAWSCredentials", False, "BasicAWSCredentials", "(String, String)", "credential-other", "Argument[0]", "manual"]
- ["com.amazonaws.auth", "BasicAWSCredentials", False, "BasicAWSCredentials", "(String, String)", "credential-other", "Argument[1]", "manual"]
11 changes: 11 additions & 0 deletions java/ql/lib/ext/com.auth0.jwt.algorithms.model.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
extensions:
- addsTo:
pack: codeql/java-all
extensible: sinkModel
data:
- ["com.auth0.jwt.algorithms", "Algorithm", False, "HMAC256", "(String)", "credential-other", "Argument[0]", "manual"]
- ["com.auth0.jwt.algorithms", "Algorithm", False, "HMAC256", "(byte[])", "credential-other", "Argument[0]", "manual"]
- ["com.auth0.jwt.algorithms", "Algorithm", False, "HMAC384", "(String)", "credential-other", "Argument[0]", "manual"]
- ["com.auth0.jwt.algorithms", "Algorithm", False, "HMAC384", "(byte[])", "credential-other", "Argument[0]", "manual"]
- ["com.auth0.jwt.algorithms", "Algorithm", False, "HMAC512", "(String)", "credential-other", "Argument[0]", "manual"]
- ["com.auth0.jwt.algorithms", "Algorithm", False, "HMAC512", "(byte[])", "credential-other", "Argument[0]", "manual"]
8 changes: 8 additions & 0 deletions java/ql/lib/ext/com.azure.identity.model.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
extensions:
- addsTo:
pack: codeql/java-all
extensible: sinkModel
data:
- ["com.azure.identity", "ClientSecretCredentialBuilder", False, "clientSecret", "(String)", "credential-other", "Argument[0]", "manual"]
- ["com.azure.identity", "UsernamePasswordCredentialBuilder", False, "password", "(String)", "credential-other", "Argument[0]", "manual"]
- ["com.azure.identity", "UsernamePasswordCredentialBuilder", False, "username", "(String)", "credential-other", "Argument[0]", "manual"]
4 changes: 4 additions & 0 deletions java/ql/lib/ext/com.jcraft.jsch.model.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,10 @@ extensions:
extensible: sinkModel
data:
- ["com.jcraft.jsch", "JSch", True, "getSession", "(String,String,int)", "", "Argument[1]", "request-forgery", "ai-manual"]
- ["com.jcraft.jsch", "JSch", False, "getSession", "(String, String)", "credential-other", "Argument[0]", "manual"]
- ["com.jcraft.jsch", "JSch", False, "getSession", "(String, String, int)", "credential-other", "Argument[0]", "manual"]
- ["com.jcraft.jsch", "Session", False, "setPassword", "(String)", "credential-other", "Argument[0]", "manual"]
- ["com.jcraft.jsch", "Session", False, "setPassword", "(byte[])", "credential-other", "Argument[0]", "manual"]
- addsTo:
pack: codeql/java-all
extensible: summaryModel
Expand Down
9 changes: 9 additions & 0 deletions java/ql/lib/ext/com.microsoft.sqlserver.jdbc.model.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
extensions:
- addsTo:
pack: codeql/java-all
extensible: sinkModel
data:
- ["com.microsoft.sqlserver.jdbc", "SQLServerDataSource", False, "getConnection", "(String, String)", "credential-other", "Argument[0]", "manual"]
- ["com.microsoft.sqlserver.jdbc", "SQLServerDataSource", False, "getConnection", "(String, String)", "credential-other", "Argument[1]", "manual"]
- ["com.microsoft.sqlserver.jdbc", "SQLServerDataSource", False, "setPassword", "(String)", "credential-other", "Argument[0]", "manual"]
- ["com.microsoft.sqlserver.jdbc", "SQLServerDataSource", False, "setUser", "(String)", "credential-other", "Argument[0]", "manual"]
15 changes: 15 additions & 0 deletions java/ql/lib/ext/com.mongodb.model.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
extensions:
- addsTo:
pack: codeql/java-all
extensible: sinkModel
data:
- ["com.mongodb", "MongoCredential", False, "createCredential", "(String, String, char[])", "credential-other", "Argument[0]", "manual"]
- ["com.mongodb", "MongoCredential", False, "createCredential", "(String, String, char[])", "credential-other", "Argument[2]", "manual"]
