• Home
• io.codemodder
• core-codemods
• 0.93.1
• source code
• harden-xmlinputfactory.yaml

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

io.codemodder.codemods.harden-xmlinputfactory.yaml Maven / Gradle / Ivy

rules:
  - id: harden-xmlinputfactory
    patterns:
      - pattern-either:
          - pattern: $XMLF = XMLInputFactory.newInstance(...)
          - pattern: $XMLF = XMLInputFactory.newFactory(...)
      - pattern-not-inside: |
          $RT $METHOD ($ARGS) {
            ...
            XMLInputFactorySecurity.hardenFactory($XMLF);
            ...
          }
      - pattern-not-inside: |
          $RT $METHOD ($ARGS) {
            ...
            io.github.pixee.security.XMLInputFactorySecurity.hardenFactory(...);
            ...
          }
      - focus-metavariable: $XMLF
    message: Semgrep found a match
    languages:
      - java
    severity: WARNING