hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 01:33:15 +01:00
Code Issues Packages Projects Releases Wiki Activity

Opt for any source from RemoteFlowSource.

Browse Source
This commit is contained in:
Sim4n6
2023-01-26 12:51:55 +01:00
parent aaa0040612
commit 54cc4d6498
3 changed files with 76 additions and 82 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
python/ql/src/experimental/Security/CWE-022bis/UnsafeUnpackQuery.qll
View File

@@ -1,7 +1,5 @@
/**
*
* Provides a taint-tracking configuration for detecting "UnsafeUnpacking" vulnerabilities.
*
*/
import python
@@ -10,13 +8,14 @@ import semmle.python.dataflow.new.internal.DataFlowPublic
import semmle.python.ApiGraphs
import semmle.python.dataflow.new.TaintTracking
import semmle.python.frameworks.Stdlib
import semmle.python.dataflow.new.RemoteFlowSources
class UnsafeUnpackingConfig extends TaintTracking::Configuration {
UnsafeUnpackingConfig() { this = "UnsafeUnpackingConfig" }
override predicate isSource(DataFlow::Node source) {
// A source coming from a remote location
exists(Http::Client::Request request | source = request)
source instanceof RemoteFlowSource
or
// A source coming from a CLI argparse module
// see argparse: https://docs.python.org/3/library/argparse.html