hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity

Change EmailSender structure

Browse Source
This commit is contained in:
jorgectf
2021-06-23 00:37:54 +02:00
parent 20f321e623
commit 48cd5062cf
2 changed files with 35 additions and 80 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
python/ql/src/experimental/semmle/python/Concepts.qll
View File

@@ -146,3 +146,38 @@ class LDAPEscape extends DataFlow::Node {
*/
DataFlow::Node getAnInput() { result = range.getAnInput() }
}
/**
* An operation that sends an email.
*/
abstract class EmailSender extends DataFlow::CallCfgNode {
/**
* Gets a data flow node holding the plaintext version of the email body.
*/
abstract DataFlow::Node getPlainTextBody();
/**
* Gets a data flow node holding the html version of the email body.
*/
abstract DataFlow::Node getHtmlBody();
/**
* Gets a data flow node holding the recipients of the email.
*/
abstract DataFlow::Node getTo();
/**
* Gets a data flow node holding the senders of the email.
*/
abstract DataFlow::Node getFrom();
/**
* Gets a data flow node holding the subject of the email.
*/
abstract DataFlow::Node getSubject();
/**
* Gets a data flow node that refers to the HTML body or plaintext body of the email.
*/
DataFlow::Node getABody() { result in [getPlainTextBody(), getHtmlBody()] }
}

80
python/ql/src/experimental/semmle/python/EmailClients.qll
View File

@@ -1,80 +0,0 @@
import python
/**
* An operation that sends an email.
*/
abstract class EmailSender extends DataFlow::CallCfgNode {
/**
* Gets a data flow node holding the plaintext version of the email body.
*/
abstract ControlFlowNode getPlainTextBody();
/**
* Gets a data flow node holding the html version of the email body.
*/
abstract ControlFlowNode getHtmlBody();
/**
* Gets a data flow node holding the recipients of the email.
*/
abstract DataFlow::Node getTo();
/**
* Gets a data flow node holding the senders of the email.
*/
abstract DataFlow::Node getFrom();
/**
* Gets a data flow node holding the subject of the email.
*/
abstract DataFlow::Node getSubject();
}
class FlaskMailEmailSender extends EmailSender {
FlaskMailEmailSender() {
this =
API::moduleImport("flask_mail").getMember("Mail").getReturn().getMember("send").getACall()
}
override ControlFlowNode getPlainTextBody() {
exists(API::Node message |
message = API::moduleImport("flask_mail").getMember("Message").getReturn() and
getArg(0) = message.getAUse() and
result = message.getAUse().getALocalSource().asCfgNode().(CallNode).getArgByName("body")
)
}
override ControlFlowNode getHtmlBody() {
exists(API::Node message |
message = API::moduleImport("flask_mail").getMember("Message").getReturn() and
getArg(0) = message.getAUse() and
result = message.getAUse().getALocalSource().asCfgNode().(CallNode).getArgByName("html")
) or
exists(API::Node message, DataFlow::AttrWrite htmlAttr |
message = API::moduleImport("flask_mail").getMember("Message").getReturn() and
htmlAttr.getAttributeName() = "html" and
getArg(0) = message.getAUse() and
htmlAttr.getObject() = message.getAUse() and
result = htmlAttr.getValue().asCfgNode()
)
}
override ControlFlowNode getTo() {
exists(API::Node message |
message = API::moduleImport("flask_mail").getMember("Message").getReturn() and
getArg(0) = message.getAUse() and
result = message.getAUse().getALocalSource().asCfgNode().(CallNode).getArgByName("recipients")
)
}
override ControlFlowNode getFrom() {
exists(API::Node message |
message = API::moduleImport("flask_mail").getMember("Message").getReturn() and
getArg(0) = message.getAUse() and
result = message.getAUse().getALocalSource().asCfgNode().(CallNode).getArgByName("sender")
)
}
override ControlFlowNode getSubject() {
exists(API::Node message |
message = API::moduleImport("flask_mail").getMember("Message").getReturn() and
getArg(0) = message.getAUse() and
result = message.getAUse().getALocalSource().asCfgNode().(CallNode).getArgByName("subject")
)
}
}