mirror of
https://github.com/github/codeql.git
synced 2026-05-01 19:55:15 +02:00
Merge branch 'master' into python-clean-qltest-options
This commit is contained in:
Taus
@@ -1,2 +1,2 @@
|
||||
semmle-extractor-options: --lang=2 --max-import-depth=3
|
||||
semmle-extractor-options: --lang=2 --max-import-depth=4
|
||||
optimize: true
|
||||
|
||||
@@ -1,3 +1,9 @@
|
||||
| six | Module six |
|
||||
| six.moves | Module six.moves |
|
||||
| six | Package six |
|
||||
| six.moves | Package six.moves |
|
||||
| six.moves.http_client | Module httplib |
|
||||
| six.moves.http_client.HTTPConnection | class HTTPConnection |
|
||||
| six.moves.range | builtin-class xrange |
|
||||
| six.moves.urllib | Package six.moves.urllib |
|
||||
| six.moves.urllib.parse | Module six.moves.urllib_parse |
|
||||
| six.moves.urllib.parse.urlsplit | Function urlsplit |
|
||||
| six.moves.zip | builtin-class itertools.izip |
|
||||
|
||||
@@ -1,15 +1,11 @@
|
||||
|
||||
import python
|
||||
|
||||
string longname(Expr e) {
|
||||
result = e.(Name).getId()
|
||||
or
|
||||
exists(Attribute a |
|
||||
a = e |
|
||||
result = longname(a.getObject()) + "." + a.getName()
|
||||
)
|
||||
exists(Attribute a | a = e | result = longname(a.getObject()) + "." + a.getName())
|
||||
}
|
||||
|
||||
from Expr e, Object o
|
||||
where e.refersTo(o) and e.getLocation().getFile().getShortName() = "test.py"
|
||||
select longname(e), o.toString()
|
||||
from Expr e, Value v
|
||||
where e.pointsTo(v) and e.getLocation().getFile().getShortName() = "test.py"
|
||||
select longname(e), v.toString()
|
||||
|
||||
@@ -1,268 +0,0 @@
|
||||
| Module six | BytesIO | class StringIO |
|
||||
| Module six | Iterator | class Iterator |
|
||||
| Module six | MAXSIZE | int() |
|
||||
| Module six | PY2 | bool True |
|
||||
| Module six | PY3 | bool False |
|
||||
| Module six | StringIO | class StringIO |
|
||||
| Module six | __author__ | str b'Benjamin Peterson <benjamin@python.org>' |
|
||||
| Module six | __name__ | str b'six' |
|
||||
| Module six | __version__ | str b'1.5.2' |
|
||||
| Module six | _add_doc | Function _add_doc |
|
||||
| Module six | _func_closure | str b'func_closure' |
|
||||
| Module six | _func_code | str b'func_code' |
|
||||
| Module six | _func_defaults | str b'func_defaults' |
|
||||
| Module six | _func_globals | str b'func_globals' |
|
||||
| Module six | _import_module | Function _import_module |
|
||||
| Module six | _iteritems | str b'iteritems' |
|
||||
| Module six | _iterkeys | str b'iterkeys' |
|
||||
| Module six | _iterlists | str b'iterlists' |
|
||||
| Module six | _itervalues | str b'itervalues' |
|
||||
| Module six | _meth_func | str b'im_func' |
|
||||
| Module six | _meth_self | str b'im_self' |
|
||||
| Module six | add_metaclass | Function add_metaclass |
|
||||
| Module six | add_move | Function add_move |
|
||||
| Module six | advance_iterator | Builtin-function next |
|
||||
| Module six | b | Function b |
|
||||
| Module six | binary_type | builtin-class str |
|
||||
| Module six | byte2int | Function byte2int |
|
||||
| Module six | callable | Builtin-function callable |
|
||||
| Module six | callable | Function callable |
|
||||
| Module six | class_types | Tuple |
|
||||
| Module six | create_bound_method | Function create_bound_method |
|
||||
| Module six | exec_ | Function exec_ |
|
||||
| Module six | get_function_closure | Attribute() |
|
||||
| Module six | get_function_code | Attribute() |
|
||||
| Module six | get_function_defaults | Attribute() |
|
||||
| Module six | get_function_globals | Attribute() |
|
||||
| Module six | get_method_function | Attribute() |
|
||||
| Module six | get_method_self | Attribute() |
|
||||
| Module six | get_unbound_function | Function get_unbound_function |
|
||||
| Module six | indexbytes | Function indexbytes |
|
||||
| Module six | int2byte | Builtin-function chr |
|
||||
| Module six | integer_types | Tuple |
|
||||
| Module six | iterbytes | Function iterbytes |
|
||||
| Module six | iteritems | Function iteritems |
|
||||
| Module six | iterkeys | Function iterkeys |
|
||||
| Module six | iterlists | Function iterlists |
|
||||
| Module six | itervalues | Function itervalues |
|
||||
| Module six | moves | Module six.moves |
|
||||
| Module six | next | Builtin-function next |
|
||||
| Module six | operator | Module operator |
|
||||
| Module six | print_ | Function print_ |
|
||||
| Module six | remove_move | Function remove_move |
|
||||
| Module six | reraise | Function reraise |
|
||||
| Module six | string_types | Tuple |
|
||||
| Module six | sys | Module sys |
|
||||
| Module six | text_type | builtin-class unicode |
|
||||
| Module six | types | Module types |
|
||||
| Module six | u | Function u |
|
||||
| Module six | unichr | Builtin-function unichr |
|
||||
| Module six | with_metaclass | Function with_metaclass |
|
||||
| Module six.__init__ | BytesIO | class StringIO |
|
||||
| Module six.__init__ | Iterator | class Iterator |
|
||||
| Module six.__init__ | MAXSIZE | int() |
|
||||
| Module six.__init__ | PY2 | bool True |
|
||||
| Module six.__init__ | PY3 | bool False |
|
||||
| Module six.__init__ | StringIO | class StringIO |
|
||||
| Module six.__init__ | __author__ | str b'Benjamin Peterson <benjamin@python.org>' |
|
||||
| Module six.__init__ | __name__ | str b'six' |
|
||||
| Module six.__init__ | __version__ | str b'1.5.2' |
|
||||
| Module six.__init__ | _add_doc | Function _add_doc |
|
||||
| Module six.__init__ | _func_closure | str b'func_closure' |
|
||||
| Module six.__init__ | _func_code | str b'func_code' |
|
||||
| Module six.__init__ | _func_defaults | str b'func_defaults' |
|
||||
| Module six.__init__ | _func_globals | str b'func_globals' |
|
||||
| Module six.__init__ | _import_module | Function _import_module |
|
||||
| Module six.__init__ | _iteritems | str b'iteritems' |
|
||||
| Module six.__init__ | _iterkeys | str b'iterkeys' |
|
||||
| Module six.__init__ | _iterlists | str b'iterlists' |
|
||||
| Module six.__init__ | _itervalues | str b'itervalues' |
|
||||
| Module six.__init__ | _meth_func | str b'im_func' |
|
||||
| Module six.__init__ | _meth_self | str b'im_self' |
|
||||
| Module six.__init__ | add_metaclass | Function add_metaclass |
|
||||
| Module six.__init__ | add_move | Function add_move |
|
||||
| Module six.__init__ | advance_iterator | Builtin-function next |
|
||||
| Module six.__init__ | b | Function b |
|
||||
| Module six.__init__ | binary_type | builtin-class str |
|
||||
| Module six.__init__ | byte2int | Function byte2int |
|
||||
| Module six.__init__ | callable | Builtin-function callable |
|
||||
| Module six.__init__ | callable | Function callable |
|
||||
| Module six.__init__ | class_types | Tuple |
|
||||
| Module six.__init__ | create_bound_method | Function create_bound_method |
|
||||
| Module six.__init__ | exec_ | Function exec_ |
|
||||
| Module six.__init__ | get_function_closure | Attribute() |
|
||||
| Module six.__init__ | get_function_code | Attribute() |
|
||||
| Module six.__init__ | get_function_defaults | Attribute() |
|
||||
| Module six.__init__ | get_function_globals | Attribute() |
|
||||
| Module six.__init__ | get_method_function | Attribute() |
|
||||
| Module six.__init__ | get_method_self | Attribute() |
|
||||
| Module six.__init__ | get_unbound_function | Function get_unbound_function |
|
||||
| Module six.__init__ | indexbytes | Function indexbytes |
|
||||
| Module six.__init__ | int2byte | Builtin-function chr |
|
||||
| Module six.__init__ | integer_types | Tuple |
|
||||
| Module six.__init__ | iterbytes | Function iterbytes |
|
||||
| Module six.__init__ | iteritems | Function iteritems |
|
||||
| Module six.__init__ | iterkeys | Function iterkeys |
|
||||
| Module six.__init__ | iterlists | Function iterlists |
|
||||
| Module six.__init__ | itervalues | Function itervalues |
|
||||
| Module six.__init__ | moves | Module six.moves |
|
||||
| Module six.__init__ | next | Builtin-function next |
|
||||
| Module six.__init__ | operator | Module operator |
|
||||
| Module six.__init__ | print_ | Function print_ |
|
||||
| Module six.__init__ | remove_move | Function remove_move |
|
||||
| Module six.__init__ | reraise | Function reraise |
|
||||
| Module six.__init__ | string_types | Tuple |
|
||||
| Module six.__init__ | sys | Module sys |
|
||||
| Module six.__init__ | text_type | builtin-class unicode |
|
||||
| Module six.__init__ | types | Module types |
|
||||
| Module six.__init__ | u | Function u |
|
||||
| Module six.__init__ | unichr | Builtin-function unichr |
|
||||
| Module six.__init__ | with_metaclass | Function with_metaclass |
|
||||
| Module six.moves | BaseHTTPServer | Module BaseHTTPServer |
|
||||
| Module six.moves | CGIHTTPServer | Module CGIHTTPServer |
|
||||
| Module six.moves | PY2 | bool True |
|
||||
| Module six.moves | PY3 | bool False |
|
||||
| Module six.moves | SimpleHTTPServer | Module SimpleHTTPServer |
|
||||
| Module six.moves | StringIO | class StringIO |
|
||||
| Module six.moves | UserDict | class UserDict |
|
||||
| Module six.moves | UserList | class UserList |
|
||||
| Module six.moves | UserString | class UserString |
|
||||
| Module six.moves | __name__ | str b'six.moves' |
|
||||
| Module six.moves | _dummy_thread | Module dummy_thread |
|
||||
| Module six.moves | _thread | Module thread |
|
||||
| Module six.moves | builtins | Module __builtin__ |
|
||||
| Module six.moves | cPickle | Module cPickle |
|
||||
| Module six.moves | cStringIO | Builtin-function StringIO |
|
||||
