hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-03 12:45:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

Python: Model (most of) twisted

Browse Source
This commit is contained in:
Rasmus Wriedt Larsen
2021-06-08 16:11:18 +02:00
parent 151a733ff2
commit a21039170b
6 changed files with 284 additions and 53 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
python/ql/test/library-tests/frameworks/twisted/response_test.py
View File

@@ -6,55 +6,55 @@ from twisted.internet import reactor, endpoints, defer
root = Resource()
class Now(Resource):
def render(self, request: Request):
return b"now"
def render(self, request: Request): # $ requestHandler
return b"now" # $ HttpResponse mimetype=text/html responseBody=b"now"
class AlsoNow(Resource):
def render(self, request: Request):
request.write(b"also now")
return b""
def render(self, request: Request): # $ requestHandler
request.write(b"also now") # $ HttpResponse mimetype=text/html responseBody=b"also now"
return b"" # $ HttpResponse mimetype=text/html responseBody=b""
def process_later(request: Request):
print("process_later called")
request.write(b"later")
request.write(b"later") # $ MISSING: responseBody=b"later"
request.finish()
class Later(Resource):
def render(self, request: Request):
def render(self, request: Request): # $ requestHandler
# process the request in 1 second
print("setting up callback for process_later")
reactor.callLater(1, process_later, request)
return NOT_DONE_YET
return NOT_DONE_YET # $ SPURIOUS: HttpResponse mimetype=text/html responseBody=NOT_DONE_YET
class PlainText(Resource):
def render(self, request: Request):
def render(self, request: Request): # $ requestHandler
request.setHeader(b"content-type", "text/plain")
return b"this is plain text"
return b"this is plain text" # $ HttpResponse responseBody=b"this is plain text" SPURIOUS: mimetype=text/html MISSING: mimetype=text/plain
class Redirect(Resource):
def render_GET(self, request: Request):
request.redirect("/new-location")
def render_GET(self, request: Request): # $ requestHandler
request.redirect("/new-location") # $ MISSING: HttpRedirectResponse
# By default, this `hello` output is not returned... not even when
# requested with curl.
return b"hello"
return b"hello" # $ SPURIOUS: HttpResponse mimetype=text/html responseBody=b"hello"
class NonHttpBodyOutput(Resource):
"""Examples of provides values in response that is not in the body
"""
def render_GET(self, request: Request):
def render_GET(self, request: Request): # $ requestHandler
request.responseHeaders.addRawHeader("key", "value")
request.setHeader("key2", "value")
request.addCookie("key", "value")
request.cookies.append(b"key2=value")
return b""
return b"" # $ HttpResponse mimetype=text/html responseBody=b""
root.putChild(b"now", Now())

14
python/ql/test/library-tests/frameworks/twisted/routing_test.py
View File

@@ -7,11 +7,11 @@ root = Resource()
class Foo(Resource):
def render(self, request: Request):
def render(self, request: Request): # $ requestHandler
print(f"{request.content=}")
print(f"{request.cookies=}")
print(f"{request.received_cookies=}")
return b"I am Foo"
return b"I am Foo" # $ HttpResponse
root.putChild(b"foo", Foo())
@@ -21,17 +21,17 @@ class Child(Resource):
def __init__(self, name):
self.name = name.decode("utf-8")
def render_GET(self, request):
return f"Hi, I'm child '{self.name}'".encode("utf-8")
def render_GET(self, request): # $ requestHandler
return f"Hi, I'm child '{self.name}'".encode("utf-8") # $ HttpResponse
class Parent(Resource):
def getChild(self, path, request):
def getChild(self, path, request): # $ requestHandler
print(path, type(path))
return Child(path)
def render_GET(self, request):
return b"Hi, I'm parent"
def render_GET(self, request): # $ requestHandler
return b"Hi, I'm parent" # $ HttpResponse
root.putChild(b"parent", Parent())

62
python/ql/test/library-tests/frameworks/twisted/taint_test.py
View File

@@ -2,59 +2,59 @@ from twisted.web.resource import Resource
from twisted.web.server import Request
class MyTaintTest(Resource):
def getChild(self, path, request):
ensure_tainted(path, request) # $ MISSING: tainted
def getChild(self, path, request): # $ requestHandler
ensure_tainted(path, request) # $ tainted
def render(self, request):
ensure_tainted(request) # $ MISSING: tainted
def render(self, request): # $ requestHandler
ensure_tainted(request) # $ tainted
def render_GET(self, request: Request):
def render_GET(self, request: Request): # $ requestHandler
# see https://twistedmatrix.com/documents/21.2.0/api/twisted.web.server.Request.html
ensure_tainted(
request, # $ MISSING: tainted
request, # $ tainted
request.uri, # $ MISSING: tainted
request.path, # $ MISSING: tainted
request.prepath, # $ MISSING: tainted
request.postpath, # $ MISSING: tainted
request.uri, # $ tainted
request.path, # $ tainted
request.prepath, # $ tainted
request.postpath, # $ tainted
# file-like
request.content, # $ MISSING: tainted
request.content, # $ tainted
request.content.read(), # $ MISSING: tainted
# Dict[bytes, List[bytes]] (for query args)
request.args, # $ MISSING: tainted
request.args[b"key"], # $ MISSING: tainted
request.args[b"key"][0], # $ MISSING: tainted
request.args.get(b"key"), # $ MISSING: tainted
request.args.get(b"key")[0], # $ MISSING: tainted
request.args, # $ tainted
request.args[b"key"], # $ tainted
request.args[b"key"][0], # $ tainted
request.args.get(b"key"), # $ tainted
request.args.get(b"key")[0], # $ tainted
request.received_cookies, # $ MISSING: tainted
request.received_cookies["key"], # $ MISSING: tainted
request.received_cookies.get("key"), # $ MISSING: tainted
request.getCookie(b"key"), # $ MISSING: tainted
request.received_cookies, # $ tainted
request.received_cookies["key"], # $ tainted
request.received_cookies.get("key"), # $ tainted
request.getCookie(b"key"), # $ tainted
# twisted.web.http_headers.Headers
# see https://twistedmatrix.com/documents/21.2.0/api/twisted.web.http_headers.Headers.html
request.requestHeaders, # $ MISSING: tainted
request.requestHeaders, # $ tainted
request.requestHeaders.getRawHeaders("key"), # $ MISSING: tainted
request.requestHeaders.getRawHeaders("key")[0], # $ MISSING: tainted
request.requestHeaders.getAllRawHeaders(), # $ MISSING: tainted
list(request.requestHeaders.getAllRawHeaders()), # $ MISSING: tainted
request.getHeader("key"), # $ MISSING: tainted
request.getAllHeaders(), # $ MISSING: tainted
request.getAllHeaders()["key"], # $ MISSING: tainted
request.getHeader("key"), # $ tainted
request.getAllHeaders(), # $ tainted
request.getAllHeaders()["key"], # $ tainted
request.user, # $ MISSING: tainted
request.getUser(), # $ MISSING: tainted
request.user, # $ tainted
request.getUser(), # $ tainted
request.password, # $ MISSING: tainted
request.getPassword(), # $ MISSING: tainted
request.password, # $ tainted
request.getPassword(), # $ tainted
request.host, # $ MISSING: tainted
request.getHost(), # $ MISSING: tainted
request.getRequestHostname(), # $ MISSING: tainted
request.host, # $ tainted
request.getHost(), # $ tainted
request.getRequestHostname(), # $ tainted
)
# technically user-controlled, but unlike to lead to vulnerabilities.