hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-05 13:45:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

Format tests

Browse Source
This commit is contained in:
jorgectf
2021-07-22 19:04:35 +02:00
parent d475d52c76
commit 11f4c1cc8e
2 changed files with 79 additions and 56 deletions
Download Patch File Download Diff File Expand all files Collapse all files

53
python/ql/test/experimental/query-tests/Security/CWE-611/general.py
View File

@@ -1,8 +1,10 @@
from flask import request, Flask
from io import StringIO
import xml.etree, xml.etree.ElementTree
import xml.etree
import xml.etree.ElementTree
import lxml.etree
import xml.dom.minidom, xml.dom.pulldom
import xml.dom.minidom
import xml.dom.pulldom
import xmltodict
'''
@@ -33,38 +35,49 @@ XML Parsing:
xml.dom.(mini|pull)dom.parse(String)
'''
@app.route("/XMLParser-Empty&xml.etree.ElementTree.fromstring")
def test1():
xml_content = request.args['xml_content'] # <?xml version="1.0"?><!DOCTYPE dt [<!ENTITY xxe SYSTEM "file:///etc/passwd">]><test>&xxe;</test>
# <?xml version="1.0"?><!DOCTYPE dt [<!ENTITY xxe SYSTEM "file:///etc/passwd">]><test>&xxe;</test>
xml_content = request.args['xml_content']
parser = lxml.etree.XMLParser()
return xml.etree.ElementTree.fromstring(xml_content, parser=parser).text # 'root...'
parser = lxml.etree.XMLParser()
# 'root...'
return xml.etree.ElementTree.fromstring(xml_content, parser=parser).text
@app.route("/XMLParser-Empty&xml.etree.ElementTree.parse")#!
@app.route("/XMLParser-Empty&xml.etree.ElementTree.parse") # !
def test1():
xml_content = request.args['xml_content'] # <?xml version="1.0"?><!DOCTYPE dt [<!ENTITY xxe SYSTEM "file:///etc/passwd">]><test>&xxe;</test>
# <?xml version="1.0"?><!DOCTYPE dt [<!ENTITY xxe SYSTEM "file:///etc/passwd">]><test>&xxe;</test>
xml_content = request.args['xml_content']
parser = lxml.etree.XMLParser()
# 'jorgectf'
return xml.etree.ElementTree.parse(StringIO(xml_content), parser=parser).getroot().text
parser = lxml.etree.XMLParser()
return xml.etree.ElementTree.parse(StringIO(xml_content), parser=parser).getroot().text # 'jorgectf'
@app.route("/XMLParser-Empty&lxml.etree.fromstring")
def test1():
xml_content = request.args['xml_content'] # <?xml version="1.0"?><!DOCTYPE dt [<!ENTITY xxe SYSTEM "file:///etc/passwd">]><test>&xxe;</test>
# <?xml version="1.0"?><!DOCTYPE dt [<!ENTITY xxe SYSTEM "file:///etc/passwd">]><test>&xxe;</test>
xml_content = request.args['xml_content']
parser = lxml.etree.XMLParser()
return lxml.etree.fromstring(xml_content, parser=parser).text # 'jorgectf'
parser = lxml.etree.XMLParser()
return lxml.etree.fromstring(xml_content, parser=parser).text # 'jorgectf'
@app.route("/XMLParser-Empty&xml.etree.parse")#!
@app.route("/XMLParser-Empty&xml.etree.parse") # !
def test1():
xml_content = request.args['xml_content'] # <?xml version="1.0"?><!DOCTYPE dt [<!ENTITY xxe SYSTEM "file:///etc/passwd">]><test>&xxe;</test>
# <?xml version="1.0"?><!DOCTYPE dt [<!ENTITY xxe SYSTEM "file:///etc/passwd">]><test>&xxe;</test>
xml_content = request.args['xml_content']
parser = lxml.etree.XMLParser()
# 'jorgectf'
return lxml.etree.parse(StringIO(xml_content), parser=parser).getroot().text
parser = lxml.etree.XMLParser()
return lxml.etree.parse(StringIO(xml_content), parser=parser).getroot().text # 'jorgectf'
@app.route("/xmltodict-disable_entities_False")
def test2():
xml_content = request.args['xml_content'] # <?xml version="1.0"?><!DOCTYPE dt [<!ENTITY xxe SYSTEM "file:///etc/passwd">]><test>&xxe;</test>
return xmltodict.parse(xml_content, disable_entities=False)
# <?xml version="1.0"?><!DOCTYPE dt [<!ENTITY xxe SYSTEM "file:///etc/passwd">]><test>&xxe;</test>
xml_content = request.args['xml_content']
return xmltodict.parse(xml_content, disable_entities=False)

82
python/ql/test/experimental/query-tests/Security/CWE-611/xml_sax_make_parser.py
View File

