Skip to content

Commit

Permalink
Change credential-other to more appropriate sink kinds
Browse files Browse the repository at this point in the history
  • Loading branch information
egregius313 committed Aug 21, 2023
1 parent 36da0cd commit dccb394
Show file tree
Hide file tree
Showing 14 changed files with 83 additions and 56 deletions.
4 changes: 2 additions & 2 deletions java/ql/lib/ext/com.amazonaws.auth.model.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,5 +3,5 @@ extensions:
pack: codeql/java-all
extensible: sinkModel
data:
- ["com.amazonaws.auth", "BasicAWSCredentials", False, "BasicAWSCredentials", "", "", "Argument[0]", "credential-other", "manual"]
- ["com.amazonaws.auth", "BasicAWSCredentials", False, "BasicAWSCredentials", "", "", "Argument[1]", "credential-other", "manual"]
- ["com.amazonaws.auth", "BasicAWSCredentials", False, "BasicAWSCredentials", "", "", "Argument[0]", "crypto-parameter", "manual"]
- ["com.amazonaws.auth", "BasicAWSCredentials", False, "BasicAWSCredentials", "", "", "Argument[1]", "crypto-parameter", "manual"]
12 changes: 6 additions & 6 deletions java/ql/lib/ext/com.auth0.jwt.algorithms.model.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,9 +3,9 @@ extensions:
pack: codeql/java-all
extensible: sinkModel
data:
- ["com.auth0.jwt.algorithms", "Algorithm", False, "HMAC256", "(String)", "", "Argument[0]", "credential-other", "manual"]
- ["com.auth0.jwt.algorithms", "Algorithm", False, "HMAC256", "(byte[])", "", "Argument[0]", "credential-other", "manual"]
- ["com.auth0.jwt.algorithms", "Algorithm", False, "HMAC384", "(String)", "", "Argument[0]", "credential-other", "manual"]
- ["com.auth0.jwt.algorithms", "Algorithm", False, "HMAC384", "(byte[])", "", "Argument[0]", "credential-other", "manual"]
- ["com.auth0.jwt.algorithms", "Algorithm", False, "HMAC512", "(String)", "", "Argument[0]", "credential-other", "manual"]
- ["com.auth0.jwt.algorithms", "Algorithm", False, "HMAC512", "(byte[])", "", "Argument[0]", "credential-other", "manual"]
- ["com.auth0.jwt.algorithms", "Algorithm", False, "HMAC256", "(String)", "", "Argument[0]", "crypto-parameter", "manual"]
- ["com.auth0.jwt.algorithms", "Algorithm", False, "HMAC256", "(byte[])", "", "Argument[0]", "crypto-parameter", "manual"]
- ["com.auth0.jwt.algorithms", "Algorithm", False, "HMAC384", "(String)", "", "Argument[0]", "crypto-parameter", "manual"]
- ["com.auth0.jwt.algorithms", "Algorithm", False, "HMAC384", "(byte[])", "", "Argument[0]", "crypto-parameter", "manual"]
- ["com.auth0.jwt.algorithms", "Algorithm", False, "HMAC512", "(String)", "", "Argument[0]", "crypto-parameter", "manual"]
- ["com.auth0.jwt.algorithms", "Algorithm", False, "HMAC512", "(byte[])", "", "Argument[0]", "crypto-parameter", "manual"]
6 changes: 3 additions & 3 deletions java/ql/lib/ext/com.azure.identity.model.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,6 @@ extensions:
pack: codeql/java-all
extensible: sinkModel
data:
- ["com.azure.identity", "ClientSecretCredentialBuilder", False, "clientSecret", "(String)", "", "Argument[0]", "credential-other", "manual"]
- ["com.azure.identity", "UsernamePasswordCredentialBuilder", False, "password", "(String)", "", "Argument[0]", "credential-other", "manual"]
- ["com.azure.identity", "UsernamePasswordCredentialBuilder", False, "username", "(String)", "", "Argument[0]", "credential-other", "manual"]
