• Home
• io.codemodder
• core-codemods
• 0.97.3
• source code
• harden-xstream.yaml

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

io.codemodder.codemods.harden-xstream.yaml Maven / Gradle / Ivy

rules:
  - id: harden-xstream
    patterns:
      - pattern: $X = new XStream(...);
      - pattern-not-inside: |
          $RETURNTYPE $METHOD(...) {
            ...
            $X.registerConverter(...);
            ...
          }
      - pattern-not-inside: |
          $RETURNTYPE $METHOD(...) {
            ...
            $X.allowTypes(...);
            ...
          }
      - pattern-not-inside: |
          $RETURNTYPE $METHOD(...) {
            ...
            $X.denyTypes(...);
            ...
          }
      - pattern-not-inside: |
          $RETURNTYPE $METHOD(...) {
            ...
            $X.denyTypesByWildcard(...);
            ...
          }
      - focus-metavariable: $X
    message: Semgrep found a match
    languages:
      - java
    severity: WARNING