hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-29 18:55:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Python: Move query tests to reflect new file layout

Browse Source
This commit is contained in:
Rasmus Wriedt Larsen
2021-02-16 13:15:01 +01:00
parent 1d6f9bee08
commit 8494fcf45f
114 changed files with 12 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
python/ql/test/query-tests/Security/BadPractice/HTTPSRequestWithoutCertValidation/RequestWithoutValidation.expected Normal file
View File

@@ -0,0 +1,5 @@
| make_request.py:5:1:5:48 | ControlFlowNode for Attribute() | Call to $@ with verify=$@ | ../lib/requests.py:2:1:2:36 | Function get | requests.get | make_request.py:5:43:5:47 | ControlFlowNode for False | False |
| make_request.py:7:1:7:49 | ControlFlowNode for Attribute() | Call to $@ with verify=$@ | ../lib/requests.py:11:1:11:46 | Function post | requests.post | make_request.py:7:44:7:48 | ControlFlowNode for False | False |
| make_request.py:12:1:12:39 | ControlFlowNode for put() | Call to $@ with verify=$@ | ../lib/requests.py:14:1:14:34 | Function put | requests.put | make_request.py:12:34:12:38 | ControlFlowNode for False | False |
| make_request.py:28:5:28:46 | ControlFlowNode for patch() | Call to $@ with verify=$@ | ../lib/requests.py:17:1:17:36 | Function patch | requests.patch | make_request.py:30:6:30:10 | ControlFlowNode for False | False |
| make_request.py:34:1:34:45 | ControlFlowNode for Attribute() | Call to $@ with verify=$@ | ../lib/requests.py:11:1:11:46 | Function post | requests.post | make_request.py:34:44:34:44 | ControlFlowNode for IntegerLiteral | False |

1
python/ql/test/query-tests/Security/BadPractice/HTTPSRequestWithoutCertValidation/RequestWithoutValidation.qlref Normal file
View File

@@ -0,0 +1 @@
Security/BadPractice/HTTPSRequestWithoutCertValidation/HTTPSRequestWithoutCertValidation.ql

34
python/ql/test/query-tests/Security/BadPractice/HTTPSRequestWithoutCertValidation/make_request.py Normal file
View File

@@ -0,0 +1,34 @@
import requests
#Simple cases
requests.get('https://semmle.com', verify=True) # GOOD
requests.get('https://semmle.com', verify=False) # BAD
requests.post('https://semmle.com', verify=True) # GOOD
requests.post('https://semmle.com', verify=False) # BAD
# Simple flow
put = requests.put
put('https://semmle.com', verify="/path/to/cert/") # GOOD
put('https://semmle.com', verify=False) # BAD
#Other flow
delete = requests.delete
def req1(verify=False):
delete('https://semmle.com', verify) # BAD
if verify:
delete('https://semmle.com', verify) # GOOD
if not verify:
return
delete('https://semmle.com', verify) # GOOD
patch = requests.patch
def req2(verify):
patch('https://semmle.com', verify=verify) # BAD (from line 30)
req2(False) # BAD (at line 28)
req2("/path/to/cert/") # GOOD
#Falsey value
requests.post('https://semmle.com', verify=0) # BAD

1
python/ql/test/query-tests/Security/BadPractice/HTTPSRequestWithoutCertValidation/options Normal file
View File

@@ -0,0 +1 @@
semmle-extractor-options: -p ../../lib --max-import-depth=3