From 0a293cf357be62d4e32cc4cf2257f16d078225df Mon Sep 17 00:00:00 2001 From: Chris Smowton Date: Wed, 9 Apr 2025 12:12:35 +0100 Subject: [PATCH 1/3] Add EnumType to SimpleTypeSanitizer --- java/ql/lib/semmle/code/java/security/Sanitizers.qll | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/java/ql/lib/semmle/code/java/security/Sanitizers.qll b/java/ql/lib/semmle/code/java/security/Sanitizers.qll index 6035b068bd04..5340ba344823 100644 --- a/java/ql/lib/semmle/code/java/security/Sanitizers.qll +++ b/java/ql/lib/semmle/code/java/security/Sanitizers.qll @@ -23,6 +23,7 @@ class SimpleTypeSanitizer extends DataFlow::Node { this.getType() .(RefType) .getASourceSupertype*() - .hasQualifiedName("java.time.temporal", "TemporalAccessor") + .hasQualifiedName("java.time.temporal", "TemporalAccessor") or + this.getType() instanceof EnumType } } From f31b49b022637d8c00b8b7fa13d33694c4858813 Mon Sep 17 00:00:00 2001 From: Chris Smowton Date: Wed, 9 Apr 2025 15:41:48 +0100 Subject: [PATCH 2/3] Change note --- java/ql/lib/change-notes/2025-04-09-enum-type-exclusion.md | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 java/ql/lib/change-notes/2025-04-09-enum-type-exclusion.md diff --git a/java/ql/lib/change-notes/2025-04-09-enum-type-exclusion.md b/java/ql/lib/change-notes/2025-04-09-enum-type-exclusion.md new file mode 100644 index 000000000000..9c4e7b574d72 --- /dev/null +++ b/java/ql/lib/change-notes/2025-04-09-enum-type-exclusion.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- +* Enum-typed values are now assumed to be safe by most queries. This means that queries may return less results where an enum value is used in a sensitive context, e.g. pasted into a query string. From 7a8dfdb97157d7efc6c8ab2cf7e18e6fb86bd288 Mon Sep 17 00:00:00 2001 From: Chris Smowton Date: Wed, 9 Apr 2025 15:52:48 +0100 Subject: [PATCH 3/3] Grammar --- java/ql/lib/change-notes/2025-04-09-enum-type-exclusion.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java/ql/lib/change-notes/2025-04-09-enum-type-exclusion.md b/java/ql/lib/change-notes/2025-04-09-enum-type-exclusion.md index 9c4e7b574d72..9b120e84ff7b 100644 --- a/java/ql/lib/change-notes/2025-04-09-enum-type-exclusion.md +++ b/java/ql/lib/change-notes/2025-04-09-enum-type-exclusion.md @@ -1,4 +1,4 @@ --- category: minorAnalysis --- -* Enum-typed values are now assumed to be safe by most queries. This means that queries may return less results where an enum value is used in a sensitive context, e.g. pasted into a query string. +* Enum-typed values are now assumed to be safe by most queries. This means that queries may return fewer results where an enum value is used in a sensitive context, e.g. pasted into a query string.