| Module six.moves | configparser | Module ConfigParser |
|
||||
| Module six.moves | copyreg | Module copy_reg |
|
||||
| Module six.moves | filter | builtin-class itertools.ifilter |
|
||||
| Module six.moves | filterfalse | builtin-class itertools.ifilterfalse |
|
||||
| Module six.moves | html_entities | Module htmlentitydefs |
|
||||
| Module six.moves | html_parser | Module HTMLParser |
|
||||
| Module six.moves | http_client | Module httplib |
|
||||
| Module six.moves | http_cookiejar | Module cookielib |
|
||||
| Module six.moves | http_cookies | Module Cookie |
|
||||
| Module six.moves | input | Builtin-function raw_input |
|
||||
| Module six.moves | intern | Builtin-function intern |
|
||||
| Module six.moves | map | builtin-class itertools.imap |
|
||||
| Module six.moves | queue | Module Queue |
|
||||
| Module six.moves | range | builtin-class xrange |
|
||||
| Module six.moves | reduce | Builtin-function reduce |
|
||||
| Module six.moves | reload_module | Builtin-function reload |
|
||||
| Module six.moves | reprlib | Module repr |
|
||||
| Module six.moves | shlex_quote | Function quote |
|
||||
| Module six.moves | socketserver | Module SocketServer |
|
||||
| Module six.moves | tkinter | Module Tkinter |
|
||||
| Module six.moves | tkinter_colorchooser | Module tkColorChooser |
|
||||
| Module six.moves | tkinter_commondialog | Module tkCommonDialog |
|
||||
| Module six.moves | tkinter_constants | Module Tkconstants |
|
||||
| Module six.moves | tkinter_dialog | Module Dialog |
|
||||
| Module six.moves | tkinter_dnd | Module Tkdnd |
|
||||
| Module six.moves | tkinter_filedialog | Module FileDialog |
|
||||
| Module six.moves | tkinter_font | Module tkFont |
|
||||
| Module six.moves | tkinter_messagebox | Module tkMessageBox |
|
||||
| Module six.moves | tkinter_scrolledtext | Module ScrolledText |
|
||||
| Module six.moves | tkinter_simpledialog | Module SimpleDialog |
|
||||
| Module six.moves | tkinter_tix | Module Tix |
|
||||
| Module six.moves | tkinter_tkfiledialog | Module tkFileDialog |
|
||||
| Module six.moves | tkinter_tksimpledialog | Module tkSimpleDialog |
|
||||
| Module six.moves | tkinter_ttk | Module ttk |
|
||||
| Module six.moves | urllib | Module six.moves.urllib |
|
||||
| Module six.moves | urllib_error | Module six.moves.urllib_error |
|
||||
| Module six.moves | urllib_parse | Module six.moves.urllib_parse |
|
||||
| Module six.moves | urllib_request | Module six.moves.urllib_request |
|
||||
| Module six.moves | urllib_response | Module six.moves.urllib_response |
|
||||
| Module six.moves | urllib_robotparser | Module six.moves.urllib_robotparser |
|
||||
| Module six.moves | xmlrpc_client | Module xmlrpclib |
|
||||
| Module six.moves | xmlrpc_server | Module SimpleXMLRPCServer |
|
||||
| Module six.moves | xrange | builtin-class xrange |
|
||||
| Module six.moves | zip | builtin-class itertools.izip |
|
||||
| Module six.moves | zip_longest | builtin-class itertools.izip_longest |
|
||||
| Module six.moves.__init__ | BaseHTTPServer | Module BaseHTTPServer |
|
||||
| Module six.moves.__init__ | CGIHTTPServer | Module CGIHTTPServer |
|
||||
| Module six.moves.__init__ | PY2 | bool True |
|
||||
| Module six.moves.__init__ | PY3 | bool False |
|
||||
| Module six.moves.__init__ | SimpleHTTPServer | Module SimpleHTTPServer |
|
||||
| Module six.moves.__init__ | StringIO | class StringIO |
|
||||
| Module six.moves.__init__ | UserDict | class UserDict |
|
||||
| Module six.moves.__init__ | UserList | class UserList |
|
||||
| Module six.moves.__init__ | UserString | class UserString |
|
||||
| Module six.moves.__init__ | __name__ | str b'six.moves' |
|
||||
| Module six.moves.__init__ | _dummy_thread | Module dummy_thread |
|
||||
| Module six.moves.__init__ | _thread | Module thread |
|
||||
| Module six.moves.__init__ | builtins | Module __builtin__ |
|
||||
| Module six.moves.__init__ | cPickle | Module cPickle |
|
||||
| Module six.moves.__init__ | cStringIO | Builtin-function StringIO |
|
||||
| Module six.moves.__init__ | configparser | Module ConfigParser |
|
||||
| Module six.moves.__init__ | copyreg | Module copy_reg |
|
||||
| Module six.moves.__init__ | filter | builtin-class itertools.ifilter |
|
||||
| Module six.moves.__init__ | filterfalse | builtin-class itertools.ifilterfalse |
|
||||
| Module six.moves.__init__ | html_entities | Module htmlentitydefs |
|
||||
| Module six.moves.__init__ | html_parser | Module HTMLParser |
|
||||
| Module six.moves.__init__ | http_client | Module httplib |
|
||||
| Module six.moves.__init__ | http_cookiejar | Module cookielib |
|
||||
| Module six.moves.__init__ | http_cookies | Module Cookie |
|
||||
| Module six.moves.__init__ | input | Builtin-function raw_input |
|
||||
| Module six.moves.__init__ | intern | Builtin-function intern |
|
||||
| Module six.moves.__init__ | map | builtin-class itertools.imap |
|
||||
| Module six.moves.__init__ | queue | Module Queue |
|
||||
| Module six.moves.__init__ | range | builtin-class xrange |
|
||||
| Module six.moves.__init__ | reduce | Builtin-function reduce |
|
||||
| Module six.moves.__init__ | reload_module | Builtin-function reload |
|
||||
| Module six.moves.__init__ | reprlib | Module repr |
|
||||
| Module six.moves.__init__ | shlex_quote | Function quote |
|
||||
| Module six.moves.__init__ | socketserver | Module SocketServer |
|
||||
| Module six.moves.__init__ | tkinter | Module Tkinter |
|
||||
| Module six.moves.__init__ | tkinter_colorchooser | Module tkColorChooser |
|
||||
| Module six.moves.__init__ | tkinter_commondialog | Module tkCommonDialog |
|
||||
| Module six.moves.__init__ | tkinter_constants | Module Tkconstants |
|
||||
| Module six.moves.__init__ | tkinter_dialog | Module Dialog |
|
||||
| Module six.moves.__init__ | tkinter_dnd | Module Tkdnd |
|
||||
| Module six.moves.__init__ | tkinter_filedialog | Module FileDialog |
|
||||
| Module six.moves.__init__ | tkinter_font | Module tkFont |
|
||||
| Module six.moves.__init__ | tkinter_messagebox | Module tkMessageBox |
|
||||
| Module six.moves.__init__ | tkinter_scrolledtext | Module ScrolledText |
|
||||
| Module six.moves.__init__ | tkinter_simpledialog | Module SimpleDialog |
|
||||
| Module six.moves.__init__ | tkinter_tix | Module Tix |
|
||||
| Module six.moves.__init__ | tkinter_tkfiledialog | Module tkFileDialog |
|
||||
| Module six.moves.__init__ | tkinter_tksimpledialog | Module tkSimpleDialog |
|
||||
| Module six.moves.__init__ | tkinter_ttk | Module ttk |
|
||||
| Module six.moves.__init__ | urllib | Module six.moves.urllib |
|
||||
| Module six.moves.__init__ | urllib_error | Module six.moves.urllib_error |
|
||||
| Module six.moves.__init__ | urllib_parse | Module six.moves.urllib_parse |
|
||||
| Module six.moves.__init__ | urllib_request | Module six.moves.urllib_request |
|
||||
| Module six.moves.__init__ | urllib_response | Module six.moves.urllib_response |
|
||||
| Module six.moves.__init__ | urllib_robotparser | Module six.moves.urllib_robotparser |
|
||||
| Module six.moves.__init__ | xmlrpc_client | Module xmlrpclib |
|
||||
| Module six.moves.__init__ | xmlrpc_server | Module SimpleXMLRPCServer |
|
||||
| Module six.moves.__init__ | xrange | builtin-class xrange |
|
||||
| Module six.moves.__init__ | zip | builtin-class itertools.izip |
|
||||
| Module six.moves.__init__ | zip_longest | builtin-class itertools.izip_longest |
|
||||
| Module six.moves.urllib | __name__ | str b'six.moves.urllib' |
|
||||
| Module six.moves.urllib | error | Module six.moves.urllib_error |
|
||||
| Module six.moves.urllib | parse | Module six.moves.urllib_parse |
|
||||
| Module six.moves.urllib | request | Module six.moves.urllib_request |
|
||||
| Module six.moves.urllib | response | Module six.moves.urllib_response |
|
||||
| Module six.moves.urllib | robotparser | Module six.moves.urllib_robotparser |
|
||||
| Module six.moves.urllib.__init__ | __name__ | str b'six.moves.urllib' |
|
||||
| Module six.moves.urllib.__init__ | error | Module six.moves.urllib_error |
|
||||
| Module six.moves.urllib.__init__ | parse | Module six.moves.urllib_parse |
|
||||
| Module six.moves.urllib.__init__ | request | Module six.moves.urllib_request |
|
||||
| Module six.moves.urllib.__init__ | response | Module six.moves.urllib_response |
|
||||
| Module six.moves.urllib.__init__ | robotparser | Module six.moves.urllib_robotparser |
|
||||
| Module six.moves.urllib_error | PY2 | bool True |
|
||||
| Module six.moves.urllib_error | PY3 | bool False |
|
||||
| Module six.moves.urllib_error | __name__ | str b'six.moves.urllib_error' |
|
||||
| Module six.moves.urllib_parse | PY2 | bool True |
|
||||
| Module six.moves.urllib_parse | PY3 | bool False |
|
||||
| Module six.moves.urllib_parse | __name__ | str b'six.moves.urllib_parse' |
|
||||
| Module six.moves.urllib_request | PY2 | bool True |
|
||||
| Module six.moves.urllib_request | PY3 | bool False |
|
||||
| Module six.moves.urllib_request | __name__ | str b'six.moves.urllib_request' |
|
||||
| Module six.moves.urllib_response | PY2 | bool True |
|
||||
| Module six.moves.urllib_response | PY3 | bool False |
|
||||
| Module six.moves.urllib_response | __name__ | str b'six.moves.urllib_response' |
|
||||
| Module six.moves.urllib_robotparser | PY2 | bool True |
|
||||
| Module six.moves.urllib_robotparser | PY3 | bool False |
|
||||
| Module six.moves.urllib_robotparser | RobotFileParser | class RobotFileParser |
|
||||
| Module six.moves.urllib_robotparser | __name__ | str b'six.moves.urllib_robotparser' |
