hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-05 13:45:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

Python: Update all remaining taint-tracking queries to use configurations.

Browse Source
This commit is contained in:
Mark Shannon
2019-07-26 16:29:43 +01:00
parent 8443f68a33
commit 3e5fddd776
12 changed files with 116 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
python/ql/src/Security/CWE-601/UrlRedirect.ql
View File

@@ -28,7 +28,19 @@ class UntrustedPrefixStringKind extends UntrustedStringKind {
}
from TaintedPathSource src, TaintedPathSink sink
where src.flowsTo(sink)
class UrlRedirectConfiguration extends TaintTracking::Configuration {
UrlRedirectConfiguration() { this = "URL redirect configuration" }
override predicate isSource(TaintTracking::Source source) { source instanceof HttpRequestTaintSource }
override predicate isSink(TaintTracking::Sink sink) {
sink instanceof HttpRedirectTaintSink
}
}
from UrlRedirectConfiguration config, TaintedPathSource src, TaintedPathSink sink
where config.hasFlowPath(src, sink)
select sink.getSink(), src, sink, "Untrusted URL redirection due to $@.", src.getSource(), "a user-provided value"