hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-28 02:05:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add additional type tracking for request attributes

Browse Source
This commit is contained in:
Joe Farebrother
2024-04-25 13:58:36 +01:00
parent f85ee38e04
commit 86d1e5b646
2 changed files with 19 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
python/ql/test/library-tests/frameworks/pyramid/pyramid_test.py
View File

@@ -30,10 +30,9 @@ def test1(request):
request.as_bytes, # $ tainted
request.body, # $ tainted
request.body_file, # $ tainted
request.body_file_raw, # $ tainted
request.body_file_seekable,# $ tainted
request.body_file.read(), # $ MISSING:tainted
request.body_file.read(), # $ tainted
request.body_file_raw.read(), # $ tainted
request.body_file_seekable.read(),# $ tainted
request.json, # $ tainted
request.json_body, # $ tainted
@@ -61,9 +60,9 @@ def test1(request):
request.GET.values(), # $ tainted
request.copy(), # $ tainted
request.copy_body(), # $ tainted
request.copy_get(), # $ tainted
request.copy().GET['a'] # $ MISSING:tainted
request.copy().GET['a'], # $ tainted
request.copy_get().body # $ tainted
)
def test2(request):