mirror of
https://github.com/github/codeql.git
synced 2026-03-17 04:56:58 +01:00
Python change 'SimpleHttpResponseTaintSink' to 'HttpResponseTaintSink'.
This commit is contained in:
Mark Shannon
@@ -32,7 +32,7 @@ class RefectedXssConfiguration extends TaintTracking::Configuration {
|
||||
|
||||
override predicate isSource(TaintTracking::Source source) { source instanceof HttpRequestTaintSource }
|
||||
|
||||
override predicate isSink(TaintTracking::Sink sink) { sink instanceof SimpleHttpResponseTaintSink }
|
||||
override predicate isSink(TaintTracking::Sink sink) { sink instanceof HttpResponseTaintSink }
|
||||
|
||||
}
|
||||
|
||||
|
||||
@@ -86,7 +86,7 @@ class UntrustedCookie extends TaintKind {
|
||||
|
||||
|
||||
/** Generic taint sink in a http response */
|
||||
abstract class SimpleHttpResponseTaintSink extends TaintSink {
|
||||
abstract class HttpResponseTaintSink extends TaintSink {
|
||||
|
||||
override predicate sinks(TaintKind kind) {
|
||||
kind instanceof ExternalStringKind
|
||||
|
||||
@@ -22,7 +22,7 @@ private Object theBottleResponseObject() {
|
||||
result = theBottleModule().attr("response")
|
||||
}
|
||||
|
||||
class BottleResponseBodyAssignment extends SimpleHttpResponseTaintSink {
|
||||
class BottleResponseBodyAssignment extends HttpResponseTaintSink {
|
||||
|
||||
BottleResponseBodyAssignment() {
|
||||
exists(DefinitionNode lhs |
|
||||
@@ -37,7 +37,7 @@ class BottleResponseBodyAssignment extends SimpleHttpResponseTaintSink {
|
||||
|
||||
}
|
||||
|
||||
class BottleHandlerFunctionResult extends SimpleHttpResponseTaintSink {
|
||||
class BottleHandlerFunctionResult extends HttpResponseTaintSink {
|
||||
|
||||
BottleHandlerFunctionResult() {
|
||||
exists(BottleRoute route, Return ret |
|
||||
|
||||
@@ -7,7 +7,7 @@ import semmle.python.web.cherrypy.General
|
||||
|
||||
|
||||
|
||||
class CherryPyExposedFunctionResult extends SimpleHttpResponseTaintSink {
|
||||
class CherryPyExposedFunctionResult extends HttpResponseTaintSink {
|
||||
|
||||
CherryPyExposedFunctionResult() {
|
||||
exists(Return ret |
|
||||
|
||||
@@ -40,7 +40,7 @@ class DjangoResponseSource extends TaintSource {
|
||||
}
|
||||
|
||||
/** A write to a django response, which is vulnerable to external data (xss) */
|
||||
class DjangoResponseWrite extends SimpleHttpResponseTaintSink {
|
||||
class DjangoResponseWrite extends HttpResponseTaintSink {
|
||||
|
||||
DjangoResponseWrite() {
|
||||
exists(AttrNode meth, CallNode call |
|
||||
@@ -61,7 +61,7 @@ class DjangoResponseWrite extends SimpleHttpResponseTaintSink {
|
||||
}
|
||||
|
||||
/** An argument to initialization of a django response, which is vulnerable to external data (xss) */
|
||||
class DjangoResponseContent extends SimpleHttpResponseTaintSink {
|
||||
class DjangoResponseContent extends HttpResponseTaintSink {
|
||||
|
||||
DjangoResponseContent() {
|
||||
exists(CallNode call, ClassObject cls |
|
||||
|
||||
@@ -30,7 +30,7 @@ class FalconResponseParameter extends TaintSource {
|
||||
|
||||
}
|
||||
|
||||
class FalconResponseBodySink extends SimpleHttpResponseTaintSink {
|
||||
class FalconResponseBodySink extends HttpResponseTaintSink {
|
||||
|
||||
FalconResponseBodySink() {
|
||||
exists(AttrNode attr |
|
||||
|
||||
@@ -8,7 +8,7 @@ import semmle.python.web.flask.General
