mirror of
https://github.com/github/codeql.git
synced 2026-06-05 05:27:04 +02:00
4ed5722e3e
Flips the Python dataflow trunk from the legacy CFG (semmle/python/Flow.qll) and legacy ESSA SSA (semmle/python/essa/*) to the new shared CFG facade (semmle.python.controlflow.internal.Cfg) and the new SSA adapter (semmle.python.dataflow.new.internal.SsaImpl), both introduced additively in the preceding PRs in this stack. This is the trunk-flip equivalent of the original draft PR #21894 (kept around as documentation), rebased on top of the four preparatory PRs: P1: Remove AstNode.getAFlowNode() and rewrite callers (#21919). P2: Qualify Flow.qll's AST references with Py:: prefix (#21920). P3: Add new shared-CFG-backed control flow graph (#21921). P4: Add new shared-SSA-backed SSA adapter (#21923). The Python dataflow library (semmle/python/dataflow/new/) now imports the new CFG facade and SSA adapter. All CFG-typed predicates (ControlFlowNode, CallNode, BasicBlock, NameNode, AttrNode, ...) are qualified with the Cfg:: prefix; SSA references switch from EssaVariable/EssaDefinition to SsaImpl::Definition/SourceVariable. GuardNode is redesigned to use the new CFG's outcome-node model (isAfterTrue / isAfterFalse) instead of the legacy ConditionBlock + flipped indirection. Only BarrierGuard<...> is preserved as public API. Framework files (Bottle, FastApi, Django, Tornado, Pyramid, Stdlib, ...) are updated to take CFG nodes from the new facade. A handful of dataflow consistency tweaks for the new CFG: - Augmented-assignment targets are treated as both load and store. - 'from X import *' produces uncertain SSA writes for unknown names. - CFG nodes are canonicalised so dataflow does not see equivalent pre/post-order pairs as distinct nodes. Two AST tweaks for the new CFG: - AstNodeImpl: omit PEP 695 type-parameter names from FunctionDefExpr / ClassDefExpr children. - ImportResolution: drop the legacy essa import. Test churn (~175 files): reblessed library- and query-test .expected files reflect slightly different CFG granularity, different toString output, and a handful of true alert deltas in security queries. Verification: all 367 lib + src + consistency-queries compile clean. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
264 lines
31 KiB
Plaintext
264 lines
31 KiB
Plaintext
#select
|
|
| full_partial_test.py:11:5:11:28 | After Attribute() | full_partial_test.py:1:19:1:25 | After ImportMember | full_partial_test.py:11:18:11:27 | user_input | The full URL of this request depends on a $@. | full_partial_test.py:1:19:1:25 | After ImportMember | user-provided value |
|
|
| full_partial_test.py:15:5:15:21 | After Attribute() | full_partial_test.py:1:19:1:25 | After ImportMember | full_partial_test.py:15:18:15:20 | url | The full URL of this request depends on a $@. | full_partial_test.py:1:19:1:25 | After ImportMember | user-provided value |
|
|
| full_partial_test.py:22:5:22:21 | After Attribute() | full_partial_test.py:1:19:1:25 | After ImportMember | full_partial_test.py:22:18:22:20 | url | The full URL of this request depends on a $@. | full_partial_test.py:1:19:1:25 | After ImportMember | user-provided value |
|
|
| full_partial_test.py:27:5:27:21 | After Attribute() | full_partial_test.py:1:19:1:25 | After ImportMember | full_partial_test.py:27:18:27:20 | url | The full URL of this request depends on a $@. | full_partial_test.py:1:19:1:25 | After ImportMember | user-provided value |
|
|
