Java : Add query for detecting Log Injection vulenrabilities #265
Comments
porcupineyhairs
added
the
All For One
|
Your submission is now in status SecLab review. For information, the evaluation workflow is the following: |
|
Your submission is now in status CodeQL review. For information, the evaluation workflow is the following: |
|
Your submission is now in status SecLab finalize. For information, the evaluation workflow is the following: |
|
Your submission is now in status Pay. For information, the evaluation workflow is the following: |
|
Created Hackerone report 1135875 for bounty 286576 : [265-1] Java : Add query for detecting Log Injection vulenrabilities |
|
Your submission is now in status Closed. For information, the evaluation workflow is the following: |
This is a continuation of #144.
@dellalibera and I have collaborated on this one.
github/codeql#5099 detects use cases where untrusted input can be passed to logging function. This depending on the circumstances can lead to remote code execution, log manipulation, violation of audit and compliance norms etc.
The following section is copied from #144
Result(s)
The query was able to detect a potential Log Forging (now fixed) in the generator-jhipster project.
This is the PR fixing the potential Log Forging: prevent potential log forging, and here the fixed code.
To test the query, I used the vulnerable version of that file. I created a project using jhipster (Creating an application), and then I run the query on the project already created; the query was able to detect the vulnerability mentioned in the PR (once I created the project, before generating the database, I replaced the fixed code, with its previous version).
There is also a CVE (another project): CVE-2020-4072: Log Forging in generator-jhipster-kotlin, that mentions the equivalent java file of the generator-jhipter project: commit: prevent log forging when doing password reset init request.
The text was updated successfully, but these errors were encountered: