Python: Autoformat

2026-02-16 23:13:43 +01:00 · 2022-03-21 14:35:10 +01:00
parent 0125aea91b
commit db86a18791
17 changed files with 283 additions and 301 deletions
--- a/python/ql/lib/semmle/python/security/dataflow/ServerSideRequestForgeryQuery.qll
+++ b/python/ql/lib/semmle/python/security/dataflow/ServerSideRequestForgeryQuery.qll
@@ -10,36 +10,35 @@ private import python
 import semmle.python.dataflow.new.DataFlow
 import semmle.python.dataflow.new.TaintTracking
 import semmle.python.Concepts
-
 import ServerSideRequestForgeryCustomizations::ServerSideRequestForgery

-  /**
-   * A taint-tracking configuration for detecting "Server-side request forgery" vulnerabilities.
-   *
-   * This configuration has a sanitizer to limit results to cases where attacker has full control of URL.
-   * See `PartialServerSideRequestForgery` for a variant without this requirement.
-   *
-   * You should use the `fullyControlledRequest` to only select results where all
-   * URL parts are fully controlled.
-   */
-  class FullServerSideRequestForgeryConfiguration extends TaintTracking::Configuration {
-    FullServerSideRequestForgeryConfiguration() { this = "FullServerSideRequestForgery" }
+/**
+ * A taint-tracking configuration for detecting "Server-side request forgery" vulnerabilities.
+ *
+ * This configuration has a sanitizer to limit results to cases where attacker has full control of URL.
+ * See `PartialServerSideRequestForgery` for a variant without this requirement.
+ *
+ * You should use the `fullyControlledRequest` to only select results where all
+ * URL parts are fully controlled.
+ */
+class FullServerSideRequestForgeryConfiguration extends TaintTracking::Configuration {
+  FullServerSideRequestForgeryConfiguration() { this = "FullServerSideRequestForgery" }

-    override predicate isSource(DataFlow::Node source) { source instanceof Source }
+  override predicate isSource(DataFlow::Node source) { source instanceof Source }

-    override predicate isSink(DataFlow::Node sink) { sink instanceof Sink }
+  override predicate isSink(DataFlow::Node sink) { sink instanceof Sink }

-    override predicate isSanitizer(DataFlow::Node node) {
-      node instanceof Sanitizer
-      or
-      node instanceof FullUrlControlSanitizer
-    }
-
-    override predicate isSanitizerGuard(DataFlow::BarrierGuard guard) {
-      guard instanceof SanitizerGuard
-    }
+  override predicate isSanitizer(DataFlow::Node node) {
+    node instanceof Sanitizer
+    or
+    node instanceof FullUrlControlSanitizer
  }

+  override predicate isSanitizerGuard(DataFlow::BarrierGuard guard) {
+    guard instanceof SanitizerGuard
+  }
+}
+
 /**
 * Holds if all URL parts of `request` is fully user controlled.
 */
@@ -51,22 +50,22 @@ predicate fullyControlledRequest(HTTP::Client::Request request) {
  )
 }

-  /**
-   * A taint-tracking configuration for detecting "Server-side request forgery" vulnerabilities.
-   *
-   * This configuration has results, even when the attacker does not have full control over the URL.
-   * See `FullServerSideRequestForgeryConfiguration`, and the `fullyControlledRequest` predicate.
-   */
-  class PartialServerSideRequestForgeryConfiguration extends TaintTracking::Configuration {
-    PartialServerSideRequestForgeryConfiguration() { this = "PartialServerSideRequestForgery" }
+/**
+ * A taint-tracking configuration for detecting "Server-side request forgery" vulnerabilities.
+ *
+ * This configuration has results, even when the attacker does not have full control over the URL.
+ * See `FullServerSideRequestForgeryConfiguration`, and the `fullyControlledRequest` predicate.
+ */
+class PartialServerSideRequestForgeryConfiguration extends TaintTracking::Configuration {
+  PartialServerSideRequestForgeryConfiguration() { this = "PartialServerSideRequestForgery" }

-    override predicate isSource(DataFlow::Node source) { source instanceof Source }
+  override predicate isSource(DataFlow::Node source) { source instanceof Source }

-    override predicate isSink(DataFlow::Node sink) { sink instanceof Sink }
+  override predicate isSink(DataFlow::Node sink) { sink instanceof Sink }

-    override predicate isSanitizer(DataFlow::Node node) { node instanceof Sanitizer }
+  override predicate isSanitizer(DataFlow::Node node) { node instanceof Sanitizer }

-    override predicate isSanitizerGuard(DataFlow::BarrierGuard guard) {
-      guard instanceof SanitizerGuard
-    }
+  override predicate isSanitizerGuard(DataFlow::BarrierGuard guard) {
+    guard instanceof SanitizerGuard
  }
+}