hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-02 20:25:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Python: Update web libraries to use HttpSources and HttpSinks

Browse Source
This commit is contained in:
Rasmus Wriedt Larsen
2020-01-07 14:26:48 +01:00
parent 2cdbae08b6
commit 9b2ca0c9c7
36 changed files with 92 additions and 127 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
python/ql/test/library-tests/web/bottle/HttpSources.expected
View File

@@ -1 +1,8 @@
FIXME
| ../../../query-tests/Security/lib/bottle.py:64:11:64:24 | LocalRequest() | bottle.request |
| test.py:3:35:3:41 | ImportMember | bottle.request |
| test.py:8:11:8:14 | name | externally controlled string |
| test.py:12:9:12:12 | name | externally controlled string |
| test.py:18:12:18:18 | request | bottle.request |
| test.py:27:12:27:16 | where | externally controlled string |
| test.py:32:14:32:20 | request | bottle.request |
| test.py:36:34:36:40 | request | bottle.request |

8
python/ql/test/library-tests/web/bottle/Sources.expected
View File

@@ -1,8 +0,0 @@
| ../../../query-tests/Security/lib/bottle.py:64 | LocalRequest() | bottle.request |
| test.py:3 | ImportMember | bottle.request |
| test.py:8 | name | externally controlled string |
| test.py:12 | name | externally controlled string |
| test.py:18 | request | bottle.request |
| test.py:27 | where | externally controlled string |
| test.py:32 | request | bottle.request |
| test.py:36 | request | bottle.request |

7
python/ql/test/library-tests/web/bottle/Sources.ql
View File

@@ -1,7 +0,0 @@
import python
import semmle.python.web.HttpRequest
import semmle.python.security.strings.Untrusted
from TaintSource src, TaintKind kind
where src.isSourceOf(kind) and not kind.matches("tornado%")
select src.getLocation().toString(), src.(ControlFlowNode).getNode().toString(), kind

4
python/ql/test/library-tests/web/cherrypy/HttpSources.expected
View File

@@ -1 +1,3 @@
FIXME
| ../../../query-tests/Security/lib/cherrypy/__init__.py:10:11:10:38 | _ThreadLocalProxy() | cherrypy.request |
| test.py:10:17:10:19 | arg | externally controlled string |
| test.py:16:17:16:19 | arg | externally controlled string |

3
python/ql/test/library-tests/web/cherrypy/Sources.expected
View File

@@ -1,3 +0,0 @@
| ../../../query-tests/Security/lib/cherrypy/__init__.py:10 | _ThreadLocalProxy() | cherrypy.request |
| test.py:10 | arg | externally controlled string |
| test.py:16 | arg | externally controlled string |

7
python/ql/test/library-tests/web/cherrypy/Sources.ql
View File

@@ -1,7 +0,0 @@
import python
import semmle.python.web.HttpRequest
import semmle.python.security.strings.Untrusted
from TaintSource src, TaintKind kind
where src.isSourceOf(kind) and not kind.matches("tornado%")
select src.getLocation().toString(), src.(ControlFlowNode).getNode().toString(), kind

4
python/ql/test/library-tests/web/falcon/HttpSources.expected
View File

@@ -1 +1,3 @@
FIXME
| test.py:9:22:9:24 | req | falcon.request |
| test.py:19:23:19:25 | req | falcon.request |
| test.py:22:25:22:27 | req | falcon.request |

3
python/ql/test/library-tests/web/falcon/Sources.expected
View File

@@ -1,3 +0,0 @@
| test.py:9 | req | falcon.request |
| test.py:19 | req | falcon.request |
| test.py:22 | req | falcon.request |

7
python/ql/test/library-tests/web/falcon/Sources.ql
View File

@@ -1,7 +0,0 @@
import python
import semmle.python.web.HttpRequest
import semmle.python.security.strings.Untrusted
from TaintSource src, TaintKind kind
where src.isSourceOf(kind) and not kind.matches("tornado%")
select src.getLocation().toString(), src.(ControlFlowNode).getNode().toString(), kind

4
python/ql/test/library-tests/web/pyramid/HttpSources.expected
View File

@@ -1 +1,3 @@
FIXME
| test.py:7:10:7:16 | request | pyramid.request |
| test.py:15:11:15:17 | request | pyramid.request |
| test.py:24:11:24:17 | request | pyramid.request |

3
python/ql/test/library-tests/web/pyramid/Sources.expected
View File

@@ -1,3 +0,0 @@
| test.py:7 | request | pyramid.request |
| test.py:15 | request | pyramid.request |
| test.py:24 | request | pyramid.request |

8
python/ql/test/library-tests/web/pyramid/Sources.ql
View File

@@ -1,8 +0,0 @@
import python
import semmle.python.web.HttpRequest
import semmle.python.web.HttpResponse
import semmle.python.security.strings.Untrusted
from TaintSource src, TaintKind kind
where src.isSourceOf(kind)
select src.getLocation().toString(), src.(ControlFlowNode).getNode().toString(), kind

5
python/ql/test/library-tests/web/tornado/HttpSources.expected
View File

@@ -1 +1,4 @@
FIXME
| test.py:6:20:6:43 | Attribute() | externally controlled string |
| test.py:10:16:10:40 | Attribute() | [externally controlled string] |
| test.py:17:15:17:26 | Attribute | tornado.request.HttpRequest |
| test.py:26:20:26:48 | Attribute() | externally controlled string |

