Merge pull request #13781 from maikypedia/maikypedia/python-unsafe-deserialization

Python: Add unsafe deserialization sinks (CWE-502)
2026-05-04 21:25:44 +02:00 · 2023-10-10 13:30:38 +02:00
parent 542d5a2451 f3acc89900
commit 2d947a4f53
16 changed files with 153 additions and 2 deletions
--- a/python/ql/test/library-tests/frameworks/joblib/ConceptsTest.expected
+++ b/python/ql/test/library-tests/frameworks/joblib/ConceptsTest.expected
@@ -0,0 +1,2 @@
+failures
+testFailures
--- a/python/ql/test/library-tests/frameworks/joblib/ConceptsTest.ql
+++ b/python/ql/test/library-tests/frameworks/joblib/ConceptsTest.ql
@@ -0,0 +1,2 @@
+import python
+import experimental.meta.ConceptsTest
--- a/python/ql/test/library-tests/frameworks/joblib/Decoding.py
+++ b/python/ql/test/library-tests/frameworks/joblib/Decoding.py
@@ -0,0 +1,4 @@
+import joblib
+
+joblib.load(file_)  # $ decodeInput=file_ decodeOutput=joblib.load(..) decodeFormat=joblib decodeMayExecuteInput
+joblib.load(filename=file_)  # $ decodeInput=file_ decodeOutput=joblib.load(..) decodeFormat=joblib decodeMayExecuteInput
--- a/python/ql/test/library-tests/frameworks/numpy/ConceptsTest.expected
+++ b/python/ql/test/library-tests/frameworks/numpy/ConceptsTest.expected
@@ -0,0 +1,2 @@
+failures
+testFailures
--- a/python/ql/test/library-tests/frameworks/numpy/ConceptsTest.ql
+++ b/python/ql/test/library-tests/frameworks/numpy/ConceptsTest.ql
@@ -0,0 +1,2 @@
+import python
+import experimental.meta.ConceptsTest
--- a/python/ql/test/library-tests/frameworks/numpy/Decoding.py
+++ b/python/ql/test/library-tests/frameworks/numpy/Decoding.py
@@ -0,0 +1,6 @@
+import numpy
+
+numpy.load(file_)  # $ decodeInput=file_ decodeOutput=numpy.load(..) decodeFormat=numpy
+numpy.load(filename=file_)  # $ decodeInput=file_ decodeOutput=numpy.load(..) decodeFormat=numpy
+numpy.load(file_, allow_pickle=True)  # $ decodeInput=file_ decodeOutput=numpy.load(..) decodeFormat=numpy decodeFormat=pickle decodeMayExecuteInput
+numpy.load(file_, None, True)  # $ decodeInput=file_ decodeOutput=numpy.load(..) decodeFormat=numpy decodeFormat=pickle decodeMayExecuteInput
--- a/python/ql/test/library-tests/frameworks/pandas/ConceptsTest.expected
+++ b/python/ql/test/library-tests/frameworks/pandas/ConceptsTest.expected
@@ -0,0 +1,2 @@
+failures
+testFailures
--- a/python/ql/test/library-tests/frameworks/pandas/ConceptsTest.ql
+++ b/python/ql/test/library-tests/frameworks/pandas/ConceptsTest.ql
@@ -0,0 +1,2 @@
+import python
+import experimental.meta.ConceptsTest
--- a/python/ql/test/library-tests/frameworks/pandas/Decoding.py
+++ b/python/ql/test/library-tests/frameworks/pandas/Decoding.py
@@ -0,0 +1,4 @@
+import pandas
+
+pandas.read_pickle(file_)  # $ decodeInput=file_ decodeOutput=pandas.read_pickle(..) decodeFormat=pickle decodeMayExecuteInput
+pandas.read_pickle(filepath_or_buffer=file_)  # $ decodeInput=file_ decodeOutput=pandas.read_pickle(..) decodeFormat=pickle decodeMayExecuteInput