|
||||
@@ -1,5 +1,9 @@
|
||||
import six
|
||||
|
||||
#Check that some expected attributes are visible
|
||||
# Check that some expected attributes are visible -- this is the reason we added stubs in
|
||||
# the first place! If this works, we're happy!
|
||||
six.moves
|
||||
six.moves.range
|
||||
six.moves.zip
|
||||
six.moves.http_client.HTTPConnection
|
||||
six.moves.urllib.parse.urlsplit
|
||||
|
||||
@@ -1,11 +0,0 @@
|
||||
import python
|
||||
|
||||
predicate six(ModuleObject m) {
|
||||
m.getName() = "six"
|
||||
or
|
||||
six(m.getPackage())
|
||||
}
|
||||
|
||||
from ModuleObject mod, string name, Object obj
|
||||
where mod.attributeRefersTo(name, obj, _) and six(mod)
|
||||
select mod.toString(), name, obj.toString()
|
||||
@@ -1,2 +1,2 @@
|
||||
semmle-extractor-options: --lang=3 --max-import-depth=3
|
||||
semmle-extractor-options: --lang=3 --max-import-depth=4
|
||||
optimize: true
|
||||
|
||||
@@ -1,3 +1,9 @@
|
||||
| six | Module six |
|
||||
| six.moves | Module six.moves |
|
||||
| six | Package six |
|
||||
| six.moves | Package six.moves |
|
||||
| six.moves.http_client | Module http.client |
|
||||
| six.moves.http_client.HTTPConnection | class HTTPConnection |
|
||||
| six.moves.range | builtin-class range |
|
||||
| six.moves.urllib | Package six.moves.urllib |
|
||||
| six.moves.urllib.parse | Module six.moves.urllib_parse |
|
||||
| six.moves.urllib.parse.urlsplit | Function urlsplit |
|
||||
| six.moves.zip | builtin-class zip |
|
||||
|
||||
@@ -1,16 +1,11 @@
|
||||
|
||||
import python
|
||||
|
||||
string longname(Expr e) {
|
||||
result = e.(Name).getId()
|
||||
or
|
||||
exists(Attribute a |
|
||||
a = e |
|
||||
result = longname(a.getObject()) + "." + a.getName()
|
||||
)
|
||||
exists(Attribute a | a = e | result = longname(a.getObject()) + "." + a.getName())
|
||||
}
|
||||
|
||||
from Expr e, Object o
|
||||
where e.refersTo(o) and e.getLocation().getFile().getShortName() = "test.py"
|
||||
select longname(e), o.toString()
|
||||
|
||||
from Expr e, Value v
|
||||
where e.pointsTo(v) and e.getLocation().getFile().getShortName() = "test.py"
|
||||
select longname(e), v.toString()
|
||||
|
||||
@@ -1,262 +0,0 @@
|
||||
| Module six | BytesIO | builtin-class _io.BytesIO |
|
||||
| Module six | Iterator | builtin-class object |
|
||||
| Module six | MAXSIZE | int 9223372036854775807 |
|
||||
| Module six | PY2 | bool False |
|
||||
| Module six | PY3 | bool True |
|
||||
| Module six | StringIO | builtin-class _io.StringIO |
|
||||
| Module six | __author__ | str u'Benjamin Peterson <benjamin@python.org>' |
|
||||
| Module six | __name__ | str u'six' |
|
||||
| Module six | __version__ | str u'1.5.2' |
|
||||
| Module six | _add_doc | Function _add_doc |
|
||||
| Module six | _func_closure | str u'__closure__' |
|
||||
| Module six | _func_code | str u'__code__' |
|
||||
| Module six | _func_defaults | str u'__defaults__' |
|
||||
| Module six | _func_globals | str u'__globals__' |
|
||||
| Module six | _import_module | Function _import_module |
|
||||
| Module six | _iteritems | str u'items' |
|
||||
| Module six | _iterkeys | str u'keys' |
|
||||
| Module six | _iterlists | str u'lists' |
|
||||
| Module six | _itervalues | str u'values' |
|
||||
| Module six | _meth_func | str u'__func__' |
|
||||
| Module six | _meth_self | str u'__self__' |
|
||||
| Module six | add_metaclass | Function add_metaclass |
|
||||
| Module six | add_move | Function add_move |
|
||||
| Module six | advance_iterator | Builtin-function next |
|
||||
| Module six | b | Function b |
|
||||
| Module six | binary_type | builtin-class bytes |
|
||||
| Module six | byte2int | Function byte2int |
|
||||
| Module six | callable | Builtin-function callable |
|
||||
| Module six | callable | Function callable |
|
||||
| Module six | class_types | Tuple |
|
||||
| Module six | create_bound_method | builtin-class method |
|
||||
| Module six | get_function_closure | Attribute() |
|
||||
| Module six | get_function_code | Attribute() |
|
||||
| Module six | get_function_defaults | Attribute() |
|
||||
| Module six | get_function_globals | Attribute() |
|
||||
| Module six | get_method_function | Attribute() |
|
||||
| Module six | get_method_self | Attribute() |
|
||||
| Module six | get_unbound_function | Function get_unbound_function |
|
||||
| Module six | indexbytes | Builtin-function getitem |
|
||||
| Module six | int2byte | Function int2byte |
|
||||
| Module six | integer_types | Tuple |
|
||||
| Module six | io | Module io |
|
||||
| Module six | iterbytes | Builtin-function iter |
|
||||
| Module six | iteritems | Function iteritems |
|
||||
| Module six | iterkeys | Function iterkeys |
|
||||
| Module six | iterlists | Function iterlists |
|
||||
| Module six | itervalues | Function itervalues |
|
||||
| Module six | moves | Module six.moves |
|
||||
| Module six | next | Builtin-function next |
|
||||
| Module six | operator | Module operator |
|
||||
| Module six | print_ | Function print_ |
|
||||
| Module six | remove_move | Function remove_move |
|
||||
| Module six | reraise | Function reraise |
|
||||
| Module six | string_types | Tuple |
|
||||
| Module six | sys | Module sys |
|
||||
| Module six | text_type | builtin-class str |
|
||||
| Module six | types | Module types |
|
||||
| Module six | u | Function u |
|
||||
| Module six | unichr | Builtin-function chr |
|
||||
| Module six | with_metaclass | Function with_metaclass |
|
||||
| Module six.__init__ | BytesIO | builtin-class _io.BytesIO |
|
||||
| Module six.__init__ | Iterator | builtin-class object |
|
||||
| Module six.__init__ | MAXSIZE | int 9223372036854775807 |
|
||||
| Module six.__init__ | PY2 | bool False |
|
||||
| Module six.__init__ | PY3 | bool True |
|
||||
| Module six.__init__ | StringIO | builtin-class _io.StringIO |
|
||||
| Module six.__init__ | __author__ | str u'Benjamin Peterson <benjamin@python.org>' |
|
||||
| Module six.__init__ | __name__ | str u'six' |
|
||||
| Module six.__init__ | __version__ | str u'1.5.2' |
|
||||
| Module six.__init__ | _add_doc | Function _add_doc |
|
||||
| Module six.__init__ | _func_closure | str u'__closure__' |
|
||||
| Module six.__init__ | _func_code | str u'__code__' |
|
||||
| Module six.__init__ | _func_defaults | str u'__defaults__' |
|
||||
| Module six.__init__ | _func_globals | str u'__globals__' |
|
||||
| Module six.__init__ | _import_module | Function _import_module |
|
||||
| Module six.__init__ | _iteritems | str u'items' |
|
||||
| Module six.__init__ | _iterkeys | str u'keys' |
|
||||
| Module six.__init__ | _iterlists | str u'lists' |
|
||||
| Module six.__init__ | _itervalues | str u'values' |
|
||||
| Module six.__init__ | _meth_func | str u'__func__' |
|
||||
| Module six.__init__ | _meth_self | str u'__self__' |
|
||||
| Module six.__init__ | add_metaclass | Function add_metaclass |
|
||||
| Module six.__init__ | add_move | Function add_move |
|
||||
| Module six.__init__ | advance_iterator | Builtin-function next |
|
||||
| Module six.__init__ | b | Function b |
|
||||
| Module six.__init__ | binary_type | builtin-class bytes |
|
||||
| Module six.__init__ | byte2int | Function byte2int |
|
||||
| Module six.__init__ | callable | Builtin-function callable |
|
||||
| Module six.__init__ | callable | Function callable |
|
||||
| Module six.__init__ | class_types | Tuple |
|
||||
| Module six.__init__ | create_bound_method | builtin-class method |
|
||||
| Module six.__init__ | get_function_closure | Attribute() |
|
||||
| Module six.__init__ | get_function_code | Attribute() |
|
||||
| Module six.__init__ | get_function_defaults | Attribute() |
|
||||
| Module six.__init__ | get_function_globals | Attribute() |
|
||||
| Module six.__init__ | get_method_function | Attribute() |
|
||||
| Module six.__init__ | get_method_self | Attribute() |
|
||||
| Module six.__init__ | get_unbound_function | Function get_unbound_function |
|
||||
| Module six.__init__ | indexbytes | Builtin-function getitem |
|
||||
| Module six.__init__ | int2byte | Function int2byte |
|
||||
| Module six.__init__ | integer_types | Tuple |
|
||||
| Module six.__init__ | io | Module io |
|
||||
| Module six.__init__ | iterbytes | Builtin-function iter |
|
||||
| Module six.__init__ | iteritems | Function iteritems |
|
||||
| Module six.__init__ | iterkeys | Function iterkeys |
|
||||
| Module six.__init__ | iterlists | Function iterlists |
|
||||
| Module six.__init__ | itervalues | Function itervalues |
|
||||
| Module six.__init__ | moves | Module six.moves |
|
||||
| Module six.__init__ | next | Builtin-function next |
|
||||
| Module six.__init__ | operator | Module operator |
|
||||
| Module six.__init__ | print_ | Function print_ |
|
||||
| Module six.__init__ | remove_move | Function remove_move |
|
||||
| Module six.__init__ | reraise | Function reraise |
|
||||
| Module six.__init__ | string_types | Tuple |
|
||||
| Module six.__init__ | sys | Module sys |
|
||||
| Module six.__init__ | text_type | builtin-class str |
|
||||
| Module six.__init__ | types | Module types |
|
||||
| Module six.__init__ | u | Function u |
|
||||
| Module six.__init__ | unichr | Builtin-function chr |
|
||||
| Module six.__init__ | with_metaclass | Function with_metaclass |
|
||||
| Module six.moves | BaseHTTPServer | Module http.server |
|
||||
| Module six.moves | CGIHTTPServer | Module http.server |
|
||||
| Module six.moves | PY2 | bool False |
|
||||
| Module six.moves | PY3 | bool True |
|
||||
| Module six.moves | SimpleHTTPServer | Module http.server |
|
||||
| Module six.moves | StringIO | builtin-class _io.StringIO |
|
||||
| Module six.moves | UserString | class UserString |
|
||||
| Module six.moves | __name__ | str u'six.moves' |
|
||||
