hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 09:43:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
next
codeql/python/ql/test/query-tests/Security/CWE-209/test.py

38 lines
700 B
Python
Raw Permalink Blame History

from flask import Flask
app = Flask(__name__)
import traceback
def do_computation():
raise Exception("Secret info")
# BAD
@app.route('/bad')
def server_bad():
try:
do_computation()
except Exception as e:
return traceback.format_exc()
# GOOD
@app.route('/good')
def server_good():
try:
do_computation()
except Exception as e:
log(traceback.format_exc())
return "An internal error has occurred!"
#BAD
@app.route('/bad/with-flow')
def server_bad_flow():
try:
do_computation()
except Exception as e:
err = traceback.format_exc()
return format_error(err)
def format_error(msg):
return "[ERROR] " + msg
Reference in New Issue View Git Blame Copy Permalink