Python: Properly model flask.send_from_directory

To not include `filename` as path-injection sink.
2026-05-03 12:45:27 +02:00 · 2021-10-28 13:41:39 +02:00
parent 228e9e973a
commit 8c3349f40f
5 changed files with 33 additions and 19 deletions
--- a/python/ql/lib/semmle/python/frameworks/Flask.qll
+++ b/python/ql/lib/semmle/python/frameworks/Flask.qll
@@ -11,6 +11,7 @@ private import semmle.python.Concepts
 private import semmle.python.frameworks.Werkzeug
 private import semmle.python.ApiGraphs
 private import semmle.python.frameworks.internal.InstanceTaintStepsHelper
+private import semmle.python.security.dataflow.PathInjectionCustomizations

 /**
 * Provides models for the `flask` PyPI package.
@@ -537,11 +538,21 @@ module Flask {
          // the provided directory, so is not exposed to path-injection. (but is still a
          // path-argument).
          this.getArg(1), this.getArgByName("filename")
-          // TODO: Exclude filename as path-injection sink
        ]
    }
  }

+  /**
+   * To exclude `filename` argument to `flask.send_from_directory` as a path-injection sink.
+   */
+  private class FlaskSendFromDirectoryCallFilenameSanitizer extends PathInjection::Sanitizer {
+    FlaskSendFromDirectoryCallFilenameSanitizer() {
+      this = any(FlaskSendFromDirectoryCall c).getArg(1)
+      or
+      this = any(FlaskSendFromDirectoryCall c).getArgByName("filename")
+    }
+  }
+
  /**
   * A call to `flask.send_file`.
   *
--- a/python/ql/lib/semmle/python/security/dataflow/PathInjection.qll
+++ b/python/ql/lib/semmle/python/security/dataflow/PathInjection.qll
@@ -26,7 +26,11 @@ class PathNotNormalizedConfiguration extends TaintTracking::Configuration {

  override predicate isSink(DataFlow::Node sink) { sink instanceof Sink }

-  override predicate isSanitizer(DataFlow::Node node) { node instanceof Path::PathNormalization }
+  override predicate isSanitizer(DataFlow::Node node) {
+    node instanceof Sanitizer
+    or
+    node instanceof Path::PathNormalization
+  }

  override predicate isSanitizerGuard(DataFlow::BarrierGuard guard) {
    guard instanceof SanitizerGuard
@@ -52,6 +56,8 @@ class FirstNormalizationConfiguration extends TaintTracking::Configuration {

  override predicate isSink(DataFlow::Node sink) { sink instanceof Path::PathNormalization }

+  override predicate isSanitizer(DataFlow::Node node) { node instanceof Sanitizer }
+
  override predicate isSanitizerOut(DataFlow::Node node) { node instanceof Path::PathNormalization }

  override predicate isSanitizerGuard(DataFlow::BarrierGuard guard) {
@@ -67,6 +73,8 @@ class NormalizedPathNotCheckedConfiguration extends TaintTracking2::Configuratio

  override predicate isSink(DataFlow::Node sink) { sink instanceof Sink }

+  override predicate isSanitizer(DataFlow::Node node) { node instanceof Sanitizer }
+
  override predicate isSanitizerGuard(DataFlow::BarrierGuard guard) {
    guard instanceof Path::SafeAccessCheck
    or
--- a/python/ql/lib/semmle/python/security/dataflow/PathInjectionCustomizations.qll
+++ b/python/ql/lib/semmle/python/security/dataflow/PathInjectionCustomizations.qll
@@ -32,6 +32,16 @@ module PathInjection {
   */
  abstract class Sink extends DataFlow::Node { }

+  /**
+   * A sanitizer for "path injection" vulnerabilities.
+   *
+   * This should only be used for things like calls to library functions that perform their own
+   * (correct) normalization/escaping of untrusted paths.
+   *
+   * Please also see `Path::SafeAccessCheck` and `Path::PathNormalization` Concepts.
+   */
+  abstract class Sanitizer extends DataFlow::Node { }
+
  /**
   * A sanitizer guard for "path injection" vulnerabilities.
   */