- ["com.azure.identity", "ClientSecretCredentialBuilder", False, "clientSecret", "(String)", "", "Argument[0]", "crypto-parameter", "manual"]
- ["com.azure.identity", "UsernamePasswordCredentialBuilder", False, "password", "(String)", "", "Argument[0]", "credential-password", "manual"]
- ["com.azure.identity", "UsernamePasswordCredentialBuilder", False, "username", "(String)", "", "Argument[0]", "credential-username", "manual"]
21 changes: 17 additions & 4 deletions java/ql/lib/ext/com.jcraft.jsch.model.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,11 +3,24 @@ extensions:
pack: codeql/java-all
extensible: sinkModel
data:
- ["com.jcraft.jsch", "JSch", True, "addIdentity", "(Identity,byte[])", "", "Argument[1]", "credential-password", "manual"]
- ["com.jcraft.jsch", "JSch", True, "addIdentity", "(String)", "", "Argument[0]", "crypto-parameter", "manual"]
- ["com.jcraft.jsch", "JSch", True, "addIdentity", "(String,byte[])", "", "Argument[0]", "crypto-parameter", "manual"]
- ["com.jcraft.jsch", "JSch", True, "addIdentity", "(String,byte[])", "", "Argument[1]", "credential-password", "manual"]
- ["com.jcraft.jsch", "JSch", True, "addIdentity", "(String,byte[],byte[],byte[])", "", "Argument[0]", "credential-username", "manual"]
- ["com.jcraft.jsch", "JSch", True, "addIdentity", "(String,byte[],byte[],byte[])", "", "Argument[1]", "crypto-parameter", "manual"]
- ["com.jcraft.jsch", "JSch", True, "addIdentity", "(String,byte[],byte[],byte[])", "", "Argument[2]", "crypto-parameter", "manual"]
- ["com.jcraft.jsch", "JSch", True, "addIdentity", "(String,byte[],byte[],byte[])", "", "Argument[3]", "credential-password", "manual"]
- ["com.jcraft.jsch", "JSch", True, "addIdentity", "(String,String)", "", "Argument[0]", "crypto-parameter", "manual"]
- ["com.jcraft.jsch", "JSch", True, "addIdentity", "(String,String)", "", "Argument[1]", "credential-password", "manual"]
- ["com.jcraft.jsch", "JSch", True, "addIdentity", "(String,String,byte[])", "", "Argument[0]", "crypto-parameter", "manual"]
- ["com.jcraft.jsch", "JSch", True, "addIdentity", "(String,String,byte[])", "", "Argument[1]", "crypto-parameter", "manual"]
- ["com.jcraft.jsch", "JSch", True, "addIdentity", "(String,String,byte[])", "", "Argument[2]", "credential-password", "manual"]
- ["com.jcraft.jsch", "JSch", True, "getSession", "(String,String,int)", "", "Argument[1]", "request-forgery", "ai-manual"]
- ["com.jcraft.jsch", "JSch", False, "getSession", "(String,String)", "", "Argument[0]", "credential-other", "manual"]
- ["com.jcraft.jsch", "JSch", False, "getSession", "(String,String,int)", "", "Argument[0]", "credential-other", "manual"]
- ["com.jcraft.jsch", "Session", False, "setPassword", "(String)", "", "Argument[0]", "credential-other", "manual"]
- ["com.jcraft.jsch", "Session", False, "setPassword", "(byte[])", "", "Argument[0]", "credential-other", "manual"]
- ["com.jcraft.jsch", "JSch", True, "getSession", "(String,String)", "", "Argument[0]", "credential-username", "manual"]
- ["com.jcraft.jsch", "JSch", True, "getSession", "(String,String,int)", "", "Argument[0]", "credential-username", "manual"]
- ["com.jcraft.jsch", "Session", False, "setPassword", "(String)", "", "Argument[0]", "credential-password", "manual"]
- ["com.jcraft.jsch", "Session", False, "setPassword", "(byte[])", "", "Argument[0]", "credential-password", "manual"]
- addsTo:
pack: codeql/java-all
extensible: summaryModel
Expand Down