- ["com.mongodb", "MongoCredential", False, "createGSSAPICredential", "(String)", "credential-other", "Argument[0]", "manual"]
- ["com.mongodb", "MongoCredential", False, "createMongoCRCredential", "(String, String, char[])", "credential-other", "Argument[0]", "manual"]
- ["com.mongodb", "MongoCredential", False, "createMongoCRCredential", "(String, String, char[])", "credential-other", "Argument[2]", "manual"]
- ["com.mongodb", "MongoCredential", False, "createMongoX509Credential", "(String)", "credential-other", "Argument[0]", "manual"]
- ["com.mongodb", "MongoCredential", False, "createPlainCredential", "(String, String, char[])", "credential-other", "Argument[0]", "manual"]
- ["com.mongodb", "MongoCredential", False, "createPlainCredential", "(String, String, char[])", "credential-other", "Argument[2]", "manual"]
- ["com.mongodb", "MongoCredential", False, "createScramSha1Credential", "(String, String, char[])", "credential-other", "Argument[0]", "manual"]
- ["com.mongodb", "MongoCredential", False, "createScramSha1Credential", "(String, String, char[])", "credential-other", "Argument[2]", "manual"]
8 changes: 8 additions & 0 deletions java/ql/lib/ext/com.sshtools.j2ssh.authentication.model.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
extensions:
- addsTo:
pack: codeql/java-all
extensible: sinkModel
data:
- ["com.sshtools.j2ssh.authentication", "PasswordAuthenticationClient", False, "setPassword", "(String)", "credential-other", "Argument[0]", "manual"]
- ["com.sshtools.j2ssh.authentication", "PasswordAuthenticationClient", False, "setUsername", "(String)", "credential-other", "Argument[0]", "manual"]
- ["com.sshtools.j2ssh.authentication", "SshAuthenticationClient", False, "setUsername", "(String)", "credential-other", "Argument[0]", "manual"]
18 changes: 18 additions & 0 deletions java/ql/lib/ext/com.trilead.ssh2.model.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
extensions:
- addsTo:
pack: codeql/java-all
extensible: sinkModel
data:
- ["com.trilead.ssh2", "Connection", False, "authenticateWithDSA", "(String, String, String)", "credential-other", "Argument[0]", "manual"]
- ["com.trilead.ssh2", "Connection", False, "authenticateWithDSA", "(String, String, String)", "credential-other", "Argument[1]", "manual"]
- ["com.trilead.ssh2", "Connection", False, "authenticateWithDSA", "(String, String, String)", "credential-other", "Argument[2]", "manual"]
- ["com.trilead.ssh2", "Connection", False, "authenticateWithNone", "(String)", "credential-other", "Argument[0]", "manual"]
- ["com.trilead.ssh2", "Connection", False, "authenticateWithPassword", "(String, String)", "credential-other", "Argument[0]", "manual"]
- ["com.trilead.ssh2", "Connection", False, "authenticateWithPassword", "(String, String)", "credential-other", "Argument[1]", "manual"]
- ["com.trilead.ssh2", "Connection", False, "authenticateWithPublicKey", "(String, File, String)", "credential-other", "Argument[0]", "manual"]
- ["com.trilead.ssh2", "Connection", False, "authenticateWithPublicKey", "(String, File, String)", "credential-other", "Argument[2]", "manual"]
- ["com.trilead.ssh2", "Connection", False, "authenticateWithPublicKey", "(String, char[], String)", "credential-other", "Argument[0]", "manual"]
- ["com.trilead.ssh2", "Connection", False, "authenticateWithPublicKey", "(String, char[], String)", "credential-other", "Argument[1]", "manual"]
- ["com.trilead.ssh2", "Connection", False, "authenticateWithPublicKey", "(String, char[], String)", "credential-other", "Argument[2]", "manual"]
- ["com.trilead.ssh2", "Connection", False, "getRemainingAuthMethods", "(String)", "credential-other", "Argument[0]", "manual"]
- ["com.trilead.ssh2", "Connection", False, "isAuthMethodAvailable", "(String, String)", "credential-other", "Argument[0]", "manual"]
