fix: sanitize datatype detections

Bearer · Oct 17, 2023 · 242a970 · 242a970
1 parent 00a3779
commit 242a970
Show file tree

Hide file tree

Showing 16 changed files with 145 additions and 54 deletions.
diff --git a/rules/php/lang/cookies.yml b/rules/php/lang/cookies.yml
@@ -1,3 +1,5 @@
+imports:
+  - php_shared_lang_datatype
 patterns:
   - pattern: |
       $<FUNCTION>($<_>, $<DATA_TYPE>$<...>)
@@ -7,7 +9,7 @@ patterns:
           - setcookie
           - setrawcookie
       - variable: DATA_TYPE
-        detection: datatype
+        detection: php_shared_lang_datatype
         scope: result
 languages:
   - php

diff --git a/rules/php/lang/exception.yml b/rules/php/lang/exception.yml
@@ -1,9 +1,11 @@
+imports:
+  - php_shared_lang_datatype
 patterns:
   - pattern: |
       throw $<DATA_TYPE>;
     filters:
       - variable: DATA_TYPE
-        detection: datatype
+        detection: php_shared_lang_datatype
         scope: result
   - pattern: $<FUNCTION>($<DATA_TYPE>)
     filters:
@@ -12,7 +14,7 @@ patterns:
           - die
           - exit
       - variable: DATA_TYPE
-        detection: datatype
+        detection: php_shared_lang_datatype
         scope: result
 languages:
   - php

diff --git a/rules/php/lang/file_generation.yml b/rules/php/lang/file_generation.yml
@@ -1,3 +1,5 @@
+imports:
+  - php_shared_lang_datatype
 languages:
   - php
 patterns:
@@ -10,7 +12,7 @@ patterns:
           - fwrite
           - file_put_contents
       - variable: DATA_TYPE
-        detection: datatype
+        detection: php_shared_lang_datatype
         scope: result
 metadata:
   description: "Sensitive data detected as part of a dynamic file generation."