8 changes: 4 additions & 4 deletions java/ql/lib/ext/com.microsoft.sqlserver.jdbc.model.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ extensions:
pack: codeql/java-all
extensible: sinkModel
data:
- ["com.microsoft.sqlserver.jdbc", "SQLServerDataSource", False, "getConnection", "(String,String)", "", "Argument[0]", "credential-other", "manual"]
- ["com.microsoft.sqlserver.jdbc", "SQLServerDataSource", False, "getConnection", "(String,String)", "", "Argument[1]", "credential-other", "manual"]
- ["com.microsoft.sqlserver.jdbc", "SQLServerDataSource", False, "setPassword", "(String)", "", "Argument[0]", "credential-other", "manual"]
- ["com.microsoft.sqlserver.jdbc", "SQLServerDataSource", False, "setUser", "(String)", "", "Argument[0]", "credential-other", "manual"]
- ["com.microsoft.sqlserver.jdbc", "SQLServerDataSource", False, "getConnection", "(String,String)", "", "Argument[0]", "credential-username", "manual"]
- ["com.microsoft.sqlserver.jdbc", "SQLServerDataSource", False, "getConnection", "(String,String)", "", "Argument[1]", "credential-password", "manual"]
- ["com.microsoft.sqlserver.jdbc", "SQLServerDataSource", False, "setPassword", "(String)", "", "Argument[0]", "credential-password", "manual"]
- ["com.microsoft.sqlserver.jdbc", "SQLServerDataSource", False, "setUser", "(String)", "", "Argument[0]", "credential-username", "manual"]
6 changes: 3 additions & 3 deletions java/ql/lib/ext/com.sshtools.j2ssh.authentication.model.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,6 @@ extensions:
pack: codeql/java-all
extensible: sinkModel
data:
- ["com.sshtools.j2ssh.authentication", "PasswordAuthenticationClient", False, "setPassword", "(String)", "", "Argument[0]", "credential-other", "manual"]
- ["com.sshtools.j2ssh.authentication", "PasswordAuthenticationClient", False, "setUsername", "(String)", "", "Argument[0]", "credential-other", "manual"]
- ["com.sshtools.j2ssh.authentication", "SshAuthenticationClient", False, "setUsername", "(String)", "", "Argument[0]", "credential-other", "manual"]
- ["com.sshtools.j2ssh.authentication", "PasswordAuthenticationClient", False, "setPassword", "(String)", "", "Argument[0]", "credential-password", "manual"]
- ["com.sshtools.j2ssh.authentication", "PasswordAuthenticationClient", True, "setUsername", "(String)", "", "Argument[0]", "credential-username", "manual"]
- ["com.sshtools.j2ssh.authentication", "SshAuthenticationClient", True, "setUsername", "(String)", "", "Argument[0]", "credential-username", "manual"]
29 changes: 16 additions & 13 deletions java/ql/lib/ext/com.trilead.ssh2.model.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,16 +3,19 @@ extensions:
pack: codeql/java-all
extensible: sinkModel
data:
- ["com.trilead.ssh2", "Connection", False, "authenticateWithDSA", "(String,String,String)", "", "Argument[0]", "credential-other", "manual"]
- ["com.trilead.ssh2", "Connection", False, "authenticateWithDSA", "(String,String,String)", "", "Argument[1]", "credential-other", "manual"]
- ["com.trilead.ssh2", "Connection", False, "authenticateWithDSA", "(String,String,String)", "", "Argument[2]", "credential-other", "manual"]
- ["com.trilead.ssh2", "Connection", False, "authenticateWithNone", "(String)", "", "Argument[0]", "credential-other", "manual"]
- ["com.trilead.ssh2", "Connection", False, "authenticateWithPassword", "(String,String)", "", "Argument[0]", "credential-other", "manual"]
- ["com.trilead.ssh2", "Connection", False, "authenticateWithPassword", "(String,String)", "", "Argument[1]", "credential-other", "manual"]
