Merge branch 'master' into python-clean-qltest-options

2026-05-05 21:55:19 +02:00 · 2020-02-12 13:44:41 +01:00
parent efedcd26d0 12113e947f
commit 895f2f74ab
220 changed files with 8456 additions and 3106 deletions
--- a/python/ql/test/library-tests/web/flask/HttpResponseSinks.expected
+++ b/python/ql/test/library-tests/web/flask/HttpResponseSinks.expected
@@ -0,0 +1,8 @@
+| test.py:8:12:8:25 | flask.routed.response | externally controlled string |
+| test.py:29:12:29:38 | flask.routed.response | externally controlled string |
+| test.py:35:16:35:37 | flask.routed.response | externally controlled string |
+| test.py:36:12:36:15 | flask.routed.response | externally controlled string |
+| test.py:41:12:41:54 | flask.routed.response | externally controlled string |
+| test.py:41:26:41:53 | flask.response.argument | externally controlled string |
+| test.py:46:12:46:62 | flask.routed.response | externally controlled string |
+| test.py:46:26:46:61 | flask.response.argument | externally controlled string |
--- a/python/ql/test/library-tests/web/flask/HttpResponseSinks.ql
+++ b/python/ql/test/library-tests/web/flask/HttpResponseSinks.ql
@@ -0,0 +1,7 @@
+import python
+import semmle.python.web.HttpResponse
+import semmle.python.security.strings.Untrusted
+
+from HttpResponseTaintSink sink, TaintKind kind
+where sink.sinks(kind)
+select sink, kind
--- a/python/ql/test/library-tests/web/flask/HttpSources.expected
+++ b/python/ql/test/library-tests/web/flask/HttpSources.expected
@@ -0,0 +1,5 @@
+| test.py:29:12:29:23 | Attribute | {externally controlled string} |
+| test.py:33:9:33:20 | Attribute | {externally controlled string} |
+| test.py:35:16:35:27 | Attribute | {externally controlled string} |
+| test.py:40:18:40:29 | Attribute | {externally controlled string} |
+| test.py:45:18:45:29 | Attribute | {externally controlled string} |
--- a/python/ql/test/library-tests/web/flask/HttpSources.ql
+++ b/python/ql/test/library-tests/web/flask/HttpSources.ql
@@ -0,0 +1,7 @@
+import python
+import semmle.python.web.HttpRequest
+import semmle.python.security.strings.Untrusted
+
+from HttpRequestTaintSource source, TaintKind kind
+where source.isSourceOf(kind)
+select source.(ControlFlowNode).getNode(), kind
--- a/python/ql/test/library-tests/web/flask/Routing.ql
+++ b/python/ql/test/library-tests/web/flask/Routing.ql
@@ -1,9 +1,6 @@
 import python
-
 import semmle.python.web.flask.General

 from ControlFlowNode regex, Function func
-
 where flask_routing(regex, func)
-
 select regex.getNode().(StrConst).getText(), func.toString()
--- a/python/ql/test/library-tests/web/flask/Sinks.expected
+++ b/python/ql/test/library-tests/web/flask/Sinks.expected
@@ -1,8 +0,0 @@
-| test.py:8 | Str | externally controlled string |
-| test.py:29 | Attribute() | externally controlled string |
-| test.py:35 | Subscript | externally controlled string |
-| test.py:36 | None | externally controlled string |
-| test.py:41 | BinaryExpr | externally controlled string |
-| test.py:41 | make_response() | externally controlled string |
-| test.py:46 | BinaryExpr | externally controlled string |
-| test.py:46 | make_response() | externally controlled string |
--- a/python/ql/test/library-tests/web/flask/Sinks.ql
+++ b/python/ql/test/library-tests/web/flask/Sinks.ql
@@ -1,10 +0,0 @@
-
-import python
-
-import semmle.python.web.HttpRequest
-import semmle.python.web.HttpResponse
-import semmle.python.security.strings.Untrusted
-
-from TaintSink sink, TaintKind kind
-where sink.sinks(kind)
-select sink.getLocation().toString(), sink.(ControlFlowNode).getNode().toString(), kind
--- a/python/ql/test/library-tests/web/flask/Sources.expected
+++ b/python/ql/test/library-tests/web/flask/Sources.expected
@@ -1,6 +0,0 @@
-| test.py:22 | Attribute() | flask/MyView.as.view |
-| test.py:29 | Attribute | {externally controlled string} |
-| test.py:33 | Attribute | {externally controlled string} |
-| test.py:35 | Attribute | {externally controlled string} |
-| test.py:40 | Attribute | {externally controlled string} |
-| test.py:45 | Attribute | {externally controlled string} |
--- a/python/ql/test/library-tests/web/flask/Sources.ql
+++ b/python/ql/test/library-tests/web/flask/Sources.ql
@@ -1,11 +0,0 @@
-
-import python
-
-import semmle.python.web.HttpRequest
-import semmle.python.web.HttpResponse
-import semmle.python.security.strings.Untrusted
-
-
-from TaintSource src, TaintKind kind
-where src.isSourceOf(kind)
-select src.getLocation().toString(), src.(ControlFlowNode).getNode().toString(), kind
--- a/python/ql/test/library-tests/web/flask/Taint.ql
+++ b/python/ql/test/library-tests/web/flask/Taint.ql
@@ -1,12 +1,8 @@
-
 import python
-
-
 import semmle.python.web.HttpRequest
 import semmle.python.web.HttpResponse
 import semmle.python.security.strings.Untrusted

-
 from TaintedNode node
 where node.getLocation().getFile().getShortName() = "test.py"
 select node.getLocation().toString(), node.getAstNode().toString(), node.getTaintKind()