hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 03:05:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Python: Add toString to TurboGears HttpResponseTaintSinks

Browse Source 
Naming these were a bit hard, but better than generic "Taint Sink"
This commit is contained in:
Rasmus Wriedt Larsen
2020-01-07 13:41:41 +01:00
parent 6b87458c2e
commit effa4548ab
4 changed files with 9 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
python/ql/src/semmle/python/web/turbogears/Response.qll
View File

@@ -5,6 +5,8 @@ import semmle.python.web.Http
import TurboGears
class ControllerMethodReturnValue extends HttpResponseTaintSink {
override string toString() { result = "TurboGears ControllerMethodReturnValue" }
ControllerMethodReturnValue() {
exists(TurboGearsControllerMethod m |
m.getAReturnValueFlowNode() = this and
@@ -16,6 +18,8 @@ class ControllerMethodReturnValue extends HttpResponseTaintSink {
}
class ControllerMethodTemplatedReturnValue extends HttpResponseTaintSink {
override string toString() { result = "TurboGears ControllerMethodTemplatedReturnValue" }
ControllerMethodTemplatedReturnValue() {
exists(TurboGearsControllerMethod m |
m.getAReturnValueFlowNode() = this and