hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-02 20:25:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add top-level CLI injection query and tests

Browse Source
This commit is contained in:
Harry Maclean
2021-09-02 21:16:50 +01:00
parent 8440fe2ba9
commit 4a0d7c528a
6 changed files with 59 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
ql/test/query-tests/security/cwe-078/CommandInjection.expected Normal file
View File

@@ -0,0 +1,16 @@
edges
| CommandInjection.rb:3:15:3:20 | call to params : | CommandInjection.rb:4:10:4:15 | #{...} |
| CommandInjection.rb:3:15:3:20 | call to params : | CommandInjection.rb:5:16:5:18 | cmd |
| CommandInjection.rb:3:15:3:20 | call to params : | CommandInjection.rb:6:14:6:16 | cmd |
| CommandInjection.rb:3:15:3:20 | call to params : | CommandInjection.rb:7:12:7:17 | #{...} |
nodes
| CommandInjection.rb:3:15:3:20 | call to params : | semmle.label | call to params : |
| CommandInjection.rb:4:10:4:15 | #{...} | semmle.label | #{...} |
| CommandInjection.rb:5:16:5:18 | cmd | semmle.label | cmd |
| CommandInjection.rb:6:14:6:16 | cmd | semmle.label | cmd |
| CommandInjection.rb:7:12:7:17 | #{...} | semmle.label | #{...} |
#select
| CommandInjection.rb:4:10:4:15 | #{...} | CommandInjection.rb:3:15:3:20 | call to params : | CommandInjection.rb:4:10:4:15 | #{...} | This command depends on $@. | CommandInjection.rb:3:15:3:20 | call to params | a user-provided value |
| CommandInjection.rb:5:16:5:18 | cmd | CommandInjection.rb:3:15:3:20 | call to params : | CommandInjection.rb:5:16:5:18 | cmd | This command depends on $@. | CommandInjection.rb:3:15:3:20 | call to params | a user-provided value |
| CommandInjection.rb:6:14:6:16 | cmd | CommandInjection.rb:3:15:3:20 | call to params : | CommandInjection.rb:6:14:6:16 | cmd | This command depends on $@. | CommandInjection.rb:3:15:3:20 | call to params | a user-provided value |
| CommandInjection.rb:7:12:7:17 | #{...} | CommandInjection.rb:3:15:3:20 | call to params : | CommandInjection.rb:7:12:7:17 | #{...} | This command depends on $@. | CommandInjection.rb:3:15:3:20 | call to params | a user-provided value |

1
ql/test/query-tests/security/cwe-078/CommandInjection.qlref Normal file
View File

@@ -0,0 +1 @@
queries/security/cwe-078/CommandInjection.ql

16
ql/test/query-tests/security/cwe-078/CommandInjection.rb Normal file
View File

@@ -0,0 +1,16 @@
class UsersController < ActionController::Base
def create
cmd = params[:cmd]
`#{cmd}`
system(cmd)
exec(cmd)
%x(#{cmd})
end
def show
`ls`
system("ls")
exec("ls")
%x(ls)
end
end