diff --git a/config/semantics/java.yaml b/config/semantics/java.yaml index 7d63ac59..e37ddc85 100644 --- a/config/semantics/java.yaml +++ b/config/semantics/java.yaml @@ -5,11 +5,21 @@ semantics: - signature: "android.text.TextUtils.isEmpty:boolean(java.lang.String)" - flow: "1->-1" + + - signature: "android.text.TextUtils.isEmpty:(1)" - signature: "org.apache.http.HttpResponse.getStatusLine:org.apache.http.StatusLine()" flow: "0->0" + - signature: "org.apache.http.HttpResponse.getStatusLine:(0)" + flow: "0->0" + - signature: "org.apache.http.StatusLine.getStatusCode:boolean()" - \ No newline at end of file + - signature: "org.apache.http.StatusLine.getStatusCode:(0)" + + - signature: "javax.persistence.Query.setParameter:(2)" + flow: "1->0 2->0" + + - signature: "javax.persistence.EntityManager.find:(2)" + flow: "0->-1 1->-1 2->-1" \ No newline at end of file diff --git a/rules/sinks/leakages/logs/java.yaml b/rules/sinks/leakages/logs/java.yaml index d4cddbe9..1c34fea3 100644 --- a/rules/sinks/leakages/logs/java.yaml +++ b/rules/sinks/leakages/logs/java.yaml @@ -15,7 +15,7 @@ sinks: - id: Leakages.Log.Debug name: Log Debug patterns: - - "(?i)(?:org.slf4j.Logger|org.apache.logging.log4j|org.tinylog.Logger|ch.qos.logback|java.util.logging|timber.log.Timber|android.util.Log).*(debug|log|[.](d|v)[:]).*" + - "(?i)(?:org.slf4j.Logger|org.apache.logging.log4j|org.tinylog.Logger|ch.qos.logback|java.util.logging|timber.log.Timber|android.util.Log).*(debug|log|trace|[.](d|v|t)[:]).*" tags: - id: Leakages.Log.Info diff --git a/rules/sinks/third_parties/sdk/sendgrid/java.yaml b/rules/sinks/third_parties/sdk/sendgrid/java.yaml index 6d050b62..a5663c33 100644 --- a/rules/sinks/third_parties/sdk/sendgrid/java.yaml +++ b/rules/sinks/third_parties/sdk/sendgrid/java.yaml @@ -9,5 +9,5 @@ sinks: domains: - "sendgrid.com" patterns: - - "(?i)(clj-sendgrid|com[.]flozano[.]sendgrid|com[.]sendgrid[.]labs|com[.]sendgrid).*" + - "(?i)(clj-sendgrid|com[.]flozano[.]sendgrid|com[.]sendgrid[.]labs|com[.]sendgrid).*(?]{0,10}(?:address|addr)|(?:pin|zip|postal|metro)[-_\\[<'. ]{0,2}code|(?:delivery|pickup)[^\\s/(;)#|,=!>]{0,10}(?:location|position)|house[^\\s/(;)#|,=!>]{0,2}(?:number|no)|address[-_.]{0,2}line" + - "(?i)(.*(?]{0,10}(?:address|addr)|(?:pin|zip|postal|metro)[-_\\[<'. ]{0,2}code|(?:delivery|pickup)[^\\s/(;)#|,=!>]{0,10}(?:location|position)|house[^\\s/(;)#|,=!>]{0,2}(?:number|no)|address[-_.]{0,2}line]" tags: law: GDPR diff --git a/rules/sources/financial_data.yaml b/rules/sources/financial_data.yaml index fd66f23a..862a90cf 100644 --- a/rules/sources/financial_data.yaml +++ b/rules/sources/financial_data.yaml @@ -36,7 +36,7 @@ sources: isSensitive: False sensitivity: high patterns: - - "(?i).*(virtual[^\\s/(;)#|,=!>]{0,5}payment[^\\s/(;)#|,=!>]{0,5}address|virtual[^\\s/(;)#|,=!>]{0,5}payment|upi[-_\\[<'.]{0,2}id)|(merchant|payee|payment|retailer|dealer|seller|vendor)[-_]{0,1}vpa|vpa[-_]{0,1}id" + - "(?i).*(virtual[^\\s/(;)#|,=!>]{0,5}payment[^\\s/(;)#|,=!>]{0,5}address|virtual[^\\s/(;)#|,=!>]{0,5}payment|upi[-_<'.]{0,2}id)|(merchant|payee|payment|retailer|dealer|seller|vendor)[-_]{0,1}vpa|vpa[-_]{0,1}id" tags: law: GDPR diff --git a/rules/sources/personal_identification.yaml b/rules/sources/personal_identification.yaml index 718555c5..4f9ac323 100644 --- a/rules/sources/personal_identification.yaml +++ b/rules/sources/personal_identification.yaml @@ -15,7 +15,7 @@ sources: isSensitive: False sensitivity: low patterns: - - "(?i).*(?:first|given|full)[^\\s/(;)#|,=!>]{0,5}name" + - "(?i).*((?:first|given)[^\\s/(;)#|,=!>]{0,5}|full)name" tags: law: GDPR