hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-27 09:45:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add concept tests + fix typo

Browse Source
This commit is contained in:
Joe Farebrother
2024-04-24 10:31:40 +01:00
parent ec4c820391
commit 2b935e575a
5 changed files with 94 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
python/ql/test/experimental/meta/ConceptsTest.qll
View File

@@ -319,6 +319,43 @@ module HttpServerHttpResponseTest implements TestSig {
}
}
module HttpResponseHeaderWriteTest implements TestSig {
string getARelevantTag() { result = ["headerWriteName", "headerWriteValue", "headerWriteBulk"] }
predicate hasActualResult(Location location, string element, string tag, string value) {
exists(location.getFile().getRelativePath()) and
(
exists(Http::Server::ResponseHeaderWrite write, DataFlow::Node node |
location = node.getLocation() and
element = node.toString()
|
node = write.getNameArg() and
tag = "headerWriteName" and
(if write.nameAllowsNewline() then value = "unsanitized" else value = "sanitized")
or
node = write.getValueArg() and
tag = "headerWriteValue" and
(if write.valueAllowsNewline() then value = "unsanitized" else value = "sanitized")
)
or
exists(Http::Server::ResponseHeaderBulkWrite write |
location = write.getBulkArg().getLocation() and
element = write.getBulkArg().toString() and
(
tag = "headerWriteBulk" and
value = ""
or
tag = "headerWriteName" and
(if write.nameAllowsNewline() then value = "unsanitized" else value = "sanitized")
or
tag = "headerWriteValue" and
(if write.valueAllowsNewline() then value = "unsanitized" else value = "sanitized")
)
)
)
}
}
module HttpServerHttpRedirectResponseTest implements TestSig {
string getARelevantTag() { result in ["HttpRedirectResponse", "redirectLocation"] }
@@ -559,7 +596,8 @@ import MakeTest<MergeTests5<MergeTests5<SystemCommandExecutionTest, DecodingTest
MergeTests5<SqlConstructionTest, SqlExecutionTest, XPathConstructionTest, XPathExecutionTest,
EscapingTest>,
MergeTests5<HttpServerRouteSetupTest, HttpServerRequestHandlerTest, HttpServerHttpResponseTest,
HttpServerHttpRedirectResponseTest, HttpServerCookieWriteTest>,
HttpServerHttpRedirectResponseTest,
MergeTests<HttpServerCookieWriteTest, HttpResponseHeaderWriteTest>>,
MergeTests5<FileSystemAccessTest, FileSystemWriteAccessTest, PathNormalizationTest,
SafeAccessCheckTest, PublicKeyGenerationTest>,
MergeTests5<CryptographicOperationTest, HttpClientRequestTest, CsrfProtectionSettingTest,