io.codemodder.codemods.harden-xmldecoder-stream.yaml Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of core-codemods Show documentation
Show all versions of core-codemods Show documentation
Codemods for fixing common errors across many Java projects
The newest version!
rules:
- id: harden-xmldecoder-stream
patterns:
- pattern: new XMLDecoder((InputStream $IS), ...)
- pattern-not: new XMLDecoder(XMLDecoderSecurity.hardenStream($ARG), ...)
- pattern-not-inside: |
$RT $METHOD ($ARGS) {
...
$IS = XMLDecoderSecurity.hardenStream(...);
...
}
message: Semgrep found a match
languages:
- java
severity: WARNING