| full_partial_test.py:47:5:47:21 | After Attribute() | full_partial_test.py:1:19:1:25 | After ImportMember | full_partial_test.py:47:18:47:20 | url | The full URL of this request depends on a $@. | full_partial_test.py:1:19:1:25 | After ImportMember | user-provided value |
|
|
| full_partial_test.py:51:5:51:21 | After Attribute() | full_partial_test.py:1:19:1:25 | After ImportMember | full_partial_test.py:51:18:51:20 | url | The full URL of this request depends on a $@. | full_partial_test.py:1:19:1:25 | After ImportMember | user-provided value |
|
|
| full_partial_test.py:55:5:55:21 | After Attribute() | full_partial_test.py:1:19:1:25 | After ImportMember | full_partial_test.py:55:18:55:20 | url | The full URL of this request depends on a $@. | full_partial_test.py:1:19:1:25 | After ImportMember | user-provided value |
|
|
| full_partial_test.py:59:5:59:21 | After Attribute() | full_partial_test.py:1:19:1:25 | After ImportMember | full_partial_test.py:59:18:59:20 | url | The full URL of this request depends on a $@. | full_partial_test.py:1:19:1:25 | After ImportMember | user-provided value |
|
|
| full_partial_test.py:63:5:63:21 | After Attribute() | full_partial_test.py:1:19:1:25 | After ImportMember | full_partial_test.py:63:18:63:20 | url | The full URL of this request depends on a $@. | full_partial_test.py:1:19:1:25 | After ImportMember | user-provided value |
|
|
| full_partial_test.py:72:5:72:21 | After Attribute() | full_partial_test.py:1:19:1:25 | After ImportMember | full_partial_test.py:72:18:72:20 | url | The full URL of this request depends on a $@. | full_partial_test.py:1:19:1:25 | After ImportMember | user-provided value |
|
|
| full_partial_test.py:76:5:76:21 | After Attribute() | full_partial_test.py:1:19:1:25 | After ImportMember | full_partial_test.py:76:18:76:20 | url | The full URL of this request depends on a $@. | full_partial_test.py:1:19:1:25 | After ImportMember | user-provided value |
|
|
| full_partial_test.py:89:5:89:21 | After Attribute() | full_partial_test.py:1:19:1:25 | After ImportMember | full_partial_test.py:89:18:89:20 | url | The full URL of this request depends on a $@. | full_partial_test.py:1:19:1:25 | After ImportMember | user-provided value |
|
|
| full_partial_test.py:93:5:93:21 | After Attribute() | full_partial_test.py:1:19:1:25 | After ImportMember | full_partial_test.py:93:18:93:20 | url | The full URL of this request depends on a $@. | full_partial_test.py:1:19:1:25 | After ImportMember | user-provided value |
|
|
| full_partial_test.py:97:5:97:21 | After Attribute() | full_partial_test.py:1:19:1:25 | After ImportMember | full_partial_test.py:97:18:97:20 | url | The full URL of this request depends on a $@. | full_partial_test.py:1:19:1:25 | After ImportMember | user-provided value |
|
|
| test_azure_client.py:16:5:16:59 | After SecretClient() | test_azure_client.py:6:19:6:25 | After ImportMember | test_azure_client.py:16:28:16:35 | full_url | The full URL of this request depends on a $@. | test_azure_client.py:6:19:6:25 | After ImportMember | user-provided value |
|
|
| test_azure_client.py:18:5:18:43 | After Attribute() | test_azure_client.py:6:19:6:25 | After ImportMember | test_azure_client.py:18:35:18:42 | full_url | The full URL of this request depends on a $@. | test_azure_client.py:6:19:6:25 | After ImportMember | user-provided value |
|
|
| test_azure_client.py:20:5:20:35 | After KeyClient() | test_azure_client.py:6:19:6:25 | After ImportMember | test_azure_client.py:20:15:20:22 | full_url | The full URL of this request depends on a $@. | test_azure_client.py:6:19:6:25 | After ImportMember | user-provided value |