2 changes: 2 additions & 0 deletions java/ql/lib/ext/javax.crypto.spec.model.yml
Original file line number Diff line number Diff line change
Expand Up @@ -15,3 +15,5 @@ extensions:
- ["javax.crypto.spec", "DESedeKeySpec", False, "isParityAdjusted", "(byte[], int)", "crypto-parameter", "Argument[0]", "manual"]
- ["javax.crypto.spec", "SecretKeySpec", False, "SecretKeySpec", "(byte[], String)", "crypto-parameter", "Argument[0]", "manual"]
- ["javax.crypto.spec", "SecretKeySpec", False, "SecretKeySpec", "(byte[], int, int, String)", "crypto-parameter", "Argument[0]", "manual"]
- ["javax.crypto.spec", "IvParameterSpec", False, "IvParameterSpec", "(byte[])", "credential-other", "Argument[0]", "manual"]
- ["javax.crypto.spec", "IvParameterSpec", False, "IvParameterSpec", "(byte[], int, int)", "credential-other", "Argument[0]", "manual"]
9 changes: 9 additions & 0 deletions java/ql/lib/ext/net.schmizz.sshj.model.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
extensions:
- addsTo:
pack: codeql/java-all
extensible: sinkModel
data:
- ["net.schmizz.sshj", "SSHClient", False, "authPassword", "(String, String)", "credential-other", "Argument[0]", "manual"]
- ["net.schmizz.sshj", "SSHClient", False, "authPassword", "(String, String)", "credential-other", "Argument[1]", "manual"]
- ["net.schmizz.sshj", "SSHClient", False, "authPassword", "(String, char[])", "credential-other", "Argument[0]", "manual"]
- ["net.schmizz.sshj", "SSHClient", False, "authPassword", "(String, char[])", "credential-other", "Argument[1]", "manual"]
9 changes: 9 additions & 0 deletions java/ql/lib/ext/org.apache.commons.net.ftp.model.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
extensions:
- addsTo:
pack: codeql/java-all
extensible: sinkModel
data:
- ["org.apache.commons.net.ftp", "FTPClient", False, "login", "(String, String)", "credential-other", "Argument[0]", "manual"]
- ["org.apache.commons.net.ftp", "FTPClient", False, "login", "(String, String)", "credential-other", "Argument[1]", "manual"]
- ["org.apache.commons.net.ftp", "FTPClient", False, "login", "(String, String, String)", "credential-other", "Argument[0]", "manual"]
- ["org.apache.commons.net.ftp", "FTPClient", False, "login", "(String, String, String)", "credential-other", "Argument[1]", "manual"]
6 changes: 6 additions & 0 deletions java/ql/lib/ext/org.apache.shiro.mgt.model.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
extensions:
- addsTo:
pack: codeql/java-all
extensible: sinkModel
data:
- ["org.apache.shiro.mgt", "AbstractRememberMeManager", False, "setCipherKey", "(byte[])", "credential-other", "Argument[0]", "manual"]
8 changes: 8 additions & 0 deletions java/ql/lib/ext/org.apache.sshd.client.session.model.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
extensions:
- addsTo:
pack: codeql/java-all
extensible: sinkModel
data:
- ["org.apache.sshd.client.session", "AbstractClientSession", False, "addPasswordIdentity", "(String)", "credential-other", "Argument[0]", "manual"]
- ["org.apache.sshd.client.session", "ClientSessionCreator", False, "connect", "(String, SocketAddress)", "credential-other", "Argument[0]", "manual"]
- ["org.apache.sshd.client.session", "ClientSessionCreator", False, "connect", "(String, String, int)", "credential-other", "Argument[0]", "manual"]
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
extensions:
- addsTo:
pack: codeql/java-all
extensible: sinkModel
data:
- ["org.springframework.security.core.userdetails", "User", False, "User", "(String, String, boolean, boolean, boolean, boolean, Collection<? extends GrantedAuthority>)", "credential-other", "Argument[0]", "manual"]
- ["org.springframework.security.core.userdetails", "User", False, "User", "(String, String, boolean, boolean, boolean, boolean, Collection<? extends GrantedAuthority>)", "credential-other", "Argument[1]", "manual"]

0 comments on commit 6d638b7

Please sign in to comment.