diff --git a/rules/php/lang/http_url_using_sensitive_data.yml b/rules/php/lang/http_url_using_sensitive_data.yml
@@ -3,6 +3,7 @@ languages:
 imports:
   - php_shared_lang_instance
   - php_shared_lang_http_url
+  - php_shared_lang_datatype
 patterns:
   - pattern: $<HTTP_URL>;
     filters:
@@ -11,7 +12,7 @@ patterns:
         scope: cursor_strict
         filters:
           - variable: URL
-            detection: datatype
+            detection: php_shared_lang_datatype
             scope: result
   - pattern: $<GUZZLE>->$<METHOD>($<_>, $<_>, $<OPTIONS>)
     filters:
@@ -62,7 +63,7 @@ patterns:
       - variable: CLASS
         regex: \A(Http\\Message\\Authentication\\)?QueryParam\z
       - variable: DATA_TYPE
-        detection: datatype
+        detection: php_shared_lang_datatype
         scope: result
   - pattern: $<CLIENT>->setParameterGet($<DATA_TYPE>)
     filters:
@@ -73,7 +74,7 @@ patterns:
           - variable: CLASS
             regex: \A((Laminas|Zend)\\Http\\)?Client\z
       - variable: DATA_TYPE
-        detection: datatype
+        detection: php_shared_lang_datatype
         scope: result
   - pattern: $<QUERY>->$<METHOD>($<...>$<DATA_TYPE>$<...>)
     filters:
@@ -85,15 +86,15 @@ patterns:
           - set
           - offsetSet
       - variable: DATA_TYPE
-        detection: datatype
+        detection: php_shared_lang_datatype
         scope: result
   - pattern: $<QUERY>->$<_> = $<DATA_TYPE>
     filters:
       - variable: QUERY
         detection: php_lang_http_url_using_sensitive_data_laminas_query
         scope: cursor
       - variable: DATA_TYPE
-        detection: datatype
+        detection: php_shared_lang_datatype
         scope: result
   - pattern: $<CLASS>::$<METHOD>($<_>, $<DATA_TYPE>)
     filters:
@@ -104,7 +105,7 @@ patterns:
           - head
           - get
       - variable: DATA_TYPE
-        detection: datatype
+        detection: php_shared_lang_datatype
         scope: result
   - pattern: $<HTTP>->$<METHOD>($<_>, $<DATA_TYPE>)
     filters:
@@ -116,22 +117,22 @@ patterns:
           - head
           - get
       - variable: DATA_TYPE
-        detection: datatype
+        detection: php_shared_lang_datatype
         scope: result
   - pattern: $<CLASS>::withQueryParameters($<DATA_TYPE>)
     filters:
       - variable: CLASS
         regex: \A(Illuminate\\Support\\Facades\\)?Http\z
       - variable: DATA_TYPE
-        detection: datatype
+        detection: php_shared_lang_datatype
         scope: result
   - pattern: $<HTTP>->withQueryParameters($<DATA_TYPE>)
     filters:
       - variable: HTTP
         detection: php_lang_http_url_using_sensitive_data_laravel_http
         scope: cursor
       - variable: DATA_TYPE
-        detection: datatype
+        detection: php_shared_lang_datatype
         scope: result
   - pattern: $<CLASS>::send($<_>, $<_>, $<OPTIONS>)
     filters:
@@ -162,21 +163,21 @@ patterns:
           - addQuery
           - setQuery
       - variable: DATA_TYPE
-        detection: datatype
+        detection: php_shared_lang_datatype
         scope: result
   - pattern: $<CLASS>::request($<_>, $<_>, $<DATA_TYPE>)
     filters:
       - variable: CLASS
         regex: \A(WpOrg\\Requests\\)?Requests\z
       - variable: DATA_TYPE
-        detection: datatype
+        detection: php_shared_lang_datatype
         scope: result
   - pattern: $<CLASS>::request($<_>, $<_>, $<DATA_TYPE>, $<TYPE>$<...>)
     filters:
       - variable: CLASS
         regex: \A(WpOrg\\Requests\\)?Requests\z
       - variable: DATA_TYPE
-        detection: datatype
+        detection: php_shared_lang_datatype
         scope: result
       - variable: TYPE
         detection: php_lang_http_url_using_sensitive_data_requests_type
@@ -206,7 +207,7 @@ patterns:
       - variable: CLASS
         regex: \A(WpOrg\\Requests\\)?Session\z
       - variable: DATA_TYPE
-        detection: datatype
+        detection: php_shared_lang_datatype
         scope: result
   - pattern: $<SESSION>->request($<_>, $<_>, $<DATA_TYPE>)
     filters:
@@ -217,7 +218,7 @@ patterns:
           - variable: CLASS
             regex: \A(WpOrg\\Requests\\)?Session\z
       - variable: DATA_TYPE
-        detection: datatype
+        detection: php_shared_lang_datatype
         scope: result
   - pattern: $<SESSION>->request($<_>, $<_>, $<DATA_TYPE>, $<TYPE>$<...>)
     filters:
@@ -228,7 +229,7 @@ patterns:
           - variable: CLASS
             regex: \A(WpOrg\\Requests\\)?Session\z
       - variable: DATA_TYPE
-        detection: datatype
+        detection: php_shared_lang_datatype
         scope: result
       - variable: TYPE
         detection: php_lang_http_url_using_sensitive_data_requests_type
@@ -273,7 +274,7 @@ patterns:
           - put
           - delete
       - variable: DATA_TYPE
-        detection: datatype
+        detection: php_shared_lang_datatype
         scope: result
   # symfony
   - pattern: $<_>->request($<_>, $<_>, $<OPTIONS>$<...>)
@@ -286,15 +287,15 @@ patterns:
       - variable: CLASS
         regex: \A(Unirest\\)?Request\z
       - variable: DATA_TYPE
-        detection: datatype
+        detection: php_shared_lang_datatype
         scope: result
   - pattern: |
       $<CLASS>::get(parameters: $<DATA_TYPE>)
     filters:
       - variable: CLASS
         regex: \A(Unirest\\)?Request\z
       - variable: DATA_TYPE
-        detection: datatype
+        detection: php_shared_lang_datatype
         scope: result
   - pattern: $<CLASS>::send($<TYPE>, $<_>, $<_>, $<DATA_TYPE>$<...>)
     filters:
@@ -303,7 +304,7 @@ patterns:
       - variable: CLASS
         regex: \A(Unirest\\)?Request\z
       - variable: DATA_TYPE
-        detection: datatype
+        detection: php_shared_lang_datatype
         scope: result
   - pattern: $<SEND>;
     filters:
@@ -319,7 +320,7 @@ auxiliary:
       - pattern: array('query' => $<DATA_TYPE>)
         filters:
           - variable: DATA_TYPE
-            detection: datatype
+            detection: php_shared_lang_datatype
             scope: result
   - id: php_lang_http_url_using_sensitive_data_laminas_query
     patterns:
@@ -373,7 +374,7 @@ auxiliary:
       - pattern: array('data' => $<DATA_TYPE>)
         filters:
           - variable: DATA_TYPE
-            detection: datatype
+            detection: php_shared_lang_datatype
             scope: result
   - id: php_lang_http_url_using_sensitive_data_requests_options_type
     patterns:
@@ -393,7 +394,7 @@ auxiliary:
           - variable: CLASS
             regex: \A(WpOrg\\Requests\\)?Requests\z
           - variable: DATA_TYPE
-            detection: datatype
+            detection: php_shared_lang_datatype
             scope: result
   - id: php_lang_http_url_using_sensitive_data_requests_request_type
     patterns:
@@ -419,7 +420,7 @@ auxiliary:
               - variable: CLASS
                 regex: \A(WpOrg\\Requests\\)?Session\z
           - variable: DATA_TYPE
-            detection: datatype
+            detection: php_shared_lang_datatype
             scope: result
   - id: php_lang_http_url_using_sensitive_data_requests_session_request_type
     patterns:
@@ -441,7 +442,7 @@ auxiliary:
           - variable: CLASS
             regex: \A(Unirest\\)?Request\z
           - variable: DATA_TYPE
-            detection: datatype
+            detection: php_shared_lang_datatype
             scope: result
   - id: php_lang_http_url_using_sensitive_data_unirest_send_type
     patterns:

