hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-25 08:45:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Python: Remove references to FlowStateString.

Browse Source
This commit is contained in:
Anders Schack-Mulligen
2023-12-11 12:05:22 +01:00
parent a1068ce2f9
commit 8ef4821f63
2 changed files with 16 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
python/ql/lib/semmle/python/security/dataflow/PathInjectionQuery.qll
View File

@@ -63,13 +63,18 @@ deprecated class Configuration extends TaintTracking::Configuration {
}
}
abstract private class NormalizationState extends string {
bindingset[this]
NormalizationState() { any() }
}
/** A state signifying that the file path has not been normalized. */
class NotNormalized extends DataFlow::FlowState {
class NotNormalized extends NormalizationState {
NotNormalized() { this = "NotNormalized" }
}
/** A state signifying that the file path has been normalized, but not checked. */
class NormalizedUnchecked extends DataFlow::FlowState {
class NormalizedUnchecked extends NormalizationState {
NormalizedUnchecked() { this = "NormalizedUnchecked" }
}
@@ -85,7 +90,7 @@ class NormalizedUnchecked extends DataFlow::FlowState {
* Such checks are ineffective in the `NotNormalized` state.
*/
module PathInjectionConfig implements DataFlow::StateConfigSig {
class FlowState = DataFlow::FlowState;
class FlowState = NormalizationState;
predicate isSource(DataFlow::Node source, FlowState state) {
source instanceof Source and state instanceof NotNormalized

11
python/ql/src/experimental/Security/CWE-176/UnicodeBypassValidationQuery.qll
View File

@@ -12,13 +12,18 @@ import semmle.python.dataflow.new.internal.TaintTrackingPrivate
import semmle.python.dataflow.new.RemoteFlowSources
import UnicodeBypassValidationCustomizations::UnicodeBypassValidation
abstract private class ValidationState extends string {
bindingset[this]
ValidationState() { any() }
}
/** A state signifying that a logical validation has not been performed. */
class PreValidation extends DataFlow::FlowState {
class PreValidation extends ValidationState {
PreValidation() { this = "PreValidation" }
}
/** A state signifying that a logical validation has been performed. */
class PostValidation extends DataFlow::FlowState {
class PostValidation extends ValidationState {
PostValidation() { this = "PostValidation" }
}
@@ -29,7 +34,7 @@ class PostValidation extends DataFlow::FlowState {
* to track the requirement that a logical validation has been performed before the Unicode Transformation.
*/
private module UnicodeBypassValidationConfig implements DataFlow::StateConfigSig {
class FlowState = DataFlow::FlowState;
class FlowState = ValidationState;
predicate isSource(DataFlow::Node source, FlowState state) {
source instanceof RemoteFlowSource and state instanceof PreValidation