|
|
| test_azure_client.py:22:5:22:85 | After Attribute() | test_azure_client.py:6:19:6:25 | After ImportMember | test_azure_client.py:22:54:22:61 | full_url | The full URL of this request depends on a $@. | test_azure_client.py:6:19:6:25 | After ImportMember | user-provided value |
|
|
| test_azure_client.py:25:5:25:104 | After download_blob_from_url() | test_azure_client.py:6:19:6:25 | After ImportMember | test_azure_client.py:25:37:25:44 | full_url | The full URL of this request depends on a $@. | test_azure_client.py:6:19:6:25 | After ImportMember | user-provided value |
|
|
| test_http_client.py:15:5:15:36 | After Attribute() | test_http_client.py:1:19:1:25 | After ImportMember | test_http_client.py:13:27:13:37 | unsafe_host | The full URL of this request depends on a $@. | test_http_client.py:1:19:1:25 | After ImportMember | user-provided value |
|
|
| test_http_client.py:15:5:15:36 | After Attribute() | test_http_client.py:1:19:1:25 | After ImportMember | test_http_client.py:15:25:15:35 | unsafe_path | The full URL of this request depends on a $@. | test_http_client.py:1:19:1:25 | After ImportMember | user-provided value |
|
|
| test_http_client.py:21:5:21:36 | After Attribute() | test_http_client.py:1:19:1:25 | After ImportMember | test_http_client.py:19:27:19:37 | unsafe_host | The full URL of this request depends on a $@. | test_http_client.py:1:19:1:25 | After ImportMember | user-provided value |
|
|
| test_http_client.py:21:5:21:36 | After Attribute() | test_http_client.py:1:19:1:25 | After ImportMember | test_http_client.py:21:25:21:35 | unsafe_path | The full URL of this request depends on a $@. | test_http_client.py:1:19:1:25 | After ImportMember | user-provided value |
|
|
| test_path_validation.py:21:9:21:63 | After SecretClient() | test_path_validation.py:5:19:5:25 | After ImportMember | test_path_validation.py:21:32:21:39 | full_url | The full URL of this request depends on a $@. | test_path_validation.py:5:19:5:25 | After ImportMember | user-provided value |
|
|
| test_path_validation.py:37:9:37:60 | After KeyClient() | test_path_validation.py:5:19:5:25 | After ImportMember | test_path_validation.py:37:29:37:36 | full_url | The full URL of this request depends on a $@. | test_path_validation.py:5:19:5:25 | After ImportMember | user-provided value |
|
|
| test_path_validation.py:53:9:53:47 | After Attribute() | test_path_validation.py:5:19:5:25 | After ImportMember | test_path_validation.py:53:39:53:46 | full_url | The full URL of this request depends on a $@. | test_path_validation.py:5:19:5:25 | After ImportMember | user-provided value |
|
|
| test_path_validation.py:64:9:64:58 | After SecretClient() | test_path_validation.py:5:19:5:25 | After ImportMember | test_path_validation.py:64:32:64:34 | url | The full URL of this request depends on a $@. | test_path_validation.py:5:19:5:25 | After ImportMember | user-provided value |
|
|
| test_path_validation.py:71:9:71:58 | After SecretClient() | test_path_validation.py:5:19:5:25 | After ImportMember | test_path_validation.py:71:32:71:34 | url | The full URL of this request depends on a $@. | test_path_validation.py:5:19:5:25 | After ImportMember | user-provided value |
|
|
| test_path_validation.py:74:9:74:58 | After SecretClient() | test_path_validation.py:5:19:5:25 | After ImportMember | test_path_validation.py:74:32:74:34 | url | The full URL of this request depends on a $@. | test_path_validation.py:5:19:5:25 | After ImportMember | user-provided value |
|
|
