Replacing getParameter by getArg and getArgByName

2026-02-22 18:03:39 +01:00 · 2022-09-03 14:05:07 +01:00
parent a50c226ca9
commit 94b91536f9
1 changed files with 5 additions and 5 deletions
--- a/python/ql/src/experimental/semmle/python/security/TimingAttack.qll
+++ b/python/ql/src/experimental/semmle/python/security/TimingAttack.qll
@@ -203,12 +203,12 @@ class CredentialExpr extends Expr {
 *
 * For example: `request.headers.get("X-Auth-Token")`.
 */
-abstract class ClientSuppliedSecret extends API::CallNode { }
+abstract class ClientSuppliedSecret extends DataFlow::CallCfgNode { }

 private class FlaskClientSuppliedSecret extends ClientSuppliedSecret {
  FlaskClientSuppliedSecret() {
    this = Flask::request().getMember("headers").getMember(["get", "get_all", "getlist"]).getACall() and
-    this.getParameter(0, ["key", "name"]).asSink().asExpr().(StrConst).getText().toLowerCase() =
+    [this.getArg(0), this.getArgByName(["key", "name"])].asExpr().(StrConst).getText().toLowerCase() =
      sensitiveheaders()
  }
 }
@@ -220,7 +220,7 @@ private class DjangoClientSuppliedSecret extends ClientSuppliedSecret {
          .getMember(["headers", "META"])
          .getMember("get")
          .getACall() and
-    this.getParameter(0, "key").asSink().asExpr().(StrConst).getText().toLowerCase() =
+    [this.getArg(0), this.getArgByName("key")].asExpr().(StrConst).getText().toLowerCase() =
      sensitiveheaders()
  }
 }
@@ -233,7 +233,7 @@ API::Node requesthandler() {
 private class TornadoClientSuppliedSecret extends ClientSuppliedSecret {
  TornadoClientSuppliedSecret() {
    this = requesthandler().getMember(["headers", "META"]).getMember("get").getACall() and
-    this.getParameter(0, "key").asSink().asExpr().(StrConst).getText().toLowerCase() =
+    [this.getArg(0), this.getArgByName("key")].asExpr().(StrConst).getText().toLowerCase() =
      sensitiveheaders()
  }
 }
@@ -247,7 +247,7 @@ private class WerkzeugClientSuppliedSecret extends ClientSuppliedSecret {
  WerkzeugClientSuppliedSecret() {
    this =
      headers().getMember(["headers", "META"]).getMember(["get", "get_all", "getlist"]).getACall() and
-    this.getParameter(0, ["key", "name"]).asSink().asExpr().(StrConst).getText().toLowerCase() =
+    [this.getArg(0), this.getArgByName(["key", "name"])].asExpr().(StrConst).getText().toLowerCase() =
      sensitiveheaders()
  }
 }