mirror of
https://github.com/github/codeql.git
synced 2026-03-20 22:46:47 +01:00
74345b1c05
Following the setup I invented for library-tests/taint/unpacking. TestStep is still a bit annoying, since the output is not easy to eyeball; but for now I guess we can live with it :) I honestly didn't get the point of DistinctStringKinds.ql, other than showing we can handle multiple taint kinds
63 lines
1.3 KiB
Plaintext
63 lines
1.3 KiB
Plaintext
import python
|
|
import semmle.python.security.TaintTracking
|
|
import semmle.python.security.strings.Untrusted
|
|
import semmle.python.security.Exceptions
|
|
|
|
|
|
class SimpleSource extends TaintSource {
|
|
|
|
SimpleSource() { this.(NameNode).getId() = "TAINTED_STRING" }
|
|
|
|
override predicate isSourceOf(TaintKind kind) {
|
|
kind instanceof ExternalStringKind
|
|
}
|
|
|
|
override string toString() {
|
|
result = "taint source"
|
|
}
|
|
|
|
}
|
|
|
|
class ListSource extends TaintSource {
|
|
|
|
ListSource() { this.(NameNode).getId() = "TAINTED_LIST" }
|
|
|
|
override predicate isSourceOf(TaintKind kind) {
|
|
kind instanceof ExternalStringSequenceKind
|
|
}
|
|
|
|
override string toString() {
|
|
result = "list taint source"
|
|
}
|
|
|
|
}
|
|
|
|
class DictSource extends TaintSource {
|
|
|
|
DictSource() { this.(NameNode).getId() = "TAINTED_DICT" }
|
|
|
|
override predicate isSourceOf(TaintKind kind) {
|
|
kind instanceof ExternalStringDictKind
|
|
}
|
|
|
|
override string toString() {
|
|
result = "dict taint source"
|
|
}
|
|
|
|
}
|
|
|
|
|
|
class ExceptionInfoSource extends TaintSource {
|
|
|
|
ExceptionInfoSource() { this.(NameNode).getId() = "TAINTED_EXCEPTION_INFO" }
|
|
|
|
override predicate isSourceOf(TaintKind kind) {
|
|
kind instanceof ExceptionInfo
|
|
}
|
|
|
|
override string toString() {
|
|
result = "Exception info source"
|
|
}
|
|
|
|
}
|