- ["com.trilead.ssh2", "Connection", False, "authenticateWithPublicKey", "(String,File,String)", "", "Argument[0]", "credential-other", "manual"]
- ["com.trilead.ssh2", "Connection", False, "authenticateWithPublicKey", "(String,File,String)", "", "Argument[2]", "credential-other", "manual"]
- ["com.trilead.ssh2", "Connection", False, "authenticateWithPublicKey", "(String,char[],String)", "", "Argument[0]", "credential-other", "manual"]
- ["com.trilead.ssh2", "Connection", False, "authenticateWithPublicKey", "(String,char[],String)", "", "Argument[1]", "credential-other", "manual"]
- ["com.trilead.ssh2", "Connection", False, "authenticateWithPublicKey", "(String,char[],String)", "", "Argument[2]", "credential-other", "manual"]
- ["com.trilead.ssh2", "Connection", False, "getRemainingAuthMethods", "(String)", "", "Argument[0]", "credential-other", "manual"]
- ["com.trilead.ssh2", "Connection", False, "isAuthMethodAvailable", "(String,String)", "", "Argument[0]", "credential-other", "manual"]
- ["com.trilead.ssh2", "Connection", False, "authenticateWithAgent", "", "", "Argument[0]", "credential-username", "manual"]
- ["com.trilead.ssh2", "Connection", False, "authenticateWithDSA", "(String,String,String)", "", "Argument[0]", "credential-username", "manual"]
- ["com.trilead.ssh2", "Connection", False, "authenticateWithDSA", "(String,String,String)", "", "Argument[1]", "crypto-parameter", "manual"]
- ["com.trilead.ssh2", "Connection", False, "authenticateWithDSA", "(String,String,String)", "", "Argument[2]", "credential-password", "manual"]
- ["com.trilead.ssh2", "Connection", False, "authenticateWithKeyboardInteractive", "", "", "Argument[0]", "credential-username", "manual"]
- ["com.trilead.ssh2", "Connection", False, "authenticateWithNone", "(String)", "", "Argument[0]", "credential-username", "manual"]
- ["com.trilead.ssh2", "Connection", False, "authenticateWithPassword", "(String,String)", "", "Argument[0]", "credential-username", "manual"]
- ["com.trilead.ssh2", "Connection", False, "authenticateWithPassword", "(String,String)", "", "Argument[1]", "credential-password", "manual"]
- ["com.trilead.ssh2", "Connection", False, "authenticateWithPublicKey", "", "", "Argument[0]", "credential-username", "manual"]
- ["com.trilead.ssh2", "Connection", False, "authenticateWithPublicKey", "(String,String)", "", "Argument[1]", "credential-password", "manual"]
- ["com.trilead.ssh2", "Connection", False, "authenticateWithPublicKey", "(String,char[],String)", "", "Argument[1]", "crypto-parameter", "manual"]
- ["com.trilead.ssh2", "Connection", False, "authenticateWithPublicKey", "(String,File,String)", "", "Argument[1]", "crypto-parameter", "manual"]
- ["com.trilead.ssh2", "Connection", False, "authenticateWithPublicKey", "(String,char[],String)", "", "Argument[2]", "credential-password", "manual"]
- ["com.trilead.ssh2", "Connection", False, "authenticateWithPublicKey", "(String,File,String)", "", "Argument[2]", "credential-password", "manual"]
- ["com.trilead.ssh2", "Connection", False, "getRemainingAuthMethods", "(String)", "", "Argument[0]", "credential-username", "manual"]
- ["com.trilead.ssh2", "Connection", False, "isAuthMethodAvailable", "(String,String)", "", "Argument[0]", "credential-username", "manual"]
4 changes: 2 additions & 2 deletions java/ql/lib/ext/javax.crypto.spec.model.yml
Original file line number Diff line number Diff line change
