hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 11:15:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Python: Don't make duplicate sink for Tornado handler

Browse Source 
`self.write(...)` would be treated as *both* TornadoConnectionWrite and
TornadoHttpRequestHandlerWrite
This commit is contained in:
Rasmus Wriedt Larsen
2020-01-07 13:51:03 +01:00
parent effa4548ab
commit 2cdbae08b6
2 changed files with 3 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
python/ql/src/semmle/python/web/tornado/Response.qll
View File

@@ -24,11 +24,8 @@ class TornadoConnectionWrite extends HttpResponseTaintSink {
TornadoConnectionWrite() {
exists(CallNode call, ControlFlowNode conn |
conn = call.getFunction().(AttrNode).getObject("write") and
this = call.getAnArg()
|
this = call.getAnArg() and
exists(TornadoConnection tc | tc.taints(conn))
or
isTornadoRequestHandlerInstance(conn)
)
}
@@ -41,8 +38,8 @@ class TornadoHttpRequestHandlerWrite extends HttpResponseTaintSink {
TornadoHttpRequestHandlerWrite() {
exists(CallNode call, ControlFlowNode node |
node = call.getFunction().(AttrNode).getObject("write") and
isTornadoRequestHandlerInstance(node) and
this = call.getAnArg()
this = call.getAnArg() and
isTornadoRequestHandlerInstance(node)
)
}

4
python/ql/test/library-tests/web/tornado/HttpSinks.expected
View File

@@ -1,8 +1,4 @@
| test.py:6:20:6:43 | tornado.HttpRequesHandler.write | externally controlled string |
| test.py:6:20:6:43 | tornado.connection.write | externally controlled string |
| test.py:12:20:12:23 | tornado.HttpRequesHandler.write | externally controlled string |
| test.py:12:20:12:23 | tornado.connection.write | externally controlled string |
| test.py:20:23:20:25 | tornado.HttpRequesHandler.redirect | externally controlled string |
| test.py:26:20:26:48 | tornado.HttpRequesHandler.write | externally controlled string |
| test.py:26:20:26:48 | tornado.connection.write | externally controlled string |
FIXME