| test_path_validation.py:79:9:79:58 | After SecretClient() | test_path_validation.py:5:19:5:25 | After ImportMember | test_path_validation.py:79:32:79:34 | url | The full URL of this request depends on a $@. | test_path_validation.py:5:19:5:25 | After ImportMember | user-provided value |
|
|
| test_path_validation.py:87:9:87:58 | After SecretClient() | test_path_validation.py:5:19:5:25 | After ImportMember | test_path_validation.py:87:32:87:34 | url | The full URL of this request depends on a $@. | test_path_validation.py:5:19:5:25 | After ImportMember | user-provided value |
|
|
| test_path_validation.py:90:9:90:58 | After SecretClient() | test_path_validation.py:5:19:5:25 | After ImportMember | test_path_validation.py:90:32:90:34 | url | The full URL of this request depends on a $@. | test_path_validation.py:5:19:5:25 | After ImportMember | user-provided value |
|
|
| test_path_validation.py:95:9:95:58 | After SecretClient() | test_path_validation.py:5:19:5:25 | After ImportMember | test_path_validation.py:95:32:95:34 | url | The full URL of this request depends on a $@. | test_path_validation.py:5:19:5:25 | After ImportMember | user-provided value |
|
|
| test_path_validation.py:102:9:102:58 | After SecretClient() | test_path_validation.py:5:19:5:25 | After ImportMember | test_path_validation.py:102:32:102:34 | url | The full URL of this request depends on a $@. | test_path_validation.py:5:19:5:25 | After ImportMember | user-provided value |
|
|
| test_path_validation.py:107:9:107:58 | After SecretClient() | test_path_validation.py:5:19:5:25 | After ImportMember | test_path_validation.py:107:32:107:34 | url | The full URL of this request depends on a $@. | test_path_validation.py:5:19:5:25 | After ImportMember | user-provided value |
|
|
| test_path_validation.py:110:9:110:58 | After SecretClient() | test_path_validation.py:5:19:5:25 | After ImportMember | test_path_validation.py:110:32:110:34 | url | The full URL of this request depends on a $@. | test_path_validation.py:5:19:5:25 | After ImportMember | user-provided value |
|
|
| test_path_validation.py:115:9:115:58 | After SecretClient() | test_path_validation.py:5:19:5:25 | After ImportMember | test_path_validation.py:115:32:115:34 | url | The full URL of this request depends on a $@. | test_path_validation.py:5:19:5:25 | After ImportMember | user-provided value |
|
|
| test_path_validation.py:122:9:122:58 | After SecretClient() | test_path_validation.py:5:19:5:25 | After ImportMember | test_path_validation.py:122:32:122:34 | url | The full URL of this request depends on a $@. | test_path_validation.py:5:19:5:25 | After ImportMember | user-provided value |
|
|
| test_path_validation.py:125:9:125:58 | After SecretClient() | test_path_validation.py:5:19:5:25 | After ImportMember | test_path_validation.py:125:32:125:34 | url | The full URL of this request depends on a $@. | test_path_validation.py:5:19:5:25 | After ImportMember | user-provided value |
|
|
| test_path_validation.py:132:9:132:58 | After SecretClient() | test_path_validation.py:5:19:5:25 | After ImportMember | test_path_validation.py:132:32:132:34 | url | The full URL of this request depends on a $@. | test_path_validation.py:5:19:5:25 | After ImportMember | user-provided value |
|
|
| test_requests.py:9:5:9:28 | After Attribute() | test_requests.py:1:19:1:25 | After ImportMember | test_requests.py:9:18:9:27 | user_input | The full URL of this request depends on a $@. | test_requests.py:1:19:1:25 | After ImportMember | user-provided value |
|
|
