Actions: Add workflow_dispatch and workflow_call input sources for code injection#21660
Open
tspascoal wants to merge 4 commits intogithub:mainfrom
Open
Actions: Add workflow_dispatch and workflow_call input sources for code injection#21660tspascoal wants to merge 4 commits intogithub:mainfrom
tspascoal wants to merge 4 commits intogithub:mainfrom
Conversation
…de injection Model workflow_dispatch string inputs and workflow_call string inputs as remote flow sources. Add a new low-severity CodeInjection query for workflow_call inputs. The low severity CodeInjection query is explicitily added to the security-extended suite
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| @@ -0,0 +1 @@ | |||
| Security/CWE-094/CodeInjectionLow.ql | |||
Contributor
There was a problem hiding this comment.
Pull request overview
This PR extends the Actions code injection analysis to treat workflow_dispatch string inputs as medium-severity sources and introduces a new low-severity query for workflow_call string inputs (with corresponding docs, tests, and suite wiring).
Changes:
- Added new workflow input sources for
workflow_dispatch(string/untyped) andworkflow_call(string) to the taint/source modeling used by code injection analysis. - Split reporting so
workflow_callinput flows are reported as a new low-severity query (actions/code-injection/low), whileworkflow_dispatchinputs are handled by the existing medium-severity query. - Updated documentation, query tests, and explicitly included the low-precision query in the
actions-security-extendedsuite.
Show a summary per file
| File | Description |
|---|---|
| actions/ql/lib/codeql/actions/dataflow/FlowSources.qll | Adds dataflow sources for workflow_dispatch and workflow_call inputs. |
| actions/ql/lib/codeql/actions/security/CodeInjectionQuery.qll | Adjusts severity classification logic and introduces a low-severity predicate for workflow_call. |
| actions/ql/src/Security/CWE-094/CodeInjectionLow.ql | New low-severity code injection query entrypoint. |
| actions/ql/src/Security/CWE-094/CodeInjectionLow.md | New documentation for the low-severity reusable-workflow input variant. |
| actions/ql/src/Security/CWE-094/CodeInjectionMedium.md | Documentation updates covering workflow_dispatch string/untyped inputs. |
| actions/ql/src/codeql-suites/actions-security-extended.qls | Explicitly includes the new low-precision query in security-extended. |
| actions/ql/test/query-tests/Security/CWE-094/CodeInjectionLow.qlref | Adds a query test reference for the new low-severity query. |
| actions/ql/test/query-tests/Security/CWE-094/.github/workflows/workflow_call.yml | Adds a reusable-workflow test case for workflow_call inputs. |
| actions/ql/test/query-tests/Security/CWE-094/.github/workflows/workflow_dispatch.yml | Adds a test case for workflow_dispatch inputs (typed/untyped) and safe patterns. |
| actions/ql/test/query-tests/Security/CWE-094/CodeInjectionLow.expected | New expected results for the low-severity query test. |
| actions/ql/test/query-tests/Security/CWE-094/CodeInjectionMedium.expected | Updates expected results to include workflow_dispatch input flows. |
| actions/ql/test/query-tests/Security/CWE-094/CodeInjectionCritical.expected | Updates expected results (node graph changes due to new sources). |
| actions/ql/test/query-tests/Models/ReusableWorkflowsSources.expected | Updates reusable workflow source modeling test expectations. |
Copilot's findings
- Files reviewed: 12/13 changed files
- Comments generated: 4
Comment on lines
+1
to
+6
| ## Overview | ||
|
|
||
| Using string-typed `workflow_call` inputs in GitHub Actions may lead to code injection in contexts like _run:_ or _script:_. | ||
|
|
||
| Inputs declared as `string` should be treated with caution. Although `workflow_call` can only be triggered by other workflows (not directly by external users), the calling workflow may pass untrusted user input as arguments. Since the reusable workflow author has no control over the callers, these inputs may still originate from untrusted data. | ||
|
|
There was a problem hiding this comment.
This PR adds a new query (actions/code-injection/low) and changes the results/metadata of code injection analysis; per the repository’s change-notes guidance, this should come with an unreleased change note under actions/ql/src/change-notes/ (for example with category newQuery / minorAnalysis).
actions/ql/test/query-tests/Security/CWE-094/.github/workflows/workflow_call.yml
Outdated
Show resolved
Hide resolved
actions/ql/test/query-tests/Security/CWE-094/.github/workflows/workflow_dispatch.yml
Show resolved
Hide resolved
…standing of input constraints
Treat workflow_call and workflow_dispatch inputs independently for code-injection severity classification so mixed-trigger workflows can produce both low and medium alerts. Add a regression test for workflows that define both triggers and update the corresponding expected results.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This pull request introduces improved detection and severity classification of code injection vulnerabilities in GitHub Actions workflows.
Adds
workflow_dispatchstring inputs as a source foractions/code-injection/mediumAdds a new
actions/code-injection/lowforworkflow_callstring inputs, decided to use this as low since we can't see the full source for a final analysis if the input is user defined or not.The
actions/code-injection/lowwas explicitily added to thesecurity-extendedsuite since it doesn't fit the criteria to be automatically added.To evaluate: does it make sense to have
actions/code-injection/lowor remove it and addworkfow_calltoactions/code-injection/medium?Note
Have not updated any changelog
Detection and modeling of workflow inputs:
WorkflowDispatchInputSource(forworkflow_dispatchstring inputs, including those with no explicit type) andWorkflowCallInputSource(forworkflow_callstring inputs), both treated as untrusted in code injection analysis.workflow_callstring inputs as low severity andworkflow_dispatchstring inputs as medium severity code injection risks. [1] [2]Query and documentation updates:
CodeInjectionLow.qland corresponding documentation to detect and explain code injection viaworkflow_callstring inputs, including recommendations and examples. [1] [2]workflow_dispatchstring inputs and to provide better examples and safe usage patterns. [1] [2] [3]Test and suite changes:
workflow_callandworkflow_dispatchinput handling and to verify detection of both vulnerable and safe usage patterns. [1] [2] [3] [4] [5]actions-security-extended.qlssuite to explicitly include the new low-precisionCodeInjectionLow.qlquery.