@@ -3,64 +3,74 @@ import xml.sax
# https://docs.python.org/3/library/xml.sax.handler.html#xml.sax.handler.feature_external_ges
class MainHandler(xml.sax.ContentHandler):
def __init__(self):
self._result = []
def __init__(self):
self._result = []
def characters(self, data):
self._result.append(data)
def characters(self, data):
self._result.append(data)
def parse(self, f):
xml.sax.parse(f, self)
return self._result
def parse(self, f):
xml.sax.parse(f, self)
return self._result
# GOOD
@app.route("/MainHandler")
def test1():
xml_content = request.args['xml_content'] # <?xml version="1.0"?><!DOCTYPE dt [<!ENTITY xxe SYSTEM "file:///etc/passwd">]><test>&xxe;</test>
# <?xml version="1.0"?><!DOCTYPE dt [<!ENTITY xxe SYSTEM "file:///etc/passwd">]><test>&xxe;</test>
xml_content = request.args['xml_content']
return MainHandler().parse(StringIO(xml_content))
return MainHandler().parse(StringIO(xml_content))
@app.route("/xml.sax.make_parser()+MainHandler")
def test1():
xml_content = request.args['xml_content'] # <?xml version="1.0"?><!DOCTYPE dt [<!ENTITY xxe SYSTEM "file:///etc/passwd">]><test>&xxe;</test>
# <?xml version="1.0"?><!DOCTYPE dt [<!ENTITY xxe SYSTEM "file:///etc/passwd">]><test>&xxe;</test>
xml_content = request.args['xml_content']
BadHandler = MainHandler()
parser = xml.sax.make_parser()
parser.setContentHandler(BadHandler)
parser.parse(StringIO(xml_content))
return BadHandler._result
BadHandler = MainHandler()
parser = xml.sax.make_parser()
parser.setContentHandler(BadHandler)
parser.parse(StringIO(xml_content))
return BadHandler._result
@app.route("/xml.sax.make_parser()+MainHandler-xml.sax.handler.feature_external_ges_False")
def test1():
xml_content = request.args['xml_content'] # <?xml version="1.0"?><!DOCTYPE dt [<!ENTITY xxe SYSTEM "file:///etc/passwd">]><test>&xxe;</test>
# <?xml version="1.0"?><!DOCTYPE dt [<!ENTITY xxe SYSTEM "file:///etc/passwd">]><test>&xxe;</test>
xml_content = request.args['xml_content']
BadHandler = MainHandler()
parser = xml.sax.make_parser()
parser.setContentHandler(BadHandler)
parser.setFeature(xml.sax.handler.feature_external_ges, False)
parser.parse(StringIO(xml_content))
return BadHandler._result
BadHandler = MainHandler()
parser = xml.sax.make_parser()
parser.setContentHandler(BadHandler)
parser.setFeature(xml.sax.handler.feature_external_ges, False)
parser.parse(StringIO(xml_content))
return BadHandler._result
# BAD
@app.route("/xml.sax.make_parser()+MainHandler-xml.sax.handler.feature_external_ges_True")
def test1():
xml_content = request.args['xml_content'] # <?xml version="1.0"?><!DOCTYPE dt [<!ENTITY xxe SYSTEM "file:///etc/passwd">]><test>&xxe;</test>
# <?xml version="1.0"?><!DOCTYPE dt [<!ENTITY xxe SYSTEM "file:///etc/passwd">]><test>&xxe;</test>
xml_content = request.args['xml_content']
GoodHandler = MainHandler()
parser = xml.sax.make_parser()
parser.setContentHandler(GoodHandler)
parser.setFeature(xml.sax.handler.feature_external_ges, True)
parser.parse(StringIO(xml_content))
return GoodHandler._result
GoodHandler = MainHandler()
parser = xml.sax.make_parser()
parser.setContentHandler(GoodHandler)
parser.setFeature(xml.sax.handler.feature_external_ges, True)
parser.parse(StringIO(xml_content))
return GoodHandler._result
@app.route("/xml.sax.make_parser()+xml.dom.minidom.parse-xml.sax.handler.feature_external_ges_True")
def test1():
xml_content = request.args['xml_content'] # <?xml version="1.0"?><!DOCTYPE dt [<!ENTITY xxe SYSTEM "file:///etc/passwd">]><test>&xxe;</test>
parser = xml.sax.make_parser()
parser.setFeature(xml.sax.handler.feature_external_ges, True)
return xml.dom.minidom.parse(StringIO(xml_content), parser=parser).documentElement.childNodes
# <?xml version="1.0"?><!DOCTYPE dt [<!ENTITY xxe SYSTEM "file:///etc/passwd">]><test>&xxe;</test>
xml_content = request.args['xml_content']
parser = xml.sax.make_parser()
parser.setFeature(xml.sax.handler.feature_external_ges, True)
return xml.dom.minidom.parse(StringIO(xml_content), parser=parser).documentElement.childNodes