| Module six.moves | _thread | Module _thread |
|
||||
| Module six.moves | builtins | Module builtins |
|
||||
| Module six.moves | cPickle | Module pickle |
|
||||
| Module six.moves | cStringIO | builtin-class _io.StringIO |
|
||||
| Module six.moves | configparser | Module configparser |
|
||||
| Module six.moves | copyreg | Module copyreg |
|
||||
| Module six.moves | dbm_gnu | Module dbm.gnu |
|
||||
| Module six.moves | email_mime_base | Module email.mime.base |
|
||||
| Module six.moves | email_mime_multipart | Module email.mime.multipart |
|
||||
| Module six.moves | email_mime_text | Module email.mime.text |
|
||||
| Module six.moves | filter | builtin-class filter |
|
||||
| Module six.moves | filterfalse | builtin-class itertools.filterfalse |
|
||||
| Module six.moves | html_entities | Module html.entities |
|
||||
| Module six.moves | html_parser | Module html.parser |
|
||||
| Module six.moves | http_client | Module http.client |
|
||||
| Module six.moves | http_cookiejar | Module http.cookiejar |
|
||||
| Module six.moves | http_cookies | Module http.cookies |
|
||||
| Module six.moves | input | Builtin-function input |
|
||||
| Module six.moves | map | builtin-class map |
|
||||
| Module six.moves | queue | Module queue |
|
||||
| Module six.moves | range | builtin-class range |
|
||||
| Module six.moves | reload_module | Function reload |
|
||||
| Module six.moves | reprlib | Module reprlib |
|
||||
| Module six.moves | socketserver | Module socketserver |
|
||||
| Module six.moves | tkinter | Module tkinter |
|
||||
| Module six.moves | tkinter_colorchooser | Module tkinter.colorchooser |
|
||||
| Module six.moves | tkinter_commondialog | Module tkinter.commondialog |
|
||||
| Module six.moves | tkinter_constants | Module tkinter.constants |
|
||||
| Module six.moves | tkinter_dialog | Module tkinter.dialog |
|
||||
| Module six.moves | tkinter_dnd | Module tkinter.dnd |
|
||||
| Module six.moves | tkinter_filedialog | Module tkinter.filedialog |
|
||||
| Module six.moves | tkinter_font | Module tkinter.font |
|
||||
| Module six.moves | tkinter_messagebox | Module tkinter.messagebox |
|
||||
| Module six.moves | tkinter_scrolledtext | Module tkinter.scrolledtext |
|
||||
| Module six.moves | tkinter_simpledialog | Module tkinter.simpledialog |
|
||||
| Module six.moves | tkinter_tix | Module tkinter.tix |
|
||||
| Module six.moves | tkinter_tkfiledialog | Module tkinter.filedialog |
|
||||
| Module six.moves | tkinter_tksimpledialog | Module tkinter.simpledialog |
|
||||
| Module six.moves | tkinter_ttk | Module tkinter.ttk |
|
||||
| Module six.moves | urllib | Module six.moves.urllib |
|
||||
| Module six.moves | urllib_error | Module six.moves.urllib_error |
|
||||
| Module six.moves | urllib_parse | Module six.moves.urllib_parse |
|
||||
| Module six.moves | urllib_request | Module six.moves.urllib_request |
|
||||
| Module six.moves | urllib_response | Module six.moves.urllib_response |
|
||||
| Module six.moves | urllib_robotparser | Module six.moves.urllib_robotparser |
|
||||
| Module six.moves | xmlrpc_client | Module xmlrpc.client |
|
||||
| Module six.moves | xrange | builtin-class range |
|
||||
| Module six.moves | zip | builtin-class zip |
|
||||
| Module six.moves | zip_longest | builtin-class itertools.zip_longest |
|
||||
| Module six.moves.__init__ | BaseHTTPServer | Module http.server |
|
||||
| Module six.moves.__init__ | CGIHTTPServer | Module http.server |
|
||||
| Module six.moves.__init__ | PY2 | bool False |
|
||||
| Module six.moves.__init__ | PY3 | bool True |
|
||||
| Module six.moves.__init__ | SimpleHTTPServer | Module http.server |
|
||||
| Module six.moves.__init__ | StringIO | builtin-class _io.StringIO |
|
||||
| Module six.moves.__init__ | UserString | class UserString |
|
||||
| Module six.moves.__init__ | __name__ | str u'six.moves' |
|
||||
| Module six.moves.__init__ | _thread | Module _thread |
|
||||
| Module six.moves.__init__ | builtins | Module builtins |
|
||||
| Module six.moves.__init__ | cPickle | Module pickle |
|
||||
| Module six.moves.__init__ | cStringIO | builtin-class _io.StringIO |
|
||||
| Module six.moves.__init__ | configparser | Module configparser |
|
||||
| Module six.moves.__init__ | copyreg | Module copyreg |
|
||||
| Module six.moves.__init__ | dbm_gnu | Module dbm.gnu |
|
||||
| Module six.moves.__init__ | email_mime_base | Module email.mime.base |
|
||||
| Module six.moves.__init__ | email_mime_multipart | Module email.mime.multipart |
|
||||
| Module six.moves.__init__ | email_mime_text | Module email.mime.text |
|
||||
| Module six.moves.__init__ | filter | builtin-class filter |
|
||||
| Module six.moves.__init__ | filterfalse | builtin-class itertools.filterfalse |
|
||||
| Module six.moves.__init__ | html_entities | Module html.entities |
|
||||
| Module six.moves.__init__ | html_parser | Module html.parser |
|
||||
| Module six.moves.__init__ | http_client | Module http.client |
|
||||
| Module six.moves.__init__ | http_cookiejar | Module http.cookiejar |
|
||||
| Module six.moves.__init__ | http_cookies | Module http.cookies |
|
||||
| Module six.moves.__init__ | input | Builtin-function input |
|
||||
| Module six.moves.__init__ | map | builtin-class map |
|
||||
| Module six.moves.__init__ | queue | Module queue |
|
||||
| Module six.moves.__init__ | range | builtin-class range |
|
||||
| Module six.moves.__init__ | reload_module | Function reload |
|
||||
| Module six.moves.__init__ | reprlib | Module reprlib |
|
||||
| Module six.moves.__init__ | socketserver | Module socketserver |
|
||||
| Module six.moves.__init__ | tkinter | Module tkinter |
|
||||
| Module six.moves.__init__ | tkinter_colorchooser | Module tkinter.colorchooser |
|
||||
| Module six.moves.__init__ | tkinter_commondialog | Module tkinter.commondialog |
|
||||
| Module six.moves.__init__ | tkinter_constants | Module tkinter.constants |
|
||||
| Module six.moves.__init__ | tkinter_dialog | Module tkinter.dialog |
|
||||
| Module six.moves.__init__ | tkinter_dnd | Module tkinter.dnd |
|
||||
| Module six.moves.__init__ | tkinter_filedialog | Module tkinter.filedialog |
|
||||
| Module six.moves.__init__ | tkinter_font | Module tkinter.font |
|
||||
| Module six.moves.__init__ | tkinter_messagebox | Module tkinter.messagebox |
|
||||
| Module six.moves.__init__ | tkinter_scrolledtext | Module tkinter.scrolledtext |
|
||||
| Module six.moves.__init__ | tkinter_simpledialog | Module tkinter.simpledialog |
|
||||
| Module six.moves.__init__ | tkinter_tix | Module tkinter.tix |
|
||||
| Module six.moves.__init__ | tkinter_tkfiledialog | Module tkinter.filedialog |
|
||||
| Module six.moves.__init__ | tkinter_tksimpledialog | Module tkinter.simpledialog |
|
||||
| Module six.moves.__init__ | tkinter_ttk | Module tkinter.ttk |
|
||||
| Module six.moves.__init__ | urllib | Module six.moves.urllib |
|
||||
| Module six.moves.__init__ | urllib_error | Module six.moves.urllib_error |
|
||||
| Module six.moves.__init__ | urllib_parse | Module six.moves.urllib_parse |
|
||||
| Module six.moves.__init__ | urllib_request | Module six.moves.urllib_request |
|
||||
| Module six.moves.__init__ | urllib_response | Module six.moves.urllib_response |
|
||||
| Module six.moves.__init__ | urllib_robotparser | Module six.moves.urllib_robotparser |
|
||||
| Module six.moves.__init__ | xmlrpc_client | Module xmlrpc.client |
|
||||
| Module six.moves.__init__ | xrange | builtin-class range |
|
||||
| Module six.moves.__init__ | zip | builtin-class zip |
|
||||
| Module six.moves.__init__ | zip_longest | builtin-class itertools.zip_longest |
|
||||
| Module six.moves.urllib | __name__ | str u'six.moves.urllib' |
|
||||
| Module six.moves.urllib | error | Module six.moves.urllib_error |
|
||||
| Module six.moves.urllib | parse | Module six.moves.urllib_parse |
|
||||
| Module six.moves.urllib | request | Module six.moves.urllib_request |
|
||||
| Module six.moves.urllib | response | Module six.moves.urllib_response |
|
||||
| Module six.moves.urllib | robotparser | Module six.moves.urllib_robotparser |
|
||||
| Module six.moves.urllib.__init__ | __name__ | str u'six.moves.urllib' |
|
||||
| Module six.moves.urllib.__init__ | error | Module six.moves.urllib_error |
|
||||
| Module six.moves.urllib.__init__ | parse | Module six.moves.urllib_parse |
|
||||
| Module six.moves.urllib.__init__ | request | Module six.moves.urllib_request |
|
||||
| Module six.moves.urllib.__init__ | response | Module six.moves.urllib_response |
|
||||
| Module six.moves.urllib.__init__ | robotparser | Module six.moves.urllib_robotparser |
|
||||
| Module six.moves.urllib_error | PY2 | bool False |
|
||||
| Module six.moves.urllib_error | PY3 | bool True |
|
||||
| Module six.moves.urllib_error | __name__ | str u'six.moves.urllib_error' |
|
||||
| Module six.moves.urllib_parse | PY2 | bool False |
|
||||
| Module six.moves.urllib_parse | PY3 | bool True |
|
||||
| Module six.moves.urllib_parse | __name__ | str u'six.moves.urllib_parse' |
|
||||
| Module six.moves.urllib_request | PY2 | bool False |
|
||||
| Module six.moves.urllib_request | PY3 | bool True |
|
||||
| Module six.moves.urllib_request | __name__ | str u'six.moves.urllib_request' |
|
||||
| Module six.moves.urllib_response | PY2 | bool False |
|
||||
| Module six.moves.urllib_response | PY3 | bool True |
|
||||
| Module six.moves.urllib_response | __name__ | str u'six.moves.urllib_response' |
|
||||
| Module six.moves.urllib_robotparser | PY2 | bool False |
|
||||
| Module six.moves.urllib_robotparser | PY3 | bool True |
|
||||
| Module six.moves.urllib_robotparser | RobotFileParser | class RobotFileParser |
|
||||
| Module six.moves.urllib_robotparser | __name__ | str u'six.moves.urllib_robotparser' |
