apunkt/nyx
1
0
Fork 0
mirror of https://github.com/elicpeter/nyx.git synced 2026-06-24 20:28:06 +02:00
Code Issues Projects Releases Packages Wiki Activity

new capacity bits (#67)

Browse source
This commit is contained in:
Eli Peter 2026-05-07 01:29:31 -04:00 committed by GitHub
parent afaffc0df6
commit 7d0e7320e2
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
261 changed files with 10591 additions and 231 deletions
Download patch file Download diff file Expand all files Collapse all files

14
tests/fixtures/ldap_injection/java/BaselineConstantLdap.java vendored Normal file
View file

@ -0,0 +1,14 @@
// Baseline: the filter is a compile-time constant; no taint reaches the sink
// and no LDAP_INJECTION finding fires. Guards the rule against firing on
// safe-by-construction call sites that simply happen to hit a search API.
import javax.naming.directory.DirContext;
import javax.naming.directory.SearchControls;
public class BaselineConstantLdap {
private DirContext ctx;
public Object lookup() throws Exception {
String filter = "(objectClass=person)";
return ctx.search("ou=people,dc=example,dc=com", filter, new SearchControls());
}
}

19
tests/fixtures/ldap_injection/java/SafeLdapSearch.java vendored Normal file
View file

@ -0,0 +1,19 @@
// Safe: the user-supplied substring is run through Spring LDAP's
// LdapEncoder.filterEncode (RFC 4515 escape) before being assembled into the
// filter. The Sanitizer(LDAP_INJECTION) clears the cap and the sink does not
// fire.
import javax.naming.directory.DirContext;
import javax.naming.directory.SearchControls;
import javax.servlet.http.HttpServletRequest;
import org.springframework.ldap.support.LdapEncoder;
public class SafeLdapSearch {
private DirContext ctx;
public Object lookup(HttpServletRequest req) throws Exception {
String user = req.getParameter("user");
String safe = LdapEncoder.filterEncode(user);
String filter = "(uid=" + safe + ")";
return ctx.search("ou=people,dc=example,dc=com", filter, new SearchControls());
}
}

17
tests/fixtures/ldap_injection/java/UnsafeLdapSearch.java vendored Normal file
View file

@ -0,0 +1,17 @@
// Unsafe: attacker-controlled username concatenated into an LDAP filter passed
// to DirContext.search. The receiver `ctx` carries TypeKind::LdapClient via
// the declared `DirContext` type so type-qualified resolution rewrites the
// callee to `LdapClient.search` and the LDAP_INJECTION sink fires.
import javax.naming.directory.DirContext;
import javax.naming.directory.SearchControls;
import javax.servlet.http.HttpServletRequest;
public class UnsafeLdapSearch {
private DirContext ctx;
public Object lookup(HttpServletRequest req) throws Exception {
String user = req.getParameter("user");
String filter = "(uid=" + user + ")";
return ctx.search("ou=people,dc=example,dc=com", filter, new SearchControls());
}
}