Package io.codemodder.remediation.jndiinjection

Interface JNDIInjectionRemediator

public interface JNDIInjectionRemediator

Remediates JNDI injection vulnerabilities. It does this by weaving in a check to limit what JNDI resources are available, and users can add more.

Inspiration for this came from logback: https://github.com/qos-ch/logback/blob/979d76f3f2847f1c129bcc6295e69187d02e472c/logback-core/src/main/java/ch/qos/logback/core/util/JNDIUtil.java#L54

Field Summary

Fields

Modifier and Type	Field	Description
static final JNDIInjectionRemediator	DEFAULT	The default JNDI injection remediation strategy.

Method Summary

Modifier and Type	Method	Description
<T> CodemodFileScanningResult	remediateAll(com.github.javaparser.ast.CompilationUnit cu, String path, io.codemodder.codetf.DetectorRule detectorRule, List<T> issuesForFile, Function<T,String> getKey, Function<T,Integer> getStartLine, Function<T,Integer> getEndLine, Function<T,Integer> getStartColumn)	Remediate all JNDI injection vulnerabilities in the given compilation unit.

Field Details

DEFAULT

static final JNDIInjectionRemediator DEFAULT

The default JNDI injection remediation strategy.

Method Details

remediateAll

<T> CodemodFileScanningResult remediateAll(com.github.javaparser.ast.CompilationUnit cu,
 String path,
 io.codemodder.codetf.DetectorRule detectorRule,
 List<T> issuesForFile,
 Function<T,String> getKey,
 Function<T,Integer> getStartLine,
 Function<T,Integer> getEndLine,
 Function<T,Integer> getStartColumn)

Remediate all JNDI injection vulnerabilities in the given compilation unit.