|
||||
@@ -1,5 +1,9 @@
|
||||
import six
|
||||
|
||||
#Check that some expected attributes are visible
|
||||
# Check that some expected attributes are visible -- this is the reason we added stubs in
|
||||
# the first place! If this works, we're happy!
|
||||
six.moves
|
||||
six.moves.range
|
||||
six.moves.range
|
||||
six.moves.zip
|
||||
six.moves.http_client.HTTPConnection
|
||||
six.moves.urllib.parse.urlsplit
|
||||
|
||||
@@ -1,11 +0,0 @@
|
||||
import python
|
||||
|
||||
predicate six(ModuleObject m) {
|
||||
m.getName() = "six"
|
||||
or
|
||||
six(m.getPackage())
|
||||
}
|
||||
|
||||
from ModuleObject mod, string name, Object obj
|
||||
where mod.attributeRefersTo(name, obj, _) and six(mod)
|
||||
select mod.toString(), name, obj.toString()
|
||||
@@ -0,0 +1,4 @@
|
||||
| test.py:9:12:9:26 | bottle handler function result | externally controlled string |
|
||||
| test.py:13:12:13:24 | bottle handler function result | externally controlled string |
|
||||
| test.py:19:12:19:33 | bottle handler function result | externally controlled string |
|
||||
| test.py:36:21:36:51 | Taint sink | externally controlled string |
|
||||
@@ -0,0 +1,7 @@
|
||||
import python
|
||||
import semmle.python.web.HttpResponse
|
||||
import semmle.python.security.strings.Untrusted
|
||||
|
||||
from HttpResponseTaintSink sink, TaintKind kind
|
||||
where sink.sinks(kind)
|
||||
select sink, kind
|
||||
@@ -0,0 +1,8 @@
|
||||
| ../../../query-tests/Security/lib/bottle.py:64:11:64:24 | LocalRequest() | bottle.request |
|
||||
| test.py:3:35:3:41 | ImportMember | bottle.request |
|
||||
| test.py:8:11:8:14 | name | externally controlled string |
|
||||
| test.py:12:9:12:12 | name | externally controlled string |
|
||||
| test.py:18:12:18:18 | request | bottle.request |
|
||||
| test.py:27:12:27:16 | where | externally controlled string |
|
||||
| test.py:32:14:32:20 | request | bottle.request |
|
||||
| test.py:36:34:36:40 | request | bottle.request |
|
||||
7
python/ql/test/library-tests/web/bottle/HttpSources.ql
Normal file
7
python/ql/test/library-tests/web/bottle/HttpSources.ql
Normal file
@@ -0,0 +1,7 @@
|
||||
import python
|
||||
import semmle.python.web.HttpRequest
|
||||
import semmle.python.security.strings.Untrusted
|
||||
|
||||
from HttpRequestTaintSource source, TaintKind kind
|
||||
where source.isSourceOf(kind)
|
||||
select source.(ControlFlowNode).getNode(), kind
|
||||
@@ -1,7 +1,5 @@
|
||||
import python
|
||||
|
||||
import semmle.python.web.bottle.General
|
||||
|
||||
from BottleRoute route
|
||||
|
||||
select route.getUrl(), route.getFunction()
|
||||
|
||||
@@ -1,4 +0,0 @@
|
||||
| test.py:9 | BinaryExpr | externally controlled string |
|
||||
| test.py:13 | BinaryExpr | externally controlled string |
|
||||
| test.py:19 | BinaryExpr | externally controlled string |
|
||||
| test.py:36 | BinaryExpr | externally controlled string |
|
||||
@@ -1,10 +0,0 @@
|
||||
|
||||
import python
|
||||
|
||||
import semmle.python.web.HttpRequest
|
||||
import semmle.python.web.HttpResponse
|
||||
import semmle.python.security.strings.Untrusted
|
||||
|
||||
from TaintSink sink, TaintKind kind
|
||||
where sink.sinks(kind)
|
||||
select sink.getLocation().toString(), sink.(ControlFlowNode).getNode().toString(), kind
|
||||
@@ -1,8 +0,0 @@
|
||||
| ../../../query-tests/Security/lib/bottle.py:64 | LocalRequest() | bottle.request |
|
||||
| test.py:3 | ImportMember | bottle.request |
|
||||
| test.py:8 | name | externally controlled string |
|
||||
| test.py:12 | name | externally controlled string |
|
||||
| test.py:18 | request | bottle.request |
|
||||
| test.py:27 | where | externally controlled string |
|
||||
| test.py:32 | request | bottle.request |
|
||||
| test.py:36 | request | bottle.request |
|
||||
@@ -1,10 +0,0 @@
|
||||
|
||||
import python
|
||||
|
||||
import semmle.python.web.HttpRequest
|
||||
import semmle.python.security.strings.Untrusted
|
||||
|
||||
|
||||
from TaintSource src, TaintKind kind
|
||||
where src.isSourceOf(kind) and not kind.matches("tornado%")
|
||||
select src.getLocation().toString(), src.(ControlFlowNode).getNode().toString(), kind
|
||||
@@ -1,13 +1,7 @@
|
||||
|
||||
import python
|
||||
|
||||
|
||||
import semmle.python.web.HttpRequest
|
||||
import semmle.python.web.HttpResponse
|
||||
import semmle.python.security.strings.Untrusted
|
||||
|
||||
|
||||
from TaintedNode node
|
||||
|
||||
select node.getLocation().toString(), node.getAstNode().toString(), node.getTaintKind()
|
||||
|
||||
|
||||
@@ -0,0 +1,3 @@
|
||||
| red.py:8:16:8:20 | cherrypy handler function result | externally controlled string |
|
||||
| test.py:11:16:11:29 | cherrypy handler function result | externally controlled string |
|
||||
| test.py:17:16:17:27 | cherrypy handler function result | externally controlled string |
|
||||
@@ -0,0 +1,7 @@
|
||||
import python
|
||||
import semmle.python.web.HttpResponse
|
||||
import semmle.python.security.strings.Untrusted
|
||||
|
||||
from HttpResponseTaintSink sink, TaintKind kind
|
||||
where sink.sinks(kind)
|
||||
select sink, kind
|
||||
@@ -0,0 +1,3 @@
|
||||
| ../../../query-tests/Security/lib/cherrypy/__init__.py:10:11:10:38 | _ThreadLocalProxy() | cherrypy.request |
|
||||
| test.py:10:17:10:19 | arg | externally controlled string |
|
||||
| test.py:16:17:16:19 | arg | externally controlled string |
|
||||
7
python/ql/test/library-tests/web/cherrypy/HttpSources.ql
Normal file
7
python/ql/test/library-tests/web/cherrypy/HttpSources.ql
Normal file
@@ -0,0 +1,7 @@
|
||||
import python
|
||||
import semmle.python.web.HttpRequest
|
||||
import semmle.python.security.strings.Untrusted
|
||||
|
||||
from HttpRequestTaintSource source, TaintKind kind
|
||||
where source.isSourceOf(kind)
|
||||
select source.(ControlFlowNode).getNode(), kind
|
||||
@@ -1,3 +0,0 @@
|
||||
| red.py:8 | Str | externally controlled string |
|
||||
| test.py:11 | BinaryExpr | externally controlled string |
|
||||
| test.py:17 | BinaryExpr | externally controlled string |
|
||||
@@ -1,10 +0,0 @@
|
||||
|
||||
import python
|
||||
|
||||
import semmle.python.web.HttpRequest
|
||||
import semmle.python.web.HttpResponse
|
||||
import semmle.python.security.strings.Untrusted
|
||||
|
||||
from TaintSink sink, TaintKind kind
|
||||
where sink.sinks(kind)
|
||||
select sink.getLocation().toString(), sink.(ControlFlowNode).getNode().toString(), kind
|
||||
@@ -1,3 +0,0 @@
|
||||
| ../../../query-tests/Security/lib/cherrypy/__init__.py:10 | _ThreadLocalProxy() | cherrypy.request |
|
||||
| test.py:10 | arg | externally controlled string |
|
||||
| test.py:16 | arg | externally controlled string |
|
||||
@@ -1,10 +0,0 @@
|
||||
|
||||
import python
|
||||
|
||||
import semmle.python.web.HttpRequest
|
||||
import semmle.python.security.strings.Untrusted
|
||||
|
||||
|
||||
from TaintSource src, TaintKind kind
|
||||
where src.isSourceOf(kind) and not kind.matches("tornado%")
|
||||
select src.getLocation().toString(), src.(ControlFlowNode).getNode().toString(), kind
|
||||
@@ -0,0 +1,7 @@
|
||||
| views.py:7:25:7:63 | django.Response(...) | externally controlled string |
|
||||
| views.py:11:25:11:52 | django.Response(...) | externally controlled string |
|
||||
| views.py:15:25:15:53 | django.Response(...) | externally controlled string |
|
||||
| views.py:23:29:23:60 | django.Response(...) | externally controlled string |
|
||||
| views.py:29:29:29:65 | django.Response(...) | externally controlled string |
|
||||
| views.py:34:25:34:63 | django.Response(...) | externally controlled string |
|
||||
| views.py:38:25:38:70 | django.Response(...) | externally controlled string |
|
||||
@@ -0,0 +1,7 @@
|
||||
import python
|
||||
import semmle.python.web.HttpResponse
|
||||
import semmle.python.security.strings.Untrusted
|
||||
|
||||
from HttpResponseTaintSink sink, TaintKind kind
|
||||
where sink.sinks(kind)
|
||||
select sink, kind
|
||||
19
python/ql/test/library-tests/web/django/HttpSources.expected
Normal file
19
python/ql/test/library-tests/web/django/HttpSources.expected
Normal file
@@ -0,0 +1,19 @@
|
||||
| test.py:5:19:5:25 | request | django.request.HttpRequest |
|
||||
| test.py:5:28:5:31 | path | externally controlled string |
|
||||
| test.py:11:19:11:25 | request | django.request.HttpRequest |
|
||||
| test.py:11:28:11:31 | path | externally controlled string |
|
||||
| views.py:6:19:6:25 | request | django.request.HttpRequest |
|
||||
| views.py:6:28:6:30 | foo | externally controlled string |
|
||||
| views.py:6:33:6:35 | bar | externally controlled string |
|
||||
| views.py:10:20:10:26 | request | django.request.HttpRequest |
|
||||
| views.py:14:21:14:27 | request | django.request.HttpRequest |
|
||||
| views.py:22:20:22:26 | request | django.request.HttpRequest |
|
||||
| views.py:28:19:28:25 | request | django.request.HttpRequest |
|
||||
| views.py:32:19:32:25 | request | django.request.HttpRequest |
|
||||
| views.py:32:28:32:38 | page_number | externally controlled string |
|
||||
| views.py:37:24:37:30 | request | django.request.HttpRequest |
|
||||
| views.py:37:33:37:36 | arg0 | externally controlled string |
|
||||
| views.py:37:39:37:42 | arg1 | externally controlled string |
|
||||
| views.py:57:15:57:21 | request | django.request.HttpRequest |
