hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity

Python: Ensure old dataflow queries are not used

Browse Source 
There seems to have been some cases where the old ones have been picked up
instead of the new ones. At least I spotted _one_ case where this happened, in
an internal actions run.

I'm not sure how to actual debug this, so just removing all the tags that could
make these queries to become picked up :|
This commit is contained in:
Rasmus Wriedt Larsen
2021-02-26 10:51:11 +01:00
parent 81b29316e1
commit b43533ce8d
7 changed files with 6 additions and 62 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
python/ql/src/experimental/Security-old-dataflow/CWE-022/PathInjection.ql
View File

@@ -1,19 +1,7 @@
/** /**
* @name Uncontrolled data used in path expression * @name OLD QUERY: Uncontrolled data used in path expression
* @description Accessing paths influenced by users can allow an attacker to access unexpected resources. * @description Accessing paths influenced by users can allow an attacker to access unexpected resources.
* @kind path-problem * @kind path-problem
* @problem.severity error
* @sub-severity high
* @precision high
* @id py/path-injection
* @tags correctness
* security
* external/owasp/owasp-a1
* external/cwe/cwe-022
* external/cwe/cwe-023
* external/cwe/cwe-036
* external/cwe/cwe-073
* external/cwe/cwe-099
*/ */
import python import python

11
python/ql/src/experimental/Security-old-dataflow/CWE-078/CommandInjection.ql
View File

@@ -1,17 +1,8 @@
/** /**
* @name Uncontrolled command line * @name OLD QUERY: Uncontrolled command line
* @description Using externally controlled strings in a command line may allow a malicious * @description Using externally controlled strings in a command line may allow a malicious
* user to change the meaning of the command. * user to change the meaning of the command.
* @kind path-problem * @kind path-problem
* @problem.severity error
* @sub-severity high
* @precision high
* @id py/command-line-injection
* @tags correctness
* security
* external/owasp/owasp-a1
* external/cwe/cwe-078
* external/cwe/cwe-088
*/ */
import python import python

9
python/ql/src/experimental/Security-old-dataflow/CWE-079/ReflectedXss.ql
View File

@@ -1,15 +1,8 @@
/** /**
* @name Reflected server-side cross-site scripting * @name OLD QUERY: Reflected server-side cross-site scripting
* @description Writing user input directly to a web page * @description Writing user input directly to a web page
* allows for a cross-site scripting vulnerability. * allows for a cross-site scripting vulnerability.
* @kind path-problem * @kind path-problem
* @problem.severity error
* @sub-severity high
* @precision high
* @id py/reflective-xss
* @tags security
* external/cwe/cwe-079
* external/cwe/cwe-116
*/ */
import python import python

8
python/ql/src/experimental/Security-old-dataflow/CWE-089/SqlInjection.ql
View File

@@ -1,14 +1,8 @@
/** /**
* @name SQL query built from user-controlled sources * @name OLD QUERY: SQL query built from user-controlled sources
* @description Building a SQL query from user-controlled sources is vulnerable to insertion of * @description Building a SQL query from user-controlled sources is vulnerable to insertion of
* malicious SQL code by the user. * malicious SQL code by the user.
* @kind path-problem * @kind path-problem
* @problem.severity error
* @precision high
* @id py/sql-injection
* @tags security
* external/cwe/cwe-089
* external/owasp/owasp-a1
*/ */
import python import python

9
python/ql/src/experimental/Security-old-dataflow/CWE-094/CodeInjection.ql
View File

@@ -3,15 +3,6 @@
* @description Interpreting unsanitized user input as code allows a malicious user arbitrary * @description Interpreting unsanitized user input as code allows a malicious user arbitrary
* code execution. * code execution.
* @kind path-problem * @kind path-problem
* @problem.severity error
* @sub-severity high
* @precision high
* @id py/code-injection
* @tags security
* external/owasp/owasp-a1
* external/cwe/cwe-094
* external/cwe/cwe-095
* external/cwe/cwe-116
*/ */
import python import python

9
python/ql/src/experimental/Security-old-dataflow/CWE-502/UnsafeDeserialization.ql
View File

@@ -1,14 +1,7 @@
/** /**
* @name Deserializing untrusted input * @name OLD QUERY: Deserializing untrusted input
* @description Deserializing user-controlled data may allow attackers to execute arbitrary code. * @description Deserializing user-controlled data may allow attackers to execute arbitrary code.
* @kind path-problem * @kind path-problem
* @id py/unsafe-deserialization
* @problem.severity error
* @sub-severity high
* @precision high
* @tags external/cwe/cwe-502
* security
* serialization
*/ */
import python import python

8
python/ql/src/experimental/Security-old-dataflow/CWE-601/UrlRedirect.ql
View File

@@ -1,14 +1,8 @@
/** /**
* @name URL redirection from remote source * @name OLD QUERY: URL redirection from remote source
* @description URL redirection based on unvalidated user input * @description URL redirection based on unvalidated user input
* may cause redirection to malicious web sites. * may cause redirection to malicious web sites.
* @kind path-problem * @kind path-problem
* @problem.severity error
* @sub-severity low
* @id py/url-redirection
* @tags security
* external/cwe/cwe-601
* @precision high
*/ */
import python import python