Expand Up @@ -15,5 +15,5 @@ extensions:
- ["javax.crypto.spec", "DESedeKeySpec", False, "isParityAdjusted", "(byte[],int)", "", "Argument[0]", "crypto-parameter", "manual"]
- ["javax.crypto.spec", "SecretKeySpec", False, "SecretKeySpec", "(byte[],String)", "", "Argument[0]", "crypto-parameter", "manual"]
- ["javax.crypto.spec", "SecretKeySpec", False, "SecretKeySpec", "(byte[],int,int,String)", "", "Argument[0]", "crypto-parameter", "manual"]
- ["javax.crypto.spec", "IvParameterSpec", False, "IvParameterSpec", "(byte[])", "", "Argument[0]", "credential-other", "manual"]
- ["javax.crypto.spec", "IvParameterSpec", False, "IvParameterSpec", "(byte[],int,int)", "", "Argument[0]", "credential-other", "manual"]
- ["javax.crypto.spec", "IvParameterSpec", False, "IvParameterSpec", "(byte[])", "", "Argument[0]", "crypto-parameter", "manual"]
- ["javax.crypto.spec", "IvParameterSpec", False, "IvParameterSpec", "(byte[],int,int)", "", "Argument[0]", "crypto-parameter", "manual"]
11 changes: 7 additions & 4 deletions java/ql/lib/ext/net.schmizz.sshj.model.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,10 @@ extensions:
pack: codeql/java-all
extensible: sinkModel
data:
- ["net.schmizz.sshj", "SSHClient", False, "authPassword", "(String,String)", "", "Argument[0]", "credential-other", "manual"]
- ["net.schmizz.sshj", "SSHClient", False, "authPassword", "(String,String)", "", "Argument[1]", "credential-other", "manual"]
- ["net.schmizz.sshj", "SSHClient", False, "authPassword", "(String,char[])", "", "Argument[0]", "credential-other", "manual"]
- ["net.schmizz.sshj", "SSHClient", False, "authPassword", "(String,char[])", "", "Argument[1]", "credential-other", "manual"]
- ["net.schmizz.sshj", "SSHClient", False, "auth", "", "", "Argument[0]", "credential-usernmame", "manual"]
- ["net.schmizz.sshj", "SSHClient", False, "authPassword", "", "", "Argument[0]", "credential-username", "manual"]
- ["net.schmizz.sshj", "SSHClient", False, "authPassword", "(String,String)", "", "Argument[1]", "credential-password", "manual"]
- ["net.schmizz.sshj", "SSHClient", False, "authPassword", "(String,char[])", "", "Argument[1]", "credential-password", "manual"]
- ["net.schmizz.sshj", "SSHClient", False, "authPublicKey", "", "", "Argument[0]", "credential-username", "manual"]
- ["net.schmizz.sshj", "SSHClient", False, "loadKeys", "", "(String,char[])", "Argument[1]", "credential-password", "manual"]
- ["net.schmizz.sshj", "SSHClient", False, "loadKeys", "", "(String,String)", "Argument[1]", "credential-password", "manual"]
8 changes: 4 additions & 4 deletions java/ql/lib/ext/org.apache.commons.net.ftp.model.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ extensions:
pack: codeql/java-all
extensible: sinkModel
data:
- ["org.apache.commons.net.ftp", "FTPClient", False, "login", "(String,String)", "", "Argument[0]", "credential-other", "manual"]
- ["org.apache.commons.net.ftp", "FTPClient", False, "login", "(String,String)", "", "Argument[1]", "credential-other", "manual"]
- ["org.apache.commons.net.ftp", "FTPClient", False, "login", "(String,String,String)", "", "Argument[0]", "credential-other", "manual"]
- ["org.apache.commons.net.ftp", "FTPClient", False, "login", "(String,String,String)", "", "Argument[1]", "credential-other", "manual"]
- ["org.apache.commons.net.ftp", "FTPClient", False, "login", "(String,String)", "", "Argument[0]", "credential-username", "manual"]
