From 9d421ffa8de50cfb0b7a8971ae629a7ef973f056 Mon Sep 17 00:00:00 2001 From: Alex Ford Date: Mon, 18 Sep 2023 15:00:26 +0100 Subject: [PATCH] Ruby: configsig rb/improper-ldap-auth --- .../ruby/security/ImproperLdapAuthQuery.qll | 16 +++++++++++++++- .../ldap-improper-auth/ImproperLdapAuth.ql | 6 +++--- 2 files changed, 18 insertions(+), 4 deletions(-) diff --git a/ruby/ql/lib/codeql/ruby/security/ImproperLdapAuthQuery.qll b/ruby/ql/lib/codeql/ruby/security/ImproperLdapAuthQuery.qll index d4f83e3c1a4b..81a85f596c93 100644 --- a/ruby/ql/lib/codeql/ruby/security/ImproperLdapAuthQuery.qll +++ b/ruby/ql/lib/codeql/ruby/security/ImproperLdapAuthQuery.qll @@ -9,8 +9,9 @@ private import ImproperLdapAuthCustomizations::ImproperLdapAuth /** * A taint-tracking configuration for detecting improper LDAP authentication vulnerabilities. + * DEPRECATED: Use `ImproperLdapAuthFlow` instead */ -class Configuration extends TaintTracking::Configuration { +deprecated class Configuration extends TaintTracking::Configuration { Configuration() { this = "ImproperLdapAuth" } override predicate isSource(DataFlow::Node source) { source instanceof Source } @@ -19,3 +20,16 @@ class Configuration extends TaintTracking::Configuration { override predicate isSanitizer(DataFlow::Node node) { node instanceof Sanitizer } } + +private module ImproperLdapAuthConfig implements DataFlow::ConfigSig { + predicate isSource(DataFlow::Node source) { source instanceof Source } + + predicate isSink(DataFlow::Node sink) { sink instanceof Sink } + + predicate isBarrier(DataFlow::Node node) { node instanceof Sanitizer } +} + +/** + * Taint-tracking for detecting improper LDAP authentication vulnerabilities. + */ +module ImproperLdapAuthFlow = TaintTracking::Global; diff --git a/ruby/ql/src/experimental/ldap-improper-auth/ImproperLdapAuth.ql b/ruby/ql/src/experimental/ldap-improper-auth/ImproperLdapAuth.ql index aede346cb47f..f155f4ae2eca 100644 --- a/ruby/ql/src/experimental/ldap-improper-auth/ImproperLdapAuth.ql +++ b/ruby/ql/src/experimental/ldap-improper-auth/ImproperLdapAuth.ql @@ -12,9 +12,9 @@ import codeql.ruby.DataFlow import codeql.ruby.security.ImproperLdapAuthQuery import codeql.ruby.Concepts -import DataFlow::PathGraph +import ImproperLdapAuthFlow::PathGraph -from Configuration config, DataFlow::PathNode source, DataFlow::PathNode sink -where config.hasFlowPath(source, sink) +from ImproperLdapAuthFlow::PathNode source, ImproperLdapAuthFlow::PathNode sink +where ImproperLdapAuthFlow::flowPath(source, sink) select sink.getNode(), source, sink, "This LDAP authencation depends on a $@.", source.getNode(), "user-provided value"