hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-02 20:25:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Python: TarSlip sanitizer: handle not

Browse Source
This commit is contained in:
Rasmus Wriedt Larsen
2020-02-20 16:27:54 +01:00
parent 3c317ed0e6
commit 1029f04e76
3 changed files with 11 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
python/ql/test/query-tests/Security/CWE-022/TarSlip.expected
View File

@@ -21,16 +21,9 @@ edges
| tarslip.py:57:1:57:17 | tarfile.entry | tarslip.py:59:21:59:25 | tarfile.entry |
| tarslip.py:57:14:57:16 | tarfile.open | tarslip.py:57:1:57:17 | tarfile.entry |
| tarslip.py:57:14:57:16 | tarfile.open | tarslip.py:57:1:57:17 | tarfile.entry |
| tarslip.py:63:7:63:39 | tarfile.open | tarslip.py:64:14:64:16 | tarfile.open |
| tarslip.py:63:7:63:39 | tarfile.open | tarslip.py:64:14:64:16 | tarfile.open |
| tarslip.py:64:1:64:17 | tarfile.entry | tarslip.py:68:21:68:25 | tarfile.entry |
| tarslip.py:64:1:64:17 | tarfile.entry | tarslip.py:68:21:68:25 | tarfile.entry |
| tarslip.py:64:14:64:16 | tarfile.open | tarslip.py:64:1:64:17 | tarfile.entry |
| tarslip.py:64:14:64:16 | tarfile.open | tarslip.py:64:1:64:17 | tarfile.entry |
#select
| tarslip.py:13:1:13:3 | tar | tarslip.py:12:7:12:39 | tarfile.open | tarslip.py:13:1:13:3 | tarfile.open | Extraction of tarfile from $@ | tarslip.py:12:7:12:39 | Attribute() | a potentially untrusted source |
| tarslip.py:18:17:18:21 | entry | tarslip.py:16:7:16:39 | tarfile.open | tarslip.py:18:17:18:21 | tarfile.entry | Extraction of tarfile from $@ | tarslip.py:16:7:16:39 | Attribute() | a potentially untrusted source |
| tarslip.py:37:17:37:21 | entry | tarslip.py:33:7:33:39 | tarfile.open | tarslip.py:37:17:37:21 | tarfile.entry | Extraction of tarfile from $@ | tarslip.py:33:7:33:39 | Attribute() | a potentially untrusted source |
| tarslip.py:41:24:41:26 | tar | tarslip.py:40:7:40:39 | tarfile.open | tarslip.py:41:24:41:26 | tarfile.open | Extraction of tarfile from $@ | tarslip.py:40:7:40:39 | Attribute() | a potentially untrusted source |
| tarslip.py:59:21:59:25 | entry | tarslip.py:56:7:56:39 | tarfile.open | tarslip.py:59:21:59:25 | tarfile.entry | Extraction of tarfile from $@ | tarslip.py:56:7:56:39 | Attribute() | a potentially untrusted source |
| tarslip.py:68:21:68:25 | entry | tarslip.py:63:7:63:39 | tarfile.open | tarslip.py:68:21:68:25 | tarfile.entry | Extraction of tarfile from $@ | tarslip.py:63:7:63:39 | Attribute() | a potentially untrusted source |

2
python/ql/test/query-tests/Security/CWE-022/tarslip.py
View File

@@ -65,4 +65,4 @@ for entry in tar:
# using `if not (os.path.isabs(entry.name) or ".." in entry.name):`
# would make the sanitizer work, but for the wrong reasons since out library is a bit broken.
if not os.path.isabs(entry.name):
tar.extract(entry, "/tmp/unpack/") # TODO: FP
tar.extract(entry, "/tmp/unpack/")