hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity

Cover MimeType.amp as a vulnerable mimetype

Browse Source
This commit is contained in:
jorgectf
2021-10-30 21:19:22 +02:00
parent 3264e7be99
commit 356b07112a
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
python/ql/src/experimental/semmle/python/frameworks/Sendgrid.qll
View File

@@ -103,14 +103,14 @@ private module Sendgrid {
or
exists(DataFlow::CallCfgNode contentCall, StrConst mime |
contentCall = sendgridMailHelper().getMember("Content").getACall() and
mime.getText() = "text/html" and
mime.getText() = ["text/html", "text/x-amp-html"] and
DataFlow::exprNode(mime).(DataFlow::LocalSourceNode).flowsTo(contentCall.getArg(0)) and
result = contentCall.getArg(1)
)
or
exists(DataFlow::CallCfgNode addContentCall, StrConst mime |
addContentCall = sendgridMailInstance().getMember("add_content").getACall() and
mime.getText() = "text/html" and
mime.getText() = ["text/html", "text/x-amp-html"] and
DataFlow::exprNode(mime).(DataFlow::LocalSourceNode).flowsTo(addContentCall.getArg(1)) and
result = addContentCall.getArg(0)
)
@@ -126,7 +126,7 @@ private module Sendgrid {
content.getValue().(List).getAnElt() = generalDict and
// declare KeyValuePairs keys and values
typePair.getKey().(Str_).getS() = "type" and
typePair.getValue().(Str_).getS() = "text/html" and
typePair.getValue().(Str_).getS() = ["text/html", "text/x-amp-html"] and
valuePair.getKey().(Str_).getS() = "value" and
result.asExpr() = valuePair.getValue() and
// since the pairs' keys are already set, this will set the items accordingly