Python: Add test cases for BindToAllInterfaces FNs

Adds test cases from github/codeql#21582 demonstrating false negatives: - Address stored in class attribute (`self.bind_addr`) - `os.environ.get` with insecure default value - `gevent.socket` (alternative socket module)
2026-04-12 02:24:00 +02:00 · 2026-03-26 14:51:59 +00:00
parent 824d004a27
commit 1ecd9e83b8
1 changed files with 32 additions and 0 deletions
--- a/python/ql/test/query-tests/Security/CVE-2018-1281/BindToAllInterfaces_test.py
+++ b/python/ql/test/query-tests/Security/CVE-2018-1281/BindToAllInterfaces_test.py
@@ -24,3 +24,35 @@ s.bind(tup) # $ Alert[py/bind-socket-all-network-interfaces]
 # IPv6
 s = socket.socket(socket.AF_INET6, socket.SOCK_STREAM)
 s.bind(("::", 8080)) # $ Alert[py/bind-socket-all-network-interfaces]
+
+
+# FN cases from https://github.com/github/codeql/issues/21582
+
+# Address stored in a class attribute
+class Server:
+    def __init__(self):
+        self.bind_addr = '0.0.0.0'
+        self.port = 31137
+
+    def start(self):
+        s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
+        s.bind((self.bind_addr, self.port)) # $ MISSING: Alert[py/bind-socket-all-network-interfaces]
+
+server = Server()
+server.start()
+
+# os.environ.get with insecure default
+import os
+host = os.environ.get('APP_HOST', '0.0.0.0')
+s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
+s.bind((host, 8080)) # $ MISSING: Alert[py/bind-socket-all-network-interfaces]
+
+# gevent.socket (alternative socket module)
+from gevent import socket as gsocket
+gs = gsocket.socket(gsocket.AF_INET, gsocket.SOCK_STREAM)
+gs.bind(('0.0.0.0', 31137)) # $ MISSING: Alert[py/bind-socket-all-network-interfaces]
+
+# eventlet.green.socket (another alternative socket module)
+from eventlet.green import socket as esocket
+es = esocket.socket(esocket.AF_INET, esocket.SOCK_STREAM)
+es.bind(('0.0.0.0', 31137)) # $ MISSING: Alert[py/bind-socket-all-network-interfaces]