| test_requests.py:17:5:17:27 | After Attribute() | test_requests.py:1:19:1:25 | After ImportMember | test_requests.py:17:17:17:26 | user_input | The full URL of this request depends on a $@. | test_requests.py:1:19:1:25 | After ImportMember | user-provided value |
|
|
| test_requests.py:22:5:22:44 | After Attribute() | test_requests.py:1:19:1:25 | After ImportMember | test_requests.py:22:34:22:43 | user_input | The full URL of this request depends on a $@. | test_requests.py:1:19:1:25 | After ImportMember | user-provided value |
|
|
edges
|
|
| full_partial_test.py:1:19:1:25 | After ImportMember | full_partial_test.py:1:19:1:25 | request | provenance | |
|
|
| full_partial_test.py:1:19:1:25 | request | full_partial_test.py:7:18:7:24 | request | provenance | |
|
|
| full_partial_test.py:1:19:1:25 | request | full_partial_test.py:41:18:41:24 | request | provenance | |
|
|
| full_partial_test.py:1:19:1:25 | request | full_partial_test.py:66:18:66:24 | request | provenance | |
|
|
| full_partial_test.py:1:19:1:25 | request | full_partial_test.py:83:18:83:24 | request | provenance | |
|
|
| full_partial_test.py:7:5:7:14 | user_input | full_partial_test.py:11:18:11:27 | user_input | provenance | |
|
|
| full_partial_test.py:7:5:7:14 | user_input | full_partial_test.py:13:5:13:7 | url | provenance | |
|
|
| full_partial_test.py:7:5:7:14 | user_input | full_partial_test.py:20:5:20:7 | url | provenance | |
|
|
| full_partial_test.py:7:5:7:14 | user_input | full_partial_test.py:25:5:25:7 | url | provenance | |
|
|
| full_partial_test.py:7:18:7:24 | request | full_partial_test.py:7:5:7:14 | user_input | provenance | AdditionalTaintStep |
|
|
| full_partial_test.py:13:5:13:7 | url | full_partial_test.py:15:18:15:20 | url | provenance | |
|
|
| full_partial_test.py:20:5:20:7 | url | full_partial_test.py:22:18:22:20 | url | provenance | |
|
|
| full_partial_test.py:25:5:25:7 | url | full_partial_test.py:27:18:27:20 | url | provenance | |
|
|
| full_partial_test.py:41:5:41:14 | user_input | full_partial_test.py:45:5:45:7 | url | provenance | |
|
|
| full_partial_test.py:41:5:41:14 | user_input | full_partial_test.py:49:5:49:7 | url | provenance | |
|
|
| full_partial_test.py:41:5:41:14 | user_input | full_partial_test.py:53:5:53:7 | url | provenance | |
|
|
| full_partial_test.py:41:5:41:14 | user_input | full_partial_test.py:57:5:57:7 | url | provenance | |
|
|
| full_partial_test.py:41:5:41:14 | user_input | full_partial_test.py:61:5:61:7 | url | provenance | |
|
|
| full_partial_test.py:41:18:41:24 | request | full_partial_test.py:41:5:41:14 | user_input | provenance | AdditionalTaintStep |
|
|
| full_partial_test.py:45:5:45:7 | url | full_partial_test.py:47:18:47:20 | url | provenance | |
|
|
| full_partial_test.py:49:5:49:7 | url | full_partial_test.py:51:18:51:20 | url | provenance | |
|
|
| full_partial_test.py:53:5:53:7 | url | full_partial_test.py:55:18:55:20 | url | provenance | |
|
|
| full_partial_test.py:57:5:57:7 | url | full_partial_test.py:59:18:59:20 | url | provenance | |
|
|
| full_partial_test.py:61:5:61:7 | url | full_partial_test.py:63:18:63:20 | url | provenance | |
|
|
| full_partial_test.py:66:5:66:14 | user_input | full_partial_test.py:70:5:70:7 | url | provenance | |
|
|
| full_partial_test.py:66:5:66:14 | user_input | full_partial_test.py:74:5:74:7 | url | provenance | |
|
|
| full_partial_test.py:66:18:66:24 | request | full_partial_test.py:66:5:66:14 | user_input | provenance | AdditionalTaintStep |
|
|
| full_partial_test.py:70:5:70:7 | url | full_partial_test.py:72:18:72:20 | url | provenance | |
