hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 11:15:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'main' into threat-models

Browse Source
This commit is contained in:
Rasmus Wriedt Larsen
2024-09-26 11:44:24 +02:00
parent 535db98823 76914c40c9
commit 431a1af628
305 changed files with 11499 additions and 5937 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
python/ql/test/library-tests/dataflow/tainttracking/commonSanitizer/InlineTaintTest.ql
View File

@@ -6,7 +6,7 @@ module CustomSanitizerOverridesConfig implements DataFlow::ConfigSig {
predicate isSink = TestTaintTrackingConfig::isSink/1;
predicate isBarrier(DataFlow::Node node) { node instanceof StringConstCompareBarrier }
predicate isBarrier(DataFlow::Node node) { node instanceof ConstCompareBarrier }
}
import MakeInlineTaintTest<CustomSanitizerOverridesConfig>

29
python/ql/test/library-tests/dataflow/tainttracking/commonSanitizer/test_string_const_compare.py → python/ql/test/library-tests/dataflow/tainttracking/commonSanitizer/test_const_compare.py
View File

@@ -85,6 +85,32 @@ def test_in_local_variable():
else:
ensure_tainted(ts) # $ tainted
def test_is_none():
ts = TAINTED_STRING
if ts is None:
ensure_not_tainted(ts)
else:
ensure_tainted(ts) # $ tainted
def test_is_not_none():
ts = TAINTED_STRING
if ts is not None:
ensure_tainted(ts) # $ tainted
else:
ensure_not_tainted(ts)
def test_in_list_with_constants():
ts = TAINTED_STRING
if ts in ["safe", None, 3, False]:
ensure_not_tainted(ts)
else:
ensure_tainted(ts) # $ tainted
if ts in ["safe", not_constant(), None]:
ensure_tainted(ts) # $ tainted
def not_constant():
return "x"
SAFE = ["safe", "also_safe"]
@@ -184,6 +210,9 @@ test_in_tuple()
test_in_set()
test_in_local_variable()
test_in_global_variable()
test_is_none()
test_is_not_none()
test_in_list_with_constants()
make_modification("unsafe")
test_in_modified_global_variable()
test_in_unsafe1(["unsafe", "foo"])

10
python/ql/test/library-tests/frameworks/fastapi/middleware.py Normal file
View File

@@ -0,0 +1,10 @@
from fastapi import FastAPI
from fastapi.middleware.cors import CORSMiddleware
app = FastAPI()
origins = [
"*"
]
app.add_middleware(CORSMiddleware, allow_origins=origins, allow_credentials=True, allow_methods=["*"], allow_headers=["*"]) # $ CorsMiddleware=CORSMiddleware

11
python/ql/test/library-tests/frameworks/starlette/Middleware.py Normal file
View File

@@ -0,0 +1,11 @@
from starlette.applications import Starlette
from starlette.middleware import Middleware
from starlette.middleware.cors import CORSMiddleware
routes = ...
middleware = [
Middleware(CORSMiddleware, allow_origins=['*'], allow_credentials=True) # $ CorsMiddleware=CORSMiddleware
]
app = Starlette(routes=routes, middleware=middleware)