From 88d82017b38b1d4ed7e363554dc3c3c2fc328d20 Mon Sep 17 00:00:00 2001
From: Mark Shannon <mark@semmle.com>
Date: Fri, 16 Nov 2018 14:39:48 +0000
Subject: [PATCH] Python: Convert stack-trace-exposure query to path-problem.

---
 .../Security/CWE-209/StackTraceExposure.expected     | 12 +++++++++++-
 python/ql/test/query-tests/Security/CWE-209/test.py  | 12 ++++++++++++
 2 files changed, 23 insertions(+), 1 deletion(-)

diff --git a/python/ql/test/query-tests/Security/CWE-209/StackTraceExposure.expected b/python/ql/test/query-tests/Security/CWE-209/StackTraceExposure.expected
index 7c16a2d95f8..c5d0f64988e 100644
--- a/python/ql/test/query-tests/Security/CWE-209/StackTraceExposure.expected
+++ b/python/ql/test/query-tests/Security/CWE-209/StackTraceExposure.expected
@@ -1 +1,11 @@
-| test.py:16:16:16:37 | flask.routed.response | $@ may be exposed to an external user | test.py:16:16:16:37 | exception.info.source | Error information |
+edges
+| test.py:33:15:33:36 | Taint exception.info at test.py:33 | test.py:34:29:34:31 | Taint exception.info at test.py:34 |
+| test.py:34:29:34:31 | Taint exception.info at test.py:34 | test.py:36:18:36:20 | Taint exception.info at test.py:36 |
+| test.py:36:18:36:20 | Taint exception.info at test.py:36 | test.py:37:25:37:27 | Taint exception.info at test.py:37 |
+| test.py:37:12:37:27 | Taint exception.info at test.py:37 | test.py:34:16:34:32 | Taint exception.info at test.py:34 |
+| test.py:37:25:37:27 | Taint exception.info at test.py:37 | test.py:37:12:37:27 | Taint exception.info at test.py:37 |
+parents
+| test.py:36:18:36:20 | Taint exception.info at test.py:36 | test.py:34:29:34:31 | Taint exception.info at test.py:34 |
+#select
+| test.py:16:16:16:37 | flask.routed.response | test.py:16:16:16:37 | Taint exception.info at test.py:16 | test.py:16:16:16:37 | Taint exception.info at test.py:16 | $@ may be exposed to an external user | test.py:16:16:16:37 | exception.info.source | Error information |
+| test.py:34:16:34:32 | flask.routed.response | test.py:33:15:33:36 | Taint exception.info at test.py:33 | test.py:34:16:34:32 | Taint exception.info at test.py:34 | $@ may be exposed to an external user | test.py:33:15:33:36 | exception.info.source | Error information |
diff --git a/python/ql/test/query-tests/Security/CWE-209/test.py b/python/ql/test/query-tests/Security/CWE-209/test.py
index 169dc091ddd..6e96cba15c5 100644
--- a/python/ql/test/query-tests/Security/CWE-209/test.py
+++ b/python/ql/test/query-tests/Security/CWE-209/test.py
@@ -23,3 +23,15 @@ def server_good():
     except Exception as e:
         log(traceback.format_exc())
         return "An internal error has occurred!"
+
+#BAD
+@app.route('/bad/with-flow')
+def server_bad_flow():
+    try:
+        do_computation()
+    except Exception as e:
+        err = traceback.format_exc()
+        return format_error(err)
+
+def format_error(msg):
+    return "[ERROR] " + msg