Rasmus Wriedt Larsen
471318369b
Python: Don't quote %s in django example
...
This is vulnerable to SQL injection because of the quotes around %s -- added
some code that highlights this in test.py
Since our examples did this in the safe query, I ended up rewriting them
completely, causing a lot of trouble for myself :D
2019-10-29 13:58:07 +01:00
AlexTereshenkov
3e6f8fb6be
Add bind-socket-all-network-interfaces Python query ( #2048 )
...
Add bind-socket-all-network-interfaces Python query
2019-10-03 11:23:11 +01:00
Mark Shannon
3f740d6efe
Python: Update CWE-312 queries to use new taint-tracking configuration.
2019-08-30 11:21:04 +01:00
Mark Shannon
811815aa4e
Merge branch 'master' into python-cwe-312
2019-08-30 10:39:04 +01:00
Mark Shannon
91aefab7aa
Python: Reorganise code a bit to minimize diff for PR.
2019-08-29 10:31:50 +01:00
Mark Shannon
d31e55f88e
Python taint-tracking: Avoid ambiguous flows through calls. Fix up tests.
2019-08-29 10:31:50 +01:00
Mark Shannon
78ce19678a
Python taint-tracking: Fix up SQL injection query.
2019-08-29 10:31:50 +01:00
Mark Shannon
2d9d292ee4
Python: Fix up pi-node handling in taint-tracking.
2019-08-29 10:31:50 +01:00
Mark Shannon
8909c3d6ab
Python: Fix tags and message for CWE-312 queries.
2019-08-23 15:20:19 +01:00
Mark Shannon
81c65cd37c
Add missing html tag
2019-08-22 15:27:48 +01:00
Mark Shannon
15bb8b5f70
Python add new queries for clear-text logging and storage.
2019-08-22 15:27:48 +01:00
Mark Shannon
3e5fddd776
Python: Update all remaining taint-tracking queries to use configurations.
2019-07-26 16:39:10 +01:00
Mark Shannon
39b7a69abd
Python: Tarslip query: Fix up sanitizers.
2019-06-19 15:00:02 +01:00
Mark Shannon
a15a89206e
Python: Fix typos in qhelp file.
2019-06-19 11:48:31 +01:00
Mark Shannon
6f15c84bdc
Python: Tarslip query; Add sink for members and sanitizers for tarinfo objects.
2019-06-19 11:48:31 +01:00
Mark Shannon
e14f7ef466
Python: Tarslip query; track info objects and handle sanitization.
2019-06-19 11:48:31 +01:00
Mark Shannon
ea4e263060
Python: Initial version and help of tar-slip (CWE-022) query.
2019-06-19 11:48:31 +01:00
Mark Shannon
8d4a8a6c6b
Python: Reduce the number of strings and ints identified and possible hard-coded credentials.
2019-06-03 12:22:15 +01:00
Mark Shannon
28799441af
Python: Fix false positive in 'Incomplete URL substring sanitization' query.
2019-04-25 18:11:01 +01:00
Taus
adf8cdcde5
Merge pull request #1203 from markshannon/python-taint-tracking-configuration-2
...
Python: Use taint tracking configuration for queries.
2019-04-09 10:01:35 +02:00
Mark Shannon
52b3f77f4f
Fix typo.
2019-04-08 15:47:49 +01:00
Mark Shannon
2ba122373a
Merge pull request #1128 from taus-semmle/python-paramiko-unsafe-host-key-validation
...
Python: Add query for insecure SSH host key policies in Paramiko.
2019-04-04 16:57:13 +01:00
Mark Shannon
c2e814a11a
Fix CWE tag for Code injection query.
2019-04-04 15:09:12 +01:00
Mark Shannon
3bcd445a32
Python change 'SimpleHttpResponseTaintSink' to 'HttpResponseTaintSink'.
2019-04-04 14:45:37 +01:00
Mark Shannon
8b01bac900
Python: make sure unsafe deserialization query is using correct sources and that pickle is included in sinks.
2019-04-04 10:56:45 +01:00
Mark Shannon
bc19769e6d
Python: make sure code injection query is using correct sources.
2019-04-04 10:56:45 +01:00
Mark Shannon
35e82dca68
Python revert .getNode() to .getSink()/.getSource() to keep expected test output the same.
2019-04-04 10:56:45 +01:00
Mark Shannon
f8c43ca40b
Python: make sure all django and flask request sources conform to interface.
2019-04-04 10:56:45 +01:00
Mark Shannon
61e6ae7c4a
Python: Use new taint-tracking query in unsafe deserialization query.
2019-04-04 10:56:45 +01:00
Mark Shannon
3c1a5bb046
Python: Use new taint-tracking query in code-injection query.
2019-04-04 10:56:44 +01:00
Mark Shannon
64e8be6ed1
Python: Use new taint-tracking query in reflected-xss query.
2019-04-04 10:56:44 +01:00
Mark Shannon
7fc5d690cd
Python: Use new taint-tracking query in SQL-injection query.
2019-04-04 10:56:44 +01:00
Mark Shannon
058ae7befc
Merge pull request #1142 from taus-semmle/python-use-new-moduleobject-api
...
Python: Use new `ModuleObject` API more widely.
2019-03-26 15:02:44 +00:00
Taus Brock-Nannestad
5eb63ae048
Fix false positive and add test.
2019-03-21 14:10:05 +01:00
Taus Brock-Nannestad
9cb35a8ca9
Use correct named argument for ssl.SSLContext.
2019-03-21 14:09:25 +01:00
Taus Brock-Nannestad
391e111189
Use attr instead of getAttribute.
2019-03-20 17:41:23 +01:00
Taus Brock-Nannestad
f14f7b50ed
Python: Use ModuleObject::named more consistently.
2019-03-20 17:41:23 +01:00
Taus Brock-Nannestad
c7c6c83627
Address review comments.
2019-03-19 15:44:11 +01:00
Taus Brock-Nannestad
52278b25d9
Python: Add query for insecure SSH host key policies in Paramiko.
2019-03-18 16:45:54 +01:00
Mark Shannon
38a5fb715a
Python: Avoid cross-talk between unrelated sources in py/stack-trace-exposure query.
2019-03-05 16:52:28 +00:00
Taus Brock-Nannestad
63893fe52c
Python: Add missing @kind for py/insecure-temporary-file.
2019-03-04 11:20:39 +01:00
Taus Brock-Nannestad
e47b391329
Fix interpolation.
2019-02-26 16:27:04 +01:00
Taus Brock-Nannestad
7daaf77183
Make query alert refer to AST nodes rather than CFG nodes.
2019-02-26 15:56:37 +01:00
Taus Brock-Nannestad
504cb648d1
Change query description.
2019-02-26 13:26:20 +01:00
Taus Brock-Nannestad
8d774cd354
Merge branch 'master' into python-unsafe-use-of-mktemp
2019-02-26 13:23:38 +01:00
Mark Shannon
98be27a73e
Python: Add 'attr' predicate as a synomnym for 'getAttribute' to help readability.
2019-02-20 11:08:44 +00:00
Mark Shannon
35fa5d8f60
Python move various theXXX() predicates into the appropriate module.
2019-02-20 10:34:08 +00:00
Taus
08fcb984a8
Implement getACall suggestion.
2019-01-29 17:59:45 +01:00
Taus
6f7c96db54
Merge branch 'master' into python-unsafe-use-of-mktemp
2019-01-29 16:12:53 +01:00
Taus Brock-Nannestad
9a9d902cfb
Add support for os.tempnam and os.tmpnam.
2019-01-29 16:08:32 +01:00
