hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-12 02:24:00 +02:00
Code Issues Packages Projects Releases Wiki Activity

Python: Convert BindToAllInterfaces test to inline expectations

Browse Source
This commit is contained in:
Taus
2026-03-26 14:40:54 +00:00
parent 6c52de9234
commit 824d004a27
2 changed files with 7 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
python/ql/test/query-tests/Security/CVE-2018-1281/BindToAllInterfaces.qlref
View File

@@ -1 +1,2 @@
Security/CVE-2018-1281/BindToAllInterfaces.ql
query: Security/CVE-2018-1281/BindToAllInterfaces.ql
postprocess: utils/test/InlineExpectationsTestQuery.ql

10
python/ql/test/query-tests/Security/CVE-2018-1281/BindToAllInterfaces_test.py
View File

@@ -2,11 +2,11 @@ import socket
# binds to all interfaces, insecure
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.bind(('0.0.0.0', 31137))
s.bind(('0.0.0.0', 31137)) # $ Alert[py/bind-socket-all-network-interfaces]
# binds to all interfaces, insecure
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.bind(('', 4040))
s.bind(('', 4040)) # $ Alert[py/bind-socket-all-network-interfaces]
# binds only to a dedicated interface, secure
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
@@ -14,13 +14,13 @@ s.bind(('84.68.10.12', 8080))
# binds to all interfaces, insecure
ALL_LOCALS = "0.0.0.0"
s.bind((ALL_LOCALS, 9090))
s.bind((ALL_LOCALS, 9090)) # $ Alert[py/bind-socket-all-network-interfaces]
# binds to all interfaces, insecure
tup = (ALL_LOCALS, 8080)
s.bind(tup)
s.bind(tup) # $ Alert[py/bind-socket-all-network-interfaces]
# IPv6
s = socket.socket(socket.AF_INET6, socket.SOCK_STREAM)
s.bind(("::", 8080)) # NOT OK
s.bind(("::", 8080)) # $ Alert[py/bind-socket-all-network-interfaces]