|
||||
| views.py:57:24:57:31 | username | externally controlled string |
|
||||
| views.py:66:30:66:36 | request | django.request.HttpRequest |
|
||||
7
python/ql/test/library-tests/web/django/HttpSources.ql
Normal file
7
python/ql/test/library-tests/web/django/HttpSources.ql
Normal file
@@ -0,0 +1,7 @@
|
||||
import python
|
||||
import semmle.python.web.HttpRequest
|
||||
import semmle.python.security.strings.Untrusted
|
||||
|
||||
from HttpRequestTaintSource source, TaintKind kind
|
||||
where source.isSourceOf(kind)
|
||||
select source.(ControlFlowNode).getNode(), kind
|
||||
@@ -1,16 +0,0 @@
|
||||
| sql.py:13 | Str | externally controlled string |
|
||||
| sql.py:14 | Str | externally controlled string |
|
||||
| sql.py:17 | BinaryExpr | externally controlled string |
|
||||
| sql.py:20 | BinaryExpr | externally controlled string |
|
||||
| sql.py:21 | BinaryExpr | externally controlled string |
|
||||
| sql.py:22 | BinaryExpr | externally controlled string |
|
||||
| sql.py:36 | Str | externally controlled string |
|
||||
| sql.py:42 | BinaryExpr | externally controlled string |
|
||||
| sql.py:47 | BinaryExpr | externally controlled string |
|
||||
| views.py:7 | Attribute() | externally controlled string |
|
||||
| views.py:11 | Attribute() | externally controlled string |
|
||||
| views.py:15 | Attribute() | externally controlled string |
|
||||
| views.py:23 | Attribute() | externally controlled string |
|
||||
| views.py:29 | Attribute() | externally controlled string |
|
||||
| views.py:34 | Attribute() | externally controlled string |
|
||||
| views.py:38 | Attribute() | externally controlled string |
|
||||
@@ -1,13 +0,0 @@
|
||||
|
||||
import python
|
||||
|
||||
import semmle.python.web.HttpRequest
|
||||
import semmle.python.web.HttpResponse
|
||||
import semmle.python.web.django.Db
|
||||
import semmle.python.web.django.Model
|
||||
|
||||
import semmle.python.security.strings.Untrusted
|
||||
|
||||
from TaintSink sink, TaintKind kind
|
||||
where sink.sinks(kind)
|
||||
select sink.getLocation().toString(), sink.(ControlFlowNode).getNode().toString(), kind
|
||||
@@ -1,19 +0,0 @@
|
||||
| test.py:5 | path | externally controlled string |
|
||||
| test.py:5 | request | django.request.HttpRequest |
|
||||
| test.py:11 | path | externally controlled string |
|
||||
| test.py:11 | request | django.request.HttpRequest |
|
||||
| views.py:6 | bar | externally controlled string |
|
||||
| views.py:6 | foo | externally controlled string |
|
||||
| views.py:6 | request | django.request.HttpRequest |
|
||||
| views.py:10 | request | django.request.HttpRequest |
|
||||
| views.py:14 | request | django.request.HttpRequest |
|
||||
| views.py:22 | request | django.request.HttpRequest |
|
||||
| views.py:28 | request | django.request.HttpRequest |
|
||||
| views.py:32 | page_number | externally controlled string |
|
||||
| views.py:32 | request | django.request.HttpRequest |
|
||||
| views.py:37 | arg0 | externally controlled string |
|
||||
| views.py:37 | arg1 | externally controlled string |
|
||||
| views.py:37 | request | django.request.HttpRequest |
|
||||
| views.py:57 | request | django.request.HttpRequest |
|
||||
| views.py:57 | username | externally controlled string |
|
||||
| views.py:66 | request | django.request.HttpRequest |
|
||||
@@ -1,10 +0,0 @@
|
||||
|
||||
import python
|
||||
|
||||
import semmle.python.web.HttpRequest
|
||||
import semmle.python.security.strings.Untrusted
|
||||
|
||||
|
||||
from TaintSource src, TaintKind kind
|
||||
where src.isSourceOf(kind)
|
||||
select src.getLocation().toString(), src.(ControlFlowNode).getNode().toString(), kind
|
||||
@@ -0,0 +1,9 @@
|
||||
| sql.py:13:24:13:64 | db.connection.execute | externally controlled string |
|
||||
| sql.py:14:26:14:66 | django.models.QuerySet.raw(sink,...) | externally controlled string |
|
||||
| sql.py:17:24:17:77 | db.connection.execute | externally controlled string |
|
||||
| sql.py:20:38:20:95 | django.db.models.expressions.RawSQL(sink,...) | externally controlled string |
|
||||
| sql.py:21:26:21:83 | django.models.QuerySet.raw(sink,...) | externally controlled string |
|
||||
| sql.py:22:28:22:85 | django.models.QuerySet.extra(sink,...) | externally controlled string |
|
||||
| sql.py:36:26:36:68 | django.models.QuerySet.raw(sink,...) | externally controlled string |
|
||||
| sql.py:42:11:42:52 | django.models.QuerySet.raw(sink,...) | externally controlled string |
|
||||
| sql.py:47:13:47:54 | django.models.QuerySet.extra(sink,...) | externally controlled string |
|
||||
@@ -0,0 +1,9 @@
|
||||
import python
|
||||
import semmle.python.security.injection.Sql
|
||||
import semmle.python.web.django.Db
|
||||
import semmle.python.web.django.Model
|
||||
import semmle.python.security.strings.Untrusted
|
||||
|
||||
from SqlInjectionSink sink, TaintKind kind
|
||||
where sink.sinks(kind)
|
||||
select sink, kind
|
||||
@@ -0,0 +1 @@
|
||||
| FIXME: temporarily disabled since it's not working |
|
||||
@@ -0,0 +1,8 @@
|
||||
import python
|
||||
import semmle.python.web.HttpResponse
|
||||
import semmle.python.security.strings.Untrusted
|
||||
|
||||
// from HttpResponseTaintSink sink, TaintKind kind
|
||||
// where sink.sinks(kind)
|
||||
// select sink, kind
|
||||
select "FIXME: temporarily disabled since it's not working"
|
||||
@@ -0,0 +1,3 @@
|
||||
| test.py:9:22:9:24 | req | falcon.request |
|
||||
| test.py:19:23:19:25 | req | falcon.request |
|
||||
| test.py:22:25:22:27 | req | falcon.request |
|
||||
7
python/ql/test/library-tests/web/falcon/HttpSources.ql
Normal file
7
python/ql/test/library-tests/web/falcon/HttpSources.ql
Normal file
@@ -0,0 +1,7 @@
|
||||
import python
|
||||
import semmle.python.web.HttpRequest
|
||||
import semmle.python.security.strings.Untrusted
|
||||
|
||||
from HttpRequestTaintSource source, TaintKind kind
|
||||
where source.isSourceOf(kind)
|
||||
select source.(ControlFlowNode).getNode(), kind
|
||||
@@ -1,8 +1,5 @@
|
||||
import python
|
||||
|
||||
import semmle.python.web.falcon.General
|
||||
|
||||
from FalconRoute route, string method
|
||||
|
||||
select route.getUrl(), method, route.getHandlerFunction(method)
|
||||
|
||||
|
||||
@@ -1,6 +1,4 @@
|
||||
|
||||
import python
|
||||
|
||||
import semmle.python.web.HttpRequest
|
||||
import semmle.python.web.HttpResponse
|
||||
import semmle.python.security.strings.Untrusted
|
||||
|
||||
@@ -1,3 +0,0 @@
|
||||
| test.py:9 | req | falcon.request |
|
||||
| test.py:19 | req | falcon.request |
|
||||
| test.py:22 | req | falcon.request |
|
||||
@@ -1,10 +0,0 @@
|
||||
|
||||
import python
|
||||
|
||||
import semmle.python.web.HttpRequest
|
||||
import semmle.python.security.strings.Untrusted
|
||||
|
||||
|
||||
from TaintSource src, TaintKind kind
|
||||
where src.isSourceOf(kind) and not kind.matches("tornado%")
|
||||
select src.getLocation().toString(), src.(ControlFlowNode).getNode().toString(), kind
|
||||
@@ -1,12 +1,8 @@
|
||||
|
||||
import python
|
||||
|
||||
|
||||
import semmle.python.web.HttpRequest
|
||||
import semmle.python.web.HttpResponse
|
||||
import semmle.python.security.strings.Untrusted
|
||||
|
||||
|
||||
from TaintedNode node
|
||||
where node.getLocation().getFile().getShortName() = "test.py"
|
||||
select node.getLocation().toString(), node.getAstNode().toString(), node.getTaintKind()
|
||||
|
||||
@@ -0,0 +1,8 @@
|
||||
| test.py:8:12:8:25 | flask.routed.response | externally controlled string |
|
||||
| test.py:29:12:29:38 | flask.routed.response | externally controlled string |
|
||||
| test.py:35:16:35:37 | flask.routed.response | externally controlled string |
|
||||
| test.py:36:12:36:15 | flask.routed.response | externally controlled string |
|
||||
| test.py:41:12:41:54 | flask.routed.response | externally controlled string |
|
||||
| test.py:41:26:41:53 | flask.response.argument | externally controlled string |
|
||||
| test.py:46:12:46:62 | flask.routed.response | externally controlled string |
|
||||
| test.py:46:26:46:61 | flask.response.argument | externally controlled string |
|
||||
@@ -0,0 +1,7 @@
|
||||
import python
|
||||
import semmle.python.web.HttpResponse
|
||||
import semmle.python.security.strings.Untrusted
|
||||
|
||||
from HttpResponseTaintSink sink, TaintKind kind
|
||||
where sink.sinks(kind)
|
||||
select sink, kind
|
||||
@@ -0,0 +1,5 @@
|
||||
| test.py:29:12:29:23 | Attribute | {externally controlled string} |
|
||||
| test.py:33:9:33:20 | Attribute | {externally controlled string} |
|
||||
| test.py:35:16:35:27 | Attribute | {externally controlled string} |
|
||||
| test.py:40:18:40:29 | Attribute | {externally controlled string} |
|
||||
| test.py:45:18:45:29 | Attribute | {externally controlled string} |
|
||||
7
python/ql/test/library-tests/web/flask/HttpSources.ql
Normal file
7
python/ql/test/library-tests/web/flask/HttpSources.ql
Normal file
@@ -0,0 +1,7 @@
|
||||
import python
|
||||
import semmle.python.web.HttpRequest
|
||||
import semmle.python.security.strings.Untrusted
|
||||
|
||||
from HttpRequestTaintSource source, TaintKind kind
|
||||
where source.isSourceOf(kind)
|
||||
select source.(ControlFlowNode).getNode(), kind
|
||||
@@ -1,9 +1,6 @@
|
||||
import python
|
||||
|
||||
import semmle.python.web.flask.General
