hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 03:05:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Update test to reflect new true positive.

Browse Source
This commit is contained in:
Mark Shannon
2019-04-10 11:52:32 +01:00
parent e82b2c422e
commit 4a03fd03cd
2 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
python/ql/test/query-tests/Security/CWE-215/FlaskDebug.expected
View File

@@ -1,3 +1,4 @@
| test.py:10:1:10:19 | ControlFlowNode for Attribute() | A Flask app appears to be run in debug mode. This may allow an attacker to run arbitrary code through the debugger. |
| test.py:25:1:25:20 | ControlFlowNode for Attribute() | A Flask app appears to be run in debug mode. This may allow an attacker to run arbitrary code through the debugger. |
| test.py:29:1:29:20 | ControlFlowNode for Attribute() | A Flask app appears to be run in debug mode. This may allow an attacker to run arbitrary code through the debugger. |
| test.py:37:1:37:18 | ControlFlowNode for runapp() | A Flask app appears to be run in debug mode. This may allow an attacker to run arbitrary code through the debugger. |

2
python/ql/test/query-tests/Security/CWE-215/test.py
View File

@@ -31,7 +31,7 @@ app.run(debug=DEBUG)
if False:
app.run(debug=True)
# false negative
runapp = app.run
runapp(debug=True)