hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
cs/assembly-prefix
codeql/python/ql/test/query-tests/Security/CWE-502/test.py
Taus Brock-Nannestad e8c092ad72 Python: Support the dill pickling library.
2019-01-16 14:53:42 +01:00

19 lines
300 B
Python
Raw Permalink Blame History

import flask
import pickle
import yaml
import marshal
from flask import Flask, request
app = Flask(__name__)
@app.route("/")
def hello():
payload = request.args.get('payload')
pickle.loads(payload)
yaml.load(payload)
marshal.loads(payload)
import dill
dill.loads(payload)
Reference in New Issue View Git Blame Copy Permalink