diff --git a/rules/php/lang/jwt.yml b/rules/php/lang/jwt.yml
@@ -1,9 +1,11 @@
+imports:
+  - php_shared_lang_datatype
 patterns:
   - pattern: |
       JWT::encode($<DATA_TYPE>$<...>)
     filters:
       - variable: DATA_TYPE
-        detection: datatype
+        detection: php_shared_lang_datatype
         scope: result
 languages:
   - php

diff --git a/rules/php/lang/logger.yml b/rules/php/lang/logger.yml
@@ -1,9 +1,11 @@
+imports:
+  - php_shared_lang_datatype
 patterns:
   - pattern: |
       error_log($<...>$<DATA_TYPE>$<...>)
     filters:
       - variable: DATA_TYPE
-        detection: datatype
+        detection: php_shared_lang_datatype
         scope: result
 languages:
   - php

diff --git a/rules/php/lang/weak_hash_md5.yml b/rules/php/lang/weak_hash_md5.yml
@@ -1,17 +1,19 @@
+imports:
+  - php_shared_lang_datatype
 patterns:
   - pattern: |
       md5($<DATA_TYPE>$<...>)
     filters:
       - variable: DATA_TYPE
-        detection: datatype
+        detection: php_shared_lang_datatype
         scope: result
   - pattern: |
       hash($<ALGORITHM>, $<DATA_TYPE>$<...>)
     filters:
       - variable: ALGORITHM
         detection: php_lang_weak_hash_md5_algo
       - variable: DATA_TYPE
-        detection: datatype
+        detection: php_shared_lang_datatype
         scope: result
 auxiliary:
   - id: php_lang_weak_hash_md5_algo

diff --git a/rules/php/lang/weak_hash_sha1.yml b/rules/php/lang/weak_hash_sha1.yml
@@ -1,17 +1,19 @@
+imports:
+  - php_shared_lang_datatype
 patterns:
   - pattern: |
       sha1($<DATA_TYPE>$<...>)
     filters:
       - variable: DATA_TYPE
-        detection: datatype
+        detection: php_shared_lang_datatype
         scope: result
   - pattern: |
       hash($<ALGORITHM>, $<DATA_TYPE>$<...>)
     filters:
       - variable: ALGORITHM
         detection: php_lang_weak_hash_sha1_algo
       - variable: DATA_TYPE
-        detection: datatype
+        detection: php_shared_lang_datatype
         scope: result
 auxiliary:
   - id: php_lang_weak_hash_sha1_algo

diff --git a/rules/php/lang/weak_password_hash_md5.yml b/rules/php/lang/weak_password_hash_md5.yml
@@ -1,17 +1,19 @@
+imports:
+  - php_shared_lang_datatype
 patterns:
   - pattern: |
       md5($<PASSWORD>$<...>)
     filters:
       - variable: PASSWORD
-        detection: datatype
+        detection: php_shared_lang_datatype
         scope: result
   - pattern: |
       hash($<ALGORITHM>, $<PASSWORD>$<...>)
     filters:
       - variable: ALGORITHM
         detection: php_lang_weak_password_hash_md5_algo
       - variable: PASSWORD
-        detection: datatype
+        detection: php_shared_lang_datatype
         scope: result
 auxiliary:
   - id: php_lang_weak_password_hash_md5_algo

diff --git a/rules/php/lang/weak_password_hash_sha1.yml b/rules/php/lang/weak_password_hash_sha1.yml
@@ -1,17 +1,19 @@
+imports:
+  - php_shared_lang_datatype
 patterns:
   - pattern: |
       sha1($<PASSWORD>$<...>)
     filters:
       - variable: PASSWORD
-        detection: datatype
+        detection: php_shared_lang_datatype
         scope: result
   - pattern: |
       hash($<ALGO>, $<PASSWORD>$<...>)
     filters:
       - variable: ALGO
         detection: php_lang_weak_password_hash_sha1_algo
       - variable: PASSWORD
-        detection: datatype
+        detection: php_shared_lang_datatype
         scope: result
 auxiliary:
   - id: php_lang_weak_password_hash_sha1_algo