4
python/ql/test/library-tests/web/tornado/Sources.expected
View File

@@ -1,4 +0,0 @@
| test.py:6 | Attribute() | externally controlled string |
| test.py:10 | Attribute() | [externally controlled string] |
| test.py:17 | Attribute | tornado.request.HttpRequest |
| test.py:26 | Attribute() | externally controlled string |

9
python/ql/test/library-tests/web/tornado/Sources.ql
View File

@@ -1,9 +0,0 @@
import python
import semmle.python.TestUtils
import semmle.python.web.HttpRequest
import semmle.python.web.HttpResponse
import semmle.python.security.strings.Untrusted
from TaintSource src, TaintKind kind
where src.isSourceOf(kind)
select remove_library_prefix(src.getLocation()), src.(ControlFlowNode).getNode().toString(), kind

4
python/ql/test/library-tests/web/turbogears/HttpSources.expected
View File

@@ -1 +1,3 @@
FIXME
| test.py:18:43:18:43 | b | externally controlled string |
| test.py:22:29:22:29 | a | externally controlled string |
| test.py:22:37:22:37 | b | externally controlled string |

3
python/ql/test/library-tests/web/turbogears/Sources.expected
View File

@@ -1,3 +0,0 @@
| test.py:18 | b | externally controlled string |
| test.py:22 | a | externally controlled string |
| test.py:22 | b | externally controlled string |

7
python/ql/test/library-tests/web/turbogears/Sources.ql
View File

@@ -1,7 +0,0 @@
import python
import semmle.python.web.HttpRequest
import semmle.python.security.strings.Untrusted
from TaintSource src, TaintKind kind
where src.isSourceOf(kind)
select src.getLocation().toString(), src.(ControlFlowNode).getNode().toString(), kind

6
python/ql/test/library-tests/web/twisted/HttpSinks.expected
View File

@@ -1,6 +1,10 @@
FIXME: WHERE ARE THE FIRST ONES?
| test.py:7:16:7:23 | Twisted response | externally controlled string |
| test.py:14:16:14:23 | Twisted response | externally controlled string |
| test.py:21:16:21:23 | Twisted response | externally controlled string |
| test.py:36:16:36:37 | Twisted response | externally controlled string |
| test.py:40:23:40:30 | Twisted request setter | externally controlled string |
| test.py:44:27:44:31 | Twisted request setter | externally controlled string |
| test.py:44:34:44:38 | Twisted request setter | externally controlled string |
| test.py:45:27:45:31 | Twisted request setter | externally controlled string |
| test.py:45:34:45:40 | Twisted request setter | externally controlled string |
| test.py:46:16:46:37 | Twisted response | externally controlled string |

9
python/ql/test/library-tests/web/twisted/HttpSources.expected
View File

@@ -1 +1,8 @@
FIXME
| test.py:4:22:4:28 | request | twisted.request.http.Request |
| test.py:9:26:9:32 | request | twisted.request.http.Request |
| test.py:16:27:16:33 | request | twisted.request.http.Request |
| test.py:24:24:24:30 | request | twisted.request.http.Request |
| test.py:28:22:28:30 | myrequest | twisted.request.http.Request |
| test.py:31:27:31:37 | postrequest | twisted.request.http.Request |
| test.py:39:22:39:28 | request | twisted.request.http.Request |
| test.py:43:22:43:28 | request | twisted.request.http.Request |

8
python/ql/test/library-tests/web/twisted/Sinks.expected
View File

@@ -1,8 +0,0 @@
| test.py:7 | response | externally controlled string |
| test.py:14 | response | externally controlled string |
| test.py:21 | response | externally controlled string |
| test.py:36 | do_stuff_with() | externally controlled string |
| test.py:40 | Str | externally controlled string |
| test.py:44 | Str | externally controlled string |
| test.py:45 | Str | externally controlled string |
| test.py:46 | Str | externally controlled string |

9
python/ql/test/library-tests/web/twisted/Sinks.ql
View File

@@ -1,9 +0,0 @@
import python
import semmle.python.web.HttpRequest
import semmle.python.web.HttpResponse
import semmle.python.security.strings.Untrusted
import semmle.python.TestUtils
from TaintSink sink, TaintKind kind
where sink.sinks(kind)
select remove_library_prefix(sink.getLocation()), sink.(ControlFlowNode).getNode().toString(), kind

8
python/ql/test/library-tests/web/twisted/Sources.expected
View File

@@ -1,8 +0,0 @@
| test.py:4 | request | twisted.request.http.Request |
| test.py:9 | request | twisted.request.http.Request |
| test.py:16 | request | twisted.request.http.Request |
| test.py:24 | request | twisted.request.http.Request |
| test.py:28 | myrequest | twisted.request.http.Request |
| test.py:31 | postrequest | twisted.request.http.Request |
| test.py:39 | request | twisted.request.http.Request |
| test.py:43 | request | twisted.request.http.Request |

9
python/ql/test/library-tests/web/twisted/Sources.ql
View File

@@ -1,9 +0,0 @@
import python
import semmle.python.TestUtils
import semmle.python.web.HttpRequest
import semmle.python.web.HttpResponse
import semmle.python.security.strings.Untrusted
from TaintSource src, TaintKind kind
where src.isSourceOf(kind)
select remove_library_prefix(src.getLocation()), src.(ControlFlowNode).getNode().toString(), kind