hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 12:46:34 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'jorgectf/python/deserialization' of https://github.com/jorgectf/codeql into jorgectf/python/deserialization

Browse Source
This commit is contained in:
jorgectf
2021-10-16 10:07:13 +02:00
parent c2046f1777 be424704a6
commit f1a73e3009
1 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
python/ql/src/experimental/semmle/python/frameworks/XML.qll
View File

@@ -69,8 +69,9 @@ private module XML {
* ``` * ```
* *
* `this` would be `xml.sax.make_parser()`, `getAnInput()` would return `StringIO(xml_content)` * `this` would be `xml.sax.make_parser()`, `getAnInput()` would return `StringIO(xml_content)`
* and `mayBeDangerous()` would succeed since `xml.sax.handler.feature_external_ges` is set to * and `mayBeDangerous()` would not hold since `xml.sax.handler.feature_external_ges` is set to
* `False` and so it's vulnerable. * `False` and so is not vulnerable.
* see https://docs.python.org/3/library/xml.sax.handler.html#xml.sax.handler.feature_external_ges
*/ */
private class XMLSaxParser extends DataFlow::CallCfgNode, XMLParser::Range { private class XMLSaxParser extends DataFlow::CallCfgNode, XMLParser::Range {
DataFlow::CallCfgNode attrCall; DataFlow::CallCfgNode attrCall;