hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-28 18:25:24 +02:00
Code Issues Packages Projects Releases Wiki Activity

Python: Add standard HttpSources tests for BaseHTTPRequestHandler

Browse Source
This commit is contained in:
Rasmus Wriedt Larsen
2020-04-22 17:28:49 +02:00
parent 51a9094064
commit 22096c36b9
2 changed files with 43 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
python/ql/test/library-tests/web/stdlib/HttpSources.expected Normal file
View File

@@ -0,0 +1,34 @@
| test.py:18:13:18:16 | self | BaseHTTPRequestHandlerKind |
| test.py:20:13:20:16 | self | BaseHTTPRequestHandlerKind |
| test.py:22:13:22:16 | self | BaseHTTPRequestHandlerKind |
| test.py:24:13:24:16 | self | BaseHTTPRequestHandlerKind |
| test.py:25:13:25:16 | self | BaseHTTPRequestHandlerKind |
| test.py:26:13:26:16 | self | BaseHTTPRequestHandlerKind |
| test.py:27:13:27:16 | self | BaseHTTPRequestHandlerKind |
| test.py:28:13:28:16 | self | BaseHTTPRequestHandlerKind |
| test.py:29:13:29:16 | self | BaseHTTPRequestHandlerKind |
| test.py:30:13:30:16 | self | BaseHTTPRequestHandlerKind |
| test.py:31:13:31:16 | self | BaseHTTPRequestHandlerKind |
| test.py:32:13:32:16 | self | BaseHTTPRequestHandlerKind |
| test.py:33:17:33:20 | self | BaseHTTPRequestHandlerKind |
| test.py:34:19:34:22 | self | BaseHTTPRequestHandlerKind |
| test.py:36:13:36:16 | self | BaseHTTPRequestHandlerKind |
| test.py:37:13:37:16 | self | BaseHTTPRequestHandlerKind |
| test.py:40:16:44:9 | Attribute() | CgiFieldStorageFormKind |
| test.py:41:13:41:16 | self | BaseHTTPRequestHandlerKind |
| test.py:42:13:42:16 | self | BaseHTTPRequestHandlerKind |
| test.py:43:64:43:67 | self | BaseHTTPRequestHandlerKind |
| test.py:69:9:69:12 | self | BaseHTTPRequestHandlerKind |
| test.py:70:9:70:12 | self | BaseHTTPRequestHandlerKind |
| test.py:71:9:71:12 | self | BaseHTTPRequestHandlerKind |
| test.py:72:9:72:12 | self | BaseHTTPRequestHandlerKind |
| test.py:73:9:73:12 | self | BaseHTTPRequestHandlerKind |
| test.py:74:15:74:18 | self | BaseHTTPRequestHandlerKind |
| test.py:78:16:82:9 | Attribute() | CgiFieldStorageFormKind |
| test.py:79:13:79:16 | self | BaseHTTPRequestHandlerKind |
| test.py:80:13:80:16 | self | BaseHTTPRequestHandlerKind |
| test.py:81:64:81:67 | self | BaseHTTPRequestHandlerKind |
| test.py:85:13:85:16 | self | BaseHTTPRequestHandlerKind |
| test.py:86:13:86:16 | self | BaseHTTPRequestHandlerKind |
| test.py:96:9:96:12 | self | BaseHTTPRequestHandlerKind |
| test.py:97:9:97:12 | self | BaseHTTPRequestHandlerKind |

9
python/ql/test/library-tests/web/stdlib/HttpSources.ql Normal file
View File

@@ -0,0 +1,9 @@
import python
import semmle.python.web.HttpRequest
import semmle.python.security.strings.Untrusted
from HttpRequestTaintSource source, TaintKind kind
where
source.isSourceOf(kind) and
source.getLocation().getFile().getShortName() != "cgi.py"
select source.(ControlFlowNode).getNode(), kind