- ["org.apache.commons.net.ftp", "FTPClient", False, "login", "(String,String)", "", "Argument[1]", "credential-password", "manual"]
- ["org.apache.commons.net.ftp", "FTPClient", False, "login", "(String,String,String)", "", "Argument[0]", "credential-username", "manual"]
- ["org.apache.commons.net.ftp", "FTPClient", False, "login", "(String,String,String)", "", "Argument[1]", "credential-password", "manual"]
2 changes: 1 addition & 1 deletion java/ql/lib/ext/org.apache.shiro.mgt.model.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,4 +3,4 @@ extensions:
pack: codeql/java-all
extensible: sinkModel
data:
- ["org.apache.shiro.mgt", "AbstractRememberMeManager", False, "setCipherKey", "(byte[])", "", "Argument[0]", "credential-other", "manual"]
- ["org.apache.shiro.mgt", "AbstractRememberMeManager", False, "setCipherKey", "(byte[])", "", "Argument[0]", "crypto-parameter", "manual"]
14 changes: 11 additions & 3 deletions java/ql/lib/ext/org.apache.sshd.client.session.model.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,14 @@ extensions:
pack: codeql/java-all
extensible: sinkModel
data:
- ["org.apache.sshd.client.session", "AbstractClientSession", False, "addPasswordIdentity", "(String)", "", "Argument[0]", "credential-other", "manual"]
- ["org.apache.sshd.client.session", "ClientSessionCreator", False, "connect", "(String,SocketAddress)", "", "Argument[0]", "credential-other", "manual"]
- ["org.apache.sshd.client.session", "ClientSessionCreator", False, "connect", "(String,String,int)", "", "Argument[0]", "credential-other", "manual"]
- ["org.apache.sshd.client.session", "AbstractClientSession", True, "addPasswordIdentity", "(String)", "", "Argument[0]", "credential-password", "manual"]
- ["org.apache.sshd.client.session", "AbstractClientSession", True, "addPublicKeyIdentity", "", "", "Argument[0]", "crypto-parameter", "manual"]
- ["org.apache.sshd.client.session", "AbstractClientSession", True, "setServerKey", "", "", "Argument[0]", "crypto-parameter", "manual"]
- ["org.apache.sshd.client.session", "ClientSessionCreator", True, "connect", "(String,SocketAddress)", "", "Argument[0]", "credential-username", "manual"]
- ["org.apache.sshd.client.session", "ClientSessionCreator", True, "connect", "(String,SocketAddress,AttributeRepository)", "", "Argument[0]", "credential-username", "manual"]
- ["org.apache.sshd.client.session", "ClientSessionCreator", True, "connect", "(String,SocketAddress,SocketAddress)", "", "Argument[0]", "credential-username", "manual"]
- ["org.apache.sshd.client.session", "ClientSessionCreator", True, "connect", "(String,SocketAddress,AttributeRepository,SocketAddress)", "", "Argument[0]", "credential-username", "manual"]
- ["org.apache.sshd.client.session", "ClientSessionCreator", True, "connect", "(String,String,int)", "", "Argument[0]", "credential-username", "manual"]
- ["org.apache.sshd.client.session", "ClientSessionCreator", True, "connect", "(String,String,int,AttributeRepository)", "", "Argument[0]", "credential-username", "manual"]
- ["org.apache.sshd.client.session", "ClientSessionCreator", True, "connect", "(String,String,int,SocketAddress)", "", "Argument[0]", "credential-username", "manual"]
- ["org.apache.sshd.client.session", "ClientSessionCreator", True, "connect", "(String,String,int,AttributeRepository,SocketAddress)", "", "Argument[0]", "credential-username", "manual"]
Loading

0 comments on commit dccb394

Please sign in to comment.