hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 03:05:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Promoto cookie injection query

Browse Source
This commit is contained in:
Joe Farebrother
2024-07-02 21:57:16 +01:00
parent bf4a202cbd
commit 123214cb2b
3 changed files with 94 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
python/ql/src/Security/CWE-614/CookieInjection.ql Normal file
View File

@@ -0,0 +1,20 @@
/**
* @name Construction of a cookie using user-supplied input.
* @description Constructing cookies from user input may allow an attacker to perform a Cookie Poisoning attack.
* @kind path-problem
* @problem.severity error
* @precision high
* @id py/cookie-injection
* @tags security
* external/cwe/cwe-614
*/
import python
import semmle.python.dataflow.new.DataFlow
import semmle.python.security.dataflow.CookieInjectionQuery
import CookieInjectionFlow::PathGraph
from CookieInjectionFlow::PathNode source, CookieInjectionFlow::PathNode sink
where CookieInjectionFlow::flowPath(source, sink)
select sink.getNode(), source, sink, "Cookie is constructed from a $@.", source.getNode(),
"user-supplied input"