|
||||
|
||||
from ControlFlowNode regex, Function func
|
||||
|
||||
where flask_routing(regex, func)
|
||||
|
||||
select regex.getNode().(StrConst).getText(), func.toString()
|
||||
|
||||
@@ -1,8 +0,0 @@
|
||||
| test.py:8 | Str | externally controlled string |
|
||||
| test.py:29 | Attribute() | externally controlled string |
|
||||
| test.py:35 | Subscript | externally controlled string |
|
||||
| test.py:36 | None | externally controlled string |
|
||||
| test.py:41 | BinaryExpr | externally controlled string |
|
||||
| test.py:41 | make_response() | externally controlled string |
|
||||
| test.py:46 | BinaryExpr | externally controlled string |
|
||||
| test.py:46 | make_response() | externally controlled string |
|
||||
@@ -1,10 +0,0 @@
|
||||
|
||||
import python
|
||||
|
||||
import semmle.python.web.HttpRequest
|
||||
import semmle.python.web.HttpResponse
|
||||
import semmle.python.security.strings.Untrusted
|
||||
|
||||
from TaintSink sink, TaintKind kind
|
||||
where sink.sinks(kind)
|
||||
select sink.getLocation().toString(), sink.(ControlFlowNode).getNode().toString(), kind
|
||||
@@ -1,6 +0,0 @@
|
||||
| test.py:22 | Attribute() | flask/MyView.as.view |
|
||||
| test.py:29 | Attribute | {externally controlled string} |
|
||||
| test.py:33 | Attribute | {externally controlled string} |
|
||||
| test.py:35 | Attribute | {externally controlled string} |
|
||||
| test.py:40 | Attribute | {externally controlled string} |
|
||||
| test.py:45 | Attribute | {externally controlled string} |
|
||||
@@ -1,11 +0,0 @@
|
||||
|
||||
import python
|
||||
|
||||
import semmle.python.web.HttpRequest
|
||||
import semmle.python.web.HttpResponse
|
||||
import semmle.python.security.strings.Untrusted
|
||||
|
||||
|
||||
from TaintSource src, TaintKind kind
|
||||
where src.isSourceOf(kind)
|
||||
select src.getLocation().toString(), src.(ControlFlowNode).getNode().toString(), kind
|
||||
@@ -1,12 +1,8 @@
|
||||
|
||||
import python
|
||||
|
||||
|
||||
import semmle.python.web.HttpRequest
|
||||
import semmle.python.web.HttpResponse
|
||||
import semmle.python.security.strings.Untrusted
|
||||
|
||||
|
||||
from TaintedNode node
|
||||
where node.getLocation().getFile().getShortName() = "test.py"
|
||||
select node.getLocation().toString(), node.getAstNode().toString(), node.getTaintKind()
|
||||
|
||||
@@ -0,0 +1,3 @@
|
||||
| test.py:8:12:8:31 | pyramid.routed.response | externally controlled string |
|
||||
| test.py:17:12:17:41 | pyramid.routed.response | externally controlled string |
|
||||
| test.py:25:12:25:43 | pyramid.routed.response | externally controlled string |
|
||||
@@ -0,0 +1,7 @@
|
||||
import python
|
||||
import semmle.python.web.HttpResponse
|
||||
import semmle.python.security.strings.Untrusted
|
||||
|
||||
from HttpResponseTaintSink sink, TaintKind kind
|
||||
where sink.sinks(kind)
|
||||
select sink, kind
|
||||
@@ -0,0 +1,3 @@
|
||||
| test.py:7:10:7:16 | request | pyramid.request |
|
||||
| test.py:15:11:15:17 | request | pyramid.request |
|
||||
| test.py:24:11:24:17 | request | pyramid.request |
|
||||
7
python/ql/test/library-tests/web/pyramid/HttpSources.ql
Normal file
7
python/ql/test/library-tests/web/pyramid/HttpSources.ql
Normal file
@@ -0,0 +1,7 @@
|
||||
import python
|
||||
import semmle.python.web.HttpRequest
|
||||
import semmle.python.security.strings.Untrusted
|
||||
|
||||
from HttpRequestTaintSource source, TaintKind kind
|
||||
where source.isSourceOf(kind)
|
||||
select source.(ControlFlowNode).getNode(), kind
|
||||
@@ -1,9 +1,6 @@
|
||||
import python
|
||||
|
||||
import semmle.python.web.pyramid.View
|
||||
|
||||
from Function func
|
||||
|
||||
where is_pyramid_view_function(func)
|
||||
|
||||
select func.getLocation().toString(), func.toString()
|
||||
|
||||
@@ -1,3 +0,0 @@
|
||||
| test.py:8 | Response() | externally controlled string |
|
||||
| test.py:17 | Response() | externally controlled string |
|
||||
| test.py:25 | Dict | externally controlled string |
|
||||
@@ -1,11 +0,0 @@
|
||||
|
||||
import python
|
||||
|
||||
import semmle.python.web.HttpRequest
|
||||
import semmle.python.web.HttpResponse
|
||||
import semmle.python.security.strings.Untrusted
|
||||
|
||||
|
||||
from TaintSink sink, TaintKind kind
|
||||
where sink.sinks(kind) and sink.getLocation().getFile().getShortName() = "test.py"
|
||||
select sink.getLocation().toString(), sink.(ControlFlowNode).getNode().toString(), kind
|
||||
@@ -1,3 +0,0 @@
|
||||
| test.py:7 | request | pyramid.request |
|
||||
| test.py:15 | request | pyramid.request |
|
||||
| test.py:24 | request | pyramid.request |
|
||||
@@ -1,11 +0,0 @@
|
||||
|
||||
import python
|
||||
|
||||
import semmle.python.web.HttpRequest
|
||||
import semmle.python.web.HttpResponse
|
||||
import semmle.python.security.strings.Untrusted
|
||||
|
||||
|
||||
from TaintSource src, TaintKind kind
|
||||
where src.isSourceOf(kind)
|
||||
select src.getLocation().toString(), src.(ControlFlowNode).getNode().toString(), kind
|
||||
@@ -1,11 +1,8 @@
|
||||
|
||||
import python
|
||||
|
||||
import semmle.python.web.HttpRequest
|
||||
import semmle.python.web.HttpResponse
|
||||
import semmle.python.security.strings.Untrusted
|
||||
|
||||
from TaintedNode node
|
||||
where node.getLocation().getFile().getShortName() = "test.py"
|
||||
|
||||
select node.getLocation().toString(), node.getAstNode().toString(), node.getTaintKind()
|
||||
|
||||
@@ -1,9 +1,7 @@
|
||||
|
||||
import python
|
||||
|
||||
import semmle.python.TestUtils
|
||||
|
||||
import semmle.python.web.tornado.Tornado
|
||||
|
||||
from ClassValue cls
|
||||
where cls = aTornadoRequestHandlerClass()
|
||||
select remove_library_prefix(cls.getScope().getLocation()), cls.toString()
|
||||
|
||||
@@ -0,0 +1 @@
|
||||
| test.py:20:23:20:25 | tornado.HttpRequestHandler.redirect | externally controlled string |
|
||||
@@ -0,0 +1,7 @@
|
||||
import python
|
||||
import semmle.python.web.HttpRedirect
|
||||
import semmle.python.security.strings.Untrusted
|
||||
|
||||
from HttpRedirectTaintSink sink, TaintKind kind
|
||||
where sink.sinks(kind)
|
||||
select sink, kind
|
||||
@@ -0,0 +1,3 @@
|
||||
| test.py:6:20:6:43 | tornado.HttpRequestHandler.write | externally controlled string |
|
||||
| test.py:12:20:12:23 | tornado.HttpRequestHandler.write | externally controlled string |
|
||||
| test.py:26:20:26:48 | tornado.HttpRequestHandler.write | externally controlled string |
|
||||
@@ -0,0 +1,7 @@
|
||||
import python
|
||||
import semmle.python.web.HttpResponse
|
||||
import semmle.python.security.strings.Untrusted
|
||||
|
||||
from HttpResponseTaintSink sink, TaintKind kind
|
||||
where sink.sinks(kind)
|
||||
select sink, kind
|
||||
@@ -0,0 +1,4 @@
|
||||
| test.py:6:20:6:43 | Attribute() | externally controlled string |
|
||||
| test.py:10:16:10:40 | Attribute() | [externally controlled string] |
|
||||
| test.py:17:15:17:26 | Attribute | tornado.request.HttpRequest |
|
||||
| test.py:26:20:26:48 | Attribute() | externally controlled string |
|
||||
7
python/ql/test/library-tests/web/tornado/HttpSources.ql
Normal file
7
python/ql/test/library-tests/web/tornado/HttpSources.ql
Normal file
@@ -0,0 +1,7 @@
|
||||
import python
|
||||
import semmle.python.web.HttpRequest
|
||||
import semmle.python.security.strings.Untrusted
|
||||
|
||||
from HttpRequestTaintSource source, TaintKind kind
|
||||
where source.isSourceOf(kind)
|
||||
select source.(ControlFlowNode).getNode(), kind
|
||||
@@ -1,4 +0,0 @@
|
||||
| test.py:6 | Attribute() | externally controlled string |
|
||||
| test.py:12 | name | externally controlled string |
|
||||
| test.py:20 | url | externally controlled string |
|
||||
| test.py:26 | Attribute() | externally controlled string |
|
||||
@@ -1,11 +0,0 @@
|
||||
|
||||
import python
|
||||
|
||||
import semmle.python.web.HttpRequest
|
||||
import semmle.python.web.HttpResponse
|
||||
import semmle.python.security.strings.Untrusted
|
||||
import semmle.python.TestUtils
|
||||
|
||||
from TaintSink sink, TaintKind kind
|
||||
where sink.sinks(kind)
|
||||
select remove_library_prefix(sink.getLocation()), sink.(ControlFlowNode).getNode().toString(), kind
|
||||
@@ -1,4 +0,0 @@
|
||||
| test.py:6 | Attribute() | externally controlled string |
|
||||
| test.py:10 | Attribute() | [externally controlled string] |
|
||||
| test.py:17 | Attribute | tornado.request.HttpRequest |
|
||||
| test.py:26 | Attribute() | externally controlled string |
|
||||
@@ -1,13 +0,0 @@
|
||||
|
||||
import python
|
||||
|
||||
import semmle.python.TestUtils
|
||||
|
||||
import semmle.python.web.HttpRequest
|
||||
import semmle.python.web.HttpResponse
|
||||
import semmle.python.security.strings.Untrusted
|
||||
|
||||
|
||||
from TaintSource src, TaintKind kind
|
||||
where src.isSourceOf(kind)
|
||||
select remove_library_prefix(src.getLocation()), src.(ControlFlowNode).getNode().toString(), kind
|
||||
@@ -1,8 +1,5 @@
|
||||
|
||||
import python
|
||||
|
||||
import semmle.python.TestUtils
|
||||
|
||||
import semmle.python.web.HttpRequest
|
||||
import semmle.python.web.HttpResponse
|
||||
import semmle.python.security.strings.Untrusted
|
||||
@@ -11,4 +8,3 @@ from TaintedNode node
|
||||
// Add this restriction to keep Python2 and 3 results the same.