|
||||
|
||||
/** A flask response, which is vulnerable to any sort of
|
||||
* http response malice. */
|
||||
class FlaskRoutedResponse extends SimpleHttpResponseTaintSink {
|
||||
class FlaskRoutedResponse extends HttpResponseTaintSink {
|
||||
|
||||
FlaskRoutedResponse() {
|
||||
exists(PyFunctionObject response |
|
||||
@@ -28,7 +28,7 @@ class FlaskRoutedResponse extends SimpleHttpResponseTaintSink {
|
||||
}
|
||||
|
||||
|
||||
class FlaskResponseArgument extends SimpleHttpResponseTaintSink {
|
||||
class FlaskResponseArgument extends HttpResponseTaintSink {
|
||||
|
||||
FlaskResponseArgument() {
|
||||
exists(CallNode call |
|
||||
|
||||
@@ -9,7 +9,7 @@ private import semmle.python.web.Http
|
||||
|
||||
/** A pyramid response, which is vulnerable to any sort of
|
||||
* http response malice. */
|
||||
class PyramidRoutedResponse extends SimpleHttpResponseTaintSink {
|
||||
class PyramidRoutedResponse extends HttpResponseTaintSink {
|
||||
|
||||
PyramidRoutedResponse() {
|
||||
exists(PyFunctionObject view |
|
||||
|
||||
@@ -31,7 +31,7 @@ class TornadoConnectionSource extends TaintSource {
|
||||
|
||||
}
|
||||
|
||||
class TornadoConnectionWrite extends SimpleHttpResponseTaintSink {
|
||||
class TornadoConnectionWrite extends HttpResponseTaintSink {
|
||||
|
||||
override string toString() {
|
||||
result = "tornado.connection.write"
|
||||
@@ -53,7 +53,7 @@ class TornadoConnectionWrite extends SimpleHttpResponseTaintSink {
|
||||
|
||||
}
|
||||
|
||||
class TornadoHttpRequestHandlerWrite extends SimpleHttpResponseTaintSink {
|
||||
class TornadoHttpRequestHandlerWrite extends HttpResponseTaintSink {
|
||||
|
||||
override string toString() {
|
||||
result = "tornado.HttpRequesHandler.write"
|
||||
@@ -73,7 +73,7 @@ class TornadoHttpRequestHandlerWrite extends SimpleHttpResponseTaintSink {
|
||||
|
||||
}
|
||||
|
||||
class TornadoHttpRequestHandlerRedirect extends SimpleHttpResponseTaintSink {
|
||||
class TornadoHttpRequestHandlerRedirect extends HttpResponseTaintSink {
|
||||
|
||||
override string toString() {
|
||||
result = "tornado.HttpRequesHandler.redirect"
|
||||
|
||||
@@ -7,7 +7,7 @@ import TurboGears
|
||||
|
||||
|
||||
|
||||
class ControllerMethodReturnValue extends SimpleHttpResponseTaintSink {
|
||||
class ControllerMethodReturnValue extends HttpResponseTaintSink {
|
||||
|
||||
ControllerMethodReturnValue() {
|
||||
exists(TurboGearsControllerMethod m |
|
||||
@@ -22,7 +22,7 @@ class ControllerMethodReturnValue extends SimpleHttpResponseTaintSink {
|
||||
|
||||
}
|
||||
|
||||
class ControllerMethodTemplatedReturnValue extends SimpleHttpResponseTaintSink {
|
||||
class ControllerMethodTemplatedReturnValue extends HttpResponseTaintSink {
|
||||
|
||||
ControllerMethodTemplatedReturnValue() {
|
||||
exists(TurboGearsControllerMethod m |
|
||||
|
||||
@@ -30,7 +30,7 @@ class TwistedResponse extends TaintSink {
|
||||
* object, which affects the properties of the subsequent response sent to this
|
||||
* request.
|
||||
*/
|
||||
class TwistedRequestSetter extends SimpleHttpResponseTaintSink {
|
||||
class TwistedRequestSetter extends HttpResponseTaintSink {
|
||||
TwistedRequestSetter() {
|
||||
exists(CallNode call, ControlFlowNode node, string name |
|
||||
(
|
||||
|
||||
Reference in New Issue
Block a user