|
|
| full_partial_test.py:74:5:74:7 | url | full_partial_test.py:76:18:76:20 | url | provenance | |
|
|
| full_partial_test.py:83:5:83:14 | user_input | full_partial_test.py:87:5:87:7 | url | provenance | |
|
|
| full_partial_test.py:83:5:83:14 | user_input | full_partial_test.py:91:5:91:7 | url | provenance | |
|
|
| full_partial_test.py:83:5:83:14 | user_input | full_partial_test.py:95:5:95:7 | url | provenance | |
|
|
| full_partial_test.py:83:18:83:24 | request | full_partial_test.py:83:5:83:14 | user_input | provenance | AdditionalTaintStep |
|
|
| full_partial_test.py:87:5:87:7 | url | full_partial_test.py:89:18:89:20 | url | provenance | |
|
|
| full_partial_test.py:91:5:91:7 | url | full_partial_test.py:93:18:93:20 | url | provenance | |
|
|
| full_partial_test.py:95:5:95:7 | url | full_partial_test.py:97:18:97:20 | url | provenance | |
|
|
| test_azure_client.py:6:19:6:25 | After ImportMember | test_azure_client.py:6:19:6:25 | request | provenance | |
|
|
| test_azure_client.py:6:19:6:25 | request | test_azure_client.py:9:18:9:24 | request | provenance | |
|
|
| test_azure_client.py:6:19:6:25 | request | test_azure_client.py:10:19:10:25 | request | provenance | |
|
|
| test_azure_client.py:9:18:9:24 | request | test_azure_client.py:10:5:10:15 | user_input2 | provenance | AdditionalTaintStep |
|
|
| test_azure_client.py:10:5:10:15 | user_input2 | test_azure_client.py:13:5:13:12 | full_url | provenance | |
|
|
| test_azure_client.py:10:19:10:25 | request | test_azure_client.py:10:5:10:15 | user_input2 | provenance | AdditionalTaintStep |
|
|
| test_azure_client.py:13:5:13:12 | full_url | test_azure_client.py:16:28:16:35 | full_url | provenance | Sink:MaD:2 |
|
|
| test_azure_client.py:13:5:13:12 | full_url | test_azure_client.py:18:35:18:42 | full_url | provenance | Sink:MaD:4 |
|
|
| test_azure_client.py:13:5:13:12 | full_url | test_azure_client.py:20:15:20:22 | full_url | provenance | Sink:MaD:1 |
|
|
| test_azure_client.py:13:5:13:12 | full_url | test_azure_client.py:22:54:22:61 | full_url | provenance | Sink:MaD:3 |
|
|
| test_azure_client.py:13:5:13:12 | full_url | test_azure_client.py:25:37:25:44 | full_url | provenance | Sink:MaD:5 |
|
|
| test_http_client.py:1:19:1:25 | After ImportMember | test_http_client.py:1:19:1:25 | request | provenance | |
|
|
| test_http_client.py:1:19:1:25 | request | test_http_client.py:9:19:9:25 | request | provenance | |
|
|
| test_http_client.py:1:19:1:25 | request | test_http_client.py:10:19:10:25 | request | provenance | |
|
|
| test_http_client.py:9:5:9:15 | unsafe_host | test_http_client.py:13:27:13:37 | unsafe_host | provenance | |
|
|
| test_http_client.py:9:5:9:15 | unsafe_host | test_http_client.py:19:27:19:37 | unsafe_host | provenance | |
|
|
| test_http_client.py:9:5:9:15 | unsafe_host | test_http_client.py:28:27:28:37 | unsafe_host | provenance | |
|
|
| test_http_client.py:9:19:9:25 | request | test_http_client.py:9:5:9:15 | unsafe_host | provenance | AdditionalTaintStep |
|
|
| test_http_client.py:9:19:9:25 | request | test_http_client.py:10:5:10:15 | unsafe_path | provenance | AdditionalTaintStep |
|
|
| test_http_client.py:10:5:10:15 | unsafe_path | test_http_client.py:15:25:15:35 | unsafe_path | provenance | |
|
|
| test_http_client.py:10:5:10:15 | unsafe_path | test_http_client.py:21:25:21:35 | unsafe_path | provenance | |
|
|
| test_http_client.py:10:5:10:15 | unsafe_path | test_http_client.py:34:25:34:35 | unsafe_path | provenance | |
|
|
