hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-25 16:55:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add UnicodeDoS sink for werkzeug secure_filename

Browse Source
This commit is contained in:
Sim4n6
2024-02-13 04:21:52 +01:00
committed by yoff
parent 342465057c
commit 5cc9170249
1 changed files with 10 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
python/ql/src/experimental/Security/CWE-770/UnicodeDoS.ql
View File

@@ -93,6 +93,16 @@ class Configuration extends TaintTracking::Configuration {
override predicate isSink(DataFlow::Node sink) {
sink = any(UnicodeCompatibilityNormalize ucn).getPathArg()
or
sink = API::moduleImport("werkzeug").getMember("secure_filename").getACall().getArg(_)
or
sink =
API::moduleImport("werkzeug")
.getMember("utils")
.getMember("secure_filename")
.getACall()
.getArg(_)
}
}