|
||||
where not exists(node.getContext().getCaller())
|
||||
select remove_library_prefix(node.getLocation()), node.getAstNode().toString(), node.getTaintKind()
|
||||
|
||||
|
||||
@@ -1,9 +1,5 @@
|
||||
|
||||
|
||||
import python
|
||||
|
||||
import semmle.python.web.turbogears.TurboGears
|
||||
|
||||
from TurboGearsControllerMethod m
|
||||
select m
|
||||
|
||||
|
||||
@@ -0,0 +1,5 @@
|
||||
| test.py:8:16:8:69 | TurboGears ControllerMethodReturnValue | externally controlled string |
|
||||
| test.py:14:16:14:50 | TurboGears ControllerMethodReturnValue | externally controlled string |
|
||||
| test.py:19:16:19:50 | TurboGears ControllerMethodReturnValue | externally controlled string |
|
||||
| test.py:23:16:23:50 | TurboGears ControllerMethodReturnValue | externally controlled string |
|
||||
| test.py:27:16:27:38 | TurboGears ControllerMethodTemplatedReturnValue | {externally controlled string} |
|
||||
@@ -0,0 +1,7 @@
|
||||
import python
|
||||
import semmle.python.web.HttpResponse
|
||||
import semmle.python.security.strings.Untrusted
|
||||
|
||||
from HttpResponseTaintSink sink, TaintKind kind
|
||||
where sink.sinks(kind)
|
||||
select sink, kind
|
||||
@@ -0,0 +1,3 @@
|
||||
| test.py:18:43:18:43 | b | externally controlled string |
|
||||
| test.py:22:29:22:29 | a | externally controlled string |
|
||||
| test.py:22:37:22:37 | b | externally controlled string |
|
||||
@@ -0,0 +1,7 @@
|
||||
import python
|
||||
import semmle.python.web.HttpRequest
|
||||
import semmle.python.security.strings.Untrusted
|
||||
|
||||
from HttpRequestTaintSource source, TaintKind kind
|
||||
where source.isSourceOf(kind)
|
||||
select source.(ControlFlowNode).getNode(), kind
|
||||
@@ -1,5 +0,0 @@
|
||||
| test.py:8 | BinaryExpr | externally controlled string |
|
||||
| test.py:14 | BinaryExpr | externally controlled string |
|
||||
| test.py:19 | BinaryExpr | externally controlled string |
|
||||
| test.py:23 | BinaryExpr | externally controlled string |
|
||||
| test.py:27 | Dict | {externally controlled string} |
|
||||
@@ -1,10 +0,0 @@
|
||||
|
||||
import python
|
||||
|
||||
import semmle.python.web.HttpRequest
|
||||
import semmle.python.web.HttpResponse
|
||||
import semmle.python.security.strings.Untrusted
|
||||
|
||||
from TaintSink sink, TaintKind kind
|
||||
where sink.sinks(kind)
|
||||
select sink.getLocation().toString(), sink.(ControlFlowNode).getNode().toString(), kind
|
||||
@@ -1,3 +0,0 @@
|
||||
| test.py:18 | b | externally controlled string |
|
||||
| test.py:22 | a | externally controlled string |
|
||||
| test.py:22 | b | externally controlled string |
|
||||
@@ -1,10 +0,0 @@
|
||||
|
||||
import python
|
||||
|
||||
import semmle.python.web.HttpRequest
|
||||
import semmle.python.security.strings.Untrusted
|
||||
|
||||
|
||||
from TaintSource src, TaintKind kind
|
||||
where src.isSourceOf(kind)
|
||||
select src.getLocation().toString(), src.(ControlFlowNode).getNode().toString(), kind
|
||||
@@ -1,13 +1,7 @@
|
||||
|
||||
import python
|
||||
|
||||
|
||||
import semmle.python.web.HttpRequest
|
||||
import semmle.python.web.HttpResponse
|
||||
import semmle.python.security.strings.Untrusted
|
||||
|
||||
|
||||
from TaintedNode node
|
||||
|
||||
select node.getLocation().toString(), node.getAstNode().toString(), node.getTaintKind()
|
||||
|
||||
|
||||
@@ -0,0 +1,10 @@
|
||||
| test.py:7:16:7:23 | Twisted response | externally controlled string |
|
||||
| test.py:14:16:14:23 | Twisted response | externally controlled string |
|
||||
| test.py:21:16:21:23 | Twisted response | externally controlled string |
|
||||
| test.py:36:16:36:37 | Twisted response | externally controlled string |
|
||||
| test.py:40:23:40:30 | Twisted request setter | externally controlled string |
|
||||
| test.py:44:27:44:31 | Twisted request setter | externally controlled string |
|
||||
| test.py:44:34:44:38 | Twisted request setter | externally controlled string |
|
||||
| test.py:45:27:45:31 | Twisted request setter | externally controlled string |
|
||||
| test.py:45:34:45:40 | Twisted request setter | externally controlled string |
|
||||
| test.py:46:16:46:37 | Twisted response | externally controlled string |
|
||||
@@ -0,0 +1,7 @@
|
||||
import python
|
||||
import semmle.python.web.HttpResponse
|
||||
import semmle.python.security.strings.Untrusted
|
||||
|
||||
from HttpResponseTaintSink sink, TaintKind kind
|
||||
where sink.sinks(kind)
|
||||
select sink, kind
|
||||
@@ -0,0 +1,8 @@
|
||||
| test.py:4:22:4:28 | request | twisted.request.http.Request |
|
||||
| test.py:9:26:9:32 | request | twisted.request.http.Request |
|
||||
| test.py:16:27:16:33 | request | twisted.request.http.Request |
|
||||
| test.py:24:24:24:30 | request | twisted.request.http.Request |
|
||||
| test.py:28:22:28:30 | myrequest | twisted.request.http.Request |
|
||||
| test.py:31:27:31:37 | postrequest | twisted.request.http.Request |
|
||||
| test.py:39:22:39:28 | request | twisted.request.http.Request |
|
||||
| test.py:43:22:43:28 | request | twisted.request.http.Request |
|
||||
7
python/ql/test/library-tests/web/twisted/HttpSources.ql
Normal file
7
python/ql/test/library-tests/web/twisted/HttpSources.ql
Normal file
@@ -0,0 +1,7 @@
|
||||
import python
|
||||
import semmle.python.web.HttpRequest
|
||||
import semmle.python.security.strings.Untrusted
|
||||
|
||||
from HttpRequestTaintSource source, TaintKind kind
|
||||
where source.isSourceOf(kind)
|
||||
select source.(ControlFlowNode).getNode(), kind
|
||||
@@ -1,8 +0,0 @@
|
||||
| test.py:7 | response | externally controlled string |
|
||||
| test.py:14 | response | externally controlled string |
|
||||
| test.py:21 | response | externally controlled string |
|
||||
| test.py:36 | do_stuff_with() | externally controlled string |
|
||||
| test.py:40 | Str | externally controlled string |
|
||||
| test.py:44 | Str | externally controlled string |
|
||||
| test.py:45 | Str | externally controlled string |
|
||||
| test.py:46 | Str | externally controlled string |
|
||||
@@ -1,10 +0,0 @@
|
||||
import python
|
||||
|
||||
import semmle.python.web.HttpRequest
|
||||
import semmle.python.web.HttpResponse
|
||||
import semmle.python.security.strings.Untrusted
|
||||
import semmle.python.TestUtils
|
||||
|
||||
from TaintSink sink, TaintKind kind
|
||||
where sink.sinks(kind)
|
||||
select remove_library_prefix(sink.getLocation()), sink.(ControlFlowNode).getNode().toString(), kind
|
||||
@@ -1,8 +0,0 @@
|
||||
| test.py:4 | request | twisted.request.http.Request |
|
||||
| test.py:9 | request | twisted.request.http.Request |
|
||||
| test.py:16 | request | twisted.request.http.Request |
|
||||
| test.py:24 | request | twisted.request.http.Request |
|
||||
| test.py:28 | myrequest | twisted.request.http.Request |
|
||||
| test.py:31 | postrequest | twisted.request.http.Request |
|
||||
| test.py:39 | request | twisted.request.http.Request |
|
||||
| test.py:43 | request | twisted.request.http.Request |
|
||||
@@ -1,11 +0,0 @@
|
||||
import python
|
||||
import semmle.python.TestUtils
|
||||
|
||||
import semmle.python.web.HttpRequest
|
||||
import semmle.python.web.HttpResponse
|
||||
import semmle.python.security.strings.Untrusted
|
||||
|
||||
|
||||
from TaintSource src, TaintKind kind
|
||||
where src.isSourceOf(kind)
|
||||
select remove_library_prefix(src.getLocation()), src.(ControlFlowNode).getNode().toString(), kind
|
||||
@@ -1,11 +1,8 @@
|
||||
import python
|
||||
import semmle.python.TestUtils
|
||||
|
||||
import semmle.python.web.HttpRequest
|
||||
import semmle.python.web.HttpResponse
|
||||
import semmle.python.security.strings.Untrusted
|
||||
|
||||
from TaintedNode node
|
||||
|
||||
select remove_library_prefix(node.getLocation()), node.getAstNode().toString(), node.getTaintKind()
|
||||
|
||||
|
||||
Reference in New Issue
Block a user