Skip to content

Commit 34b606f

Browse files
NapalysNapalys
committed
Unified aws-db modeling into singular file
1 parent 2ca5d81 commit 34b606f

File tree

5 files changed

+50
-121
lines changed

5 files changed

+50
-121
lines changed

javascript/ql/lib/ext/athena.model.yml

Lines changed: 0 additions & 29 deletions
This file was deleted.

javascript/ql/lib/ext/aws-sdk.model.yml

Lines changed: 50 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,53 @@ extensions:
33
pack: codeql/javascript-all
44
extensible: sinkModel
55
data:
6-
- ["aws-sdk", "AnyMember.Argument[0].Member[secretAccessKey,accessKeyId]", "credentials-key"]
7-
- ["aws-sdk", "AnyMember.Member[secretAccessKey,accessKeyId]", "credentials-key"]
8-
- ["aws-sdk", "Member[Credentials].Argument[0,1]", "credentials-key"]
6+
- ["aws-sdk", "AnyMember.Argument[0].Member[secretAccessKey,accessKeyId]", "credentials-key"]
7+
- ["aws-sdk", "AnyMember.Member[secretAccessKey,accessKeyId]", "credentials-key"]
8+
- ["aws-sdk", "Member[Credentials].Argument[0,1]", "credentials-key"]
9+
- ["AWS-V3-Common", "ReturnValue.Member[send].Argument[0]", "sql-injection"]
10+
- ["AthenaClientV2", "ReturnValue.Member[startQueryExecution,createNamedQuery,updateNamedQuery].Argument[0].Member[QueryString]", "sql-injection"]
11+
- ["S3ClientV2", "ReturnValue.Member[selectObjectContent].Argument[0].Member[Expression]", "sql-injection"]
12+
- ["RDSDataClientV2", "ReturnValue.Member[executeStatement,batchExecuteStatement].Argument[0].Member[sql]", "sql-injection"]
13+
- ["RDSDataClientV2", "ReturnValue.Member[batchExecuteStatement].Argument[0].Member[parameterSets].ArrayElement.Member[sql]", "sql-injection"]
14+
- ["DynamoDBClientV2", "ReturnValue.Member[executeStatement].Argument[0].Member[Statement]", "sql-injection"]
15+
- ["DynamoDBClientV2", "ReturnValue.Member[batchExecuteStatement].Argument[0].Member[Statements].ArrayElement.Member[Statement]", "sql-injection"]
16+
- addsTo:
17+
pack: codeql/javascript-all
18+
extensible: summaryModel
19+
data:
20+
- ["@aws-sdk/client-athena", "Member[StartQueryExecutionCommand,CreateNamedQueryCommand,UpdateNamedQueryCommand]", "Argument[0].Member[QueryString]", "ReturnValue", "taint"]
21+
- ["@aws-sdk/client-s3", "Member[SelectObjectContentCommand]", "Argument[0].Member[Expression]", "ReturnValue", "taint"]
22+
- ["@aws-sdk/client-rds-data", "Member[ExecuteStatementCommand,BatchExecuteStatementCommand]", "Argument[0].Member[sql]", "ReturnValue", "taint"]
23+
- ["@aws-sdk/client-rds-data", "Member[BatchExecuteStatementCommand]", "Argument[0].Member[parameterSets].ArrayElement.Member[sql]", "ReturnValue", "taint"]
24+
- ["@aws-sdk/client-rds-data", "Member[ExecuteSqlCommand]", "Argument[0].Member[sqlStatements]", "ReturnValue", "taint"]
25+
- ["@aws-sdk/client-dynamodb", "Member[ExecuteStatementCommand]", "Argument[0].Member[Statement]", "ReturnValue", "taint"]
26+
- ["@aws-sdk/client-dynamodb", "Member[BatchExecuteStatementCommand]", "Argument[0].Member[Statements].ArrayElement.Member[Statement]", "ReturnValue", "taint"]
27+
- addsTo:
28+
pack: codeql/javascript-all
29+
extensible: typeModel
30+
data:
31+
- ["AthenaClientV3", "@aws-sdk/client-athena", "Member[AthenaClient]"]
32+
- ["AthenaClientV2", "aws-sdk", "Member[Athena]"]
33+
- ["S3ClientV3", "@aws-sdk/client-s3", "Member[S3Client]"]
34+
- ["S3ClientV2", "aws-sdk", "Member[S3]"]
35+
- ["RDSDataClientV3", "@aws-sdk/client-rds-data", "Member[RDSDataClient]"]
36+
- ["RDSDataClientV2", "aws-sdk", "Member[RDSDataService]"]
37+
- ["DynamoDBClientV3", "@aws-sdk/client-dynamodb", "Member[DynamoDBClient,DynamoDB]"]
38+
- ["DynamoDBClientV2", "aws-sdk", "Member[DynamoDB]"]
39+
- ["AWS-V3-Common", "AthenaClientV3", ""]
40+
- ["AWS-V3-Common", "S3ClientV3", ""]
41+
- ["AWS-V3-Common", "DynamoDBClientV3", ""]
42+
- ["AWS-V3-Common", "RDSDataClientV3", ""]
43+
- addsTo:
44+
pack: codeql/javascript-all
45+
extensible: sourceModel
46+
data:
47+
- ["AWS-V3-Common", "ReturnValue.Member[send].ReturnValue.Awaited", "database-access-result"]
48+
- ["AthenaClientV2", "ReturnValue.Member[getQueryResults].ReturnValue.Member[promise].ReturnValue.Awaited", "database-access-result"]
49+
- ["AthenaClientV2", "ReturnValue.Member[getQueryResults].Argument[1].Parameter[1]", "database-access-result"]
50+
- ["S3ClientV2", "ReturnValue.Member[getObject].ReturnValue.Member[promise].ReturnValue.Awaited", "database-access-result"]
51+
- ["S3ClientV2", "ReturnValue.Member[getObject].Argument[1].Parameter[1]", "database-access-result"]
52+
- ["RDSDataClientV2", "ReturnValue.Member[executeStatement,batchExecuteStatement].ReturnValue.Member[promise].ReturnValue.Awaited", "database-access-result"]
53+
- ["RDSDataClientV2", "ReturnValue.Member[executeStatement,batchExecuteStatement].Argument[1].Parameter[1]", "database-access-result"]
54+
- ["DynamoDBClientV2", "ReturnValue.Member[executeStatement,batchExecuteStatement,query,scan,getItem,batchGetItem].ReturnValue.Member[promise].ReturnValue.Awaited", "database-access-result"]
55+
- ["DynamoDBClientV2", "ReturnValue.Member[executeStatement,batchExecuteStatement,query,scan,getItem,batchGetItem].Argument[1].Parameter[1]", "database-access-result"]

javascript/ql/lib/ext/client-s3.model.yml

Lines changed: 0 additions & 28 deletions
This file was deleted.

javascript/ql/lib/ext/dynamodb.model.yml

Lines changed: 0 additions & 30 deletions
This file was deleted.

javascript/ql/lib/ext/rds-client.model.yml

Lines changed: 0 additions & 31 deletions
This file was deleted.

0 commit comments

Comments
 (0)