hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-23 04:06:37 +01:00
Code Issues Packages Projects Releases Wiki Activity

python: CSRF -> Csrf

Browse Source
This commit is contained in:
Rasmus Lerchedahl Petersen
2022-03-23 11:29:27 +01:00
parent 53de8287f5
commit 441e206cfa
3 changed files with 25 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
python/ql/lib/semmle/python/Concepts.qll
View File

@@ -110,9 +110,9 @@ module FileSystemWriteAccess {
* in a global manner. * in a global manner.
* *
* Extend this class to refine existing API models. If you want to model new APIs, * Extend this class to refine existing API models. If you want to model new APIs,
* extend `CSRFProtectionSetting::Range` instead. * extend `CsrfProtectionSetting::Range` instead.
*/ */
class CSRFProtectionSetting extends DataFlow::Node instanceof CSRFProtectionSetting::Range { class CsrfProtectionSetting extends DataFlow::Node instanceof CsrfProtectionSetting::Range {
/** /**
* Gets the boolean value corresponding to if CSRF protection is enabled * Gets the boolean value corresponding to if CSRF protection is enabled
* (`true`) or disabled (`false`) by this node. * (`true`) or disabled (`false`) by this node.
@@ -121,13 +121,13 @@ class CSRFProtectionSetting extends DataFlow::Node instanceof CSRFProtectionSett
} }
/** Provides a class for modeling new CSRF protection setting APIs. */ /** Provides a class for modeling new CSRF protection setting APIs. */
module CSRFProtectionSetting { module CsrfProtectionSetting {
/** /**
* A data-flow node that may set or unset Cross-site request forgery protection * A data-flow node that may set or unset Cross-site request forgery protection
* in a global manner. * in a global manner.
* *
* Extend this class to model new APIs. If you want to refine existing API models, * Extend this class to model new APIs. If you want to refine existing API models,
* extend `CSRFProtectionSetting` instead. * extend `CsrfProtectionSetting` instead.
*/ */
abstract class Range extends DataFlow::Node { abstract class Range extends DataFlow::Node {
/** /**
@@ -143,9 +143,9 @@ module CSRFProtectionSetting {
* for a specific part of an application. * for a specific part of an application.
* *
* Extend this class to refine existing API models. If you want to model new APIs, * Extend this class to refine existing API models. If you want to model new APIs,
* extend `CSRFProtection::Range` instead. * extend `CsrfLocalProtection::Range` instead.
*/ */
class CSRFProtection extends DataFlow::Node instanceof CSRFProtection::Range { class CsrfLocalProtection extends DataFlow::Node instanceof CsrfLocalProtection::Range {
/** /**
* Gets a `Function` representing the protected interaction * Gets a `Function` representing the protected interaction
* (probably a request handler). * (probably a request handler).
@@ -154,13 +154,13 @@ class CSRFProtection extends DataFlow::Node instanceof CSRFProtection::Range {
} }
/** Provides a class for modeling new CSRF protection setting APIs. */ /** Provides a class for modeling new CSRF protection setting APIs. */
module CSRFProtection { module CsrfLocalProtection {
/** /**
* A data-flow node that provides Cross-site request forgery protection * A data-flow node that provides Cross-site request forgery protection
* for a specific part of an application. * for a specific part of an application.
* *
* Extend this class to model new APIs. If you want to refine existing API models, * Extend this class to model new APIs. If you want to refine existing API models,
* extend `CSRFProtection` instead. * extend `CsrfLocalProtection` instead.
*/ */
abstract class Range extends DataFlow::Node { abstract class Range extends DataFlow::Node {
/** /**

30
python/ql/lib/semmle/python/frameworks/Django.qll
View File

@@ -2320,7 +2320,7 @@ module PrivateDjango {
/** /**
* A custom middleware stack * A custom middleware stack
*/ */
private class DjangoSettingsMiddlewareStack extends CSRFProtectionSetting::Range { private class DjangoSettingsMiddlewareStack extends CsrfProtectionSetting::Range {
List list; List list;
DjangoSettingsMiddlewareStack() { DjangoSettingsMiddlewareStack() {
@@ -2345,21 +2345,21 @@ module PrivateDjango {
else result = false else result = false
} }
} }
}
private class DjangoCSRFDecorator extends CSRFProtection::Range { private class DjangoCsrfDecorator extends CsrfLocalProtection::Range {
Function function; Function function;
DjangoCSRFDecorator() { DjangoCsrfDecorator() {
this = this =
API::moduleImport("django") API::moduleImport("django")
.getMember("views") .getMember("views")
.getMember("decorators") .getMember("decorators")
.getMember("csrf") .getMember("csrf")
.getMember("csrf_protect") .getMember("csrf_protect")
.getAUse() and .getAUse() and
this.asExpr() = function.getADecorator() this.asExpr() = function.getADecorator()
}
override Function getProtected() { result = function }
} }
override Function getProtected() { result = function }
} }

4
python/ql/src/Security/CWE-352/CSRFProtectionDisabled.ql
View File

@@ -14,10 +14,10 @@
import python import python
import semmle.python.Concepts import semmle.python.Concepts
from CSRFProtectionSetting s from CsrfProtectionSetting s
where where
s.getVerificationSetting() = false and s.getVerificationSetting() = false and
not exists(CSRFProtection p) and not exists(CsrfLocalProtection p) and
// rule out test code as this is a common place to turn off CSRF protection // rule out test code as this is a common place to turn off CSRF protection
not s.getLocation().getFile().getAbsolutePath().matches("%test%") not s.getLocation().getFile().getAbsolutePath().matches("%test%")
select s, "Potential CSRF vulnerability due to forgery protection being disabled or weakened." select s, "Potential CSRF vulnerability due to forgery protection being disabled or weakened."