| test_http_client.py:10:19:10:25 | request | test_http_client.py:10:5:10:15 | unsafe_path | provenance | AdditionalTaintStep |
|
|
| test_path_validation.py:5:19:5:25 | After ImportMember | test_path_validation.py:5:19:5:25 | request | provenance | |
|
|
| test_path_validation.py:5:19:5:25 | request | test_path_validation.py:8:18:8:24 | request | provenance | |
|
|
| test_path_validation.py:5:19:5:25 | request | test_path_validation.py:9:19:9:25 | request | provenance | |
|
|
| test_path_validation.py:5:19:5:25 | request | test_path_validation.py:24:18:24:24 | request | provenance | |
|
|
| test_path_validation.py:5:19:5:25 | request | test_path_validation.py:25:19:25:25 | request | provenance | |
|
|
| test_path_validation.py:5:19:5:25 | request | test_path_validation.py:40:18:40:24 | request | provenance | |
|
|
| test_path_validation.py:5:19:5:25 | request | test_path_validation.py:41:19:41:25 | request | provenance | |
|
|
| test_path_validation.py:5:19:5:25 | request | test_path_validation.py:57:18:57:24 | request | provenance | |
|
|
| test_path_validation.py:8:18:8:24 | request | test_path_validation.py:9:5:9:15 | user_input2 | provenance | AdditionalTaintStep |
|
|
| test_path_validation.py:9:5:9:15 | user_input2 | test_path_validation.py:11:5:11:12 | full_url | provenance | |
|
|
| test_path_validation.py:9:19:9:25 | request | test_path_validation.py:9:5:9:15 | user_input2 | provenance | AdditionalTaintStep |
|
|
| test_path_validation.py:11:5:11:12 | full_url | test_path_validation.py:21:32:21:39 | full_url | provenance | Sink:MaD:2 |
|
|
| test_path_validation.py:24:18:24:24 | request | test_path_validation.py:25:5:25:15 | user_input2 | provenance | AdditionalTaintStep |
|
|
| test_path_validation.py:25:5:25:15 | user_input2 | test_path_validation.py:27:5:27:12 | full_url | provenance | |
|
|
| test_path_validation.py:25:19:25:25 | request | test_path_validation.py:25:5:25:15 | user_input2 | provenance | AdditionalTaintStep |
|
|
| test_path_validation.py:27:5:27:12 | full_url | test_path_validation.py:37:29:37:36 | full_url | provenance | Sink:MaD:1 |
|
|
| test_path_validation.py:40:18:40:24 | request | test_path_validation.py:41:5:41:15 | user_input2 | provenance | AdditionalTaintStep |
|
|
| test_path_validation.py:41:5:41:15 | user_input2 | test_path_validation.py:43:5:43:12 | full_url | provenance | |
|
|
| test_path_validation.py:41:19:41:25 | request | test_path_validation.py:41:5:41:15 | user_input2 | provenance | AdditionalTaintStep |
|
|
| test_path_validation.py:43:5:43:12 | full_url | test_path_validation.py:53:39:53:46 | full_url | provenance | Sink:MaD:4 |
|
|
| test_path_validation.py:57:5:57:14 | user_input | test_path_validation.py:61:5:61:7 | url | provenance | |
|
|
| test_path_validation.py:57:18:57:24 | request | test_path_validation.py:57:5:57:14 | user_input | provenance | AdditionalTaintStep |
|
|
| test_path_validation.py:61:5:61:7 | url | test_path_validation.py:64:32:64:34 | url | provenance | Sink:MaD:2 |
|
|
| test_path_validation.py:61:5:61:7 | url | test_path_validation.py:71:32:71:34 | url | provenance | Sink:MaD:2 |
|
|
| test_path_validation.py:61:5:61:7 | url | test_path_validation.py:74:32:74:34 | url | provenance | Sink:MaD:2 |
|
|
| test_path_validation.py:61:5:61:7 | url | test_path_validation.py:79:32:79:34 | url | provenance | Sink:MaD:2 |
|
|
| test_path_validation.py:61:5:61:7 | url | test_path_validation.py:87:32:87:34 | url | provenance | Sink:MaD:2 |
|
|
| test_path_validation.py:61:5:61:7 | url | test_path_validation.py:90:32:90:34 | url | provenance | Sink:MaD:2 