hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 09:43:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
codeql-cli-2.21.3
codeql/python/ql/test/experimental/query-tests/Security/CWE-522-global-option/ldap2_global.py
Rasmus Wriedt Larsen ef6e502ff0 Python: Make LDAP global options test better 
Before it didn't really showcase that we know it can make connections
secure.
2021-09-23 10:18:18 +02:00

30 lines
748 B
Python
Raw Permalink Blame History

# since global options are considered to affect all files in a repo, we need to keep
# this test in its' own directory (so it doesn't interfere with other tests).
import ldap
from flask import request, Flask
app = Flask(__name__)
# GOOD
# SSL through ldap global variable option
ldap.set_option(ldap.OPT_X_TLS_DEMAND, True)
@app.route("/one")
def one():
# The following connection would have been insecure if the global option above was
# not set
ldap_connection_5 = ldap.initialize("ldap://somethingon.theinternet.com")
ldap_connection_5.simple_bind_s('', '')
user = ldap_connection_5.search_s(
"dn", ldap.SCOPE_SUBTREE, "search_filter")
return user
# if __name__ == "__main__":
# app.run(debug=True)
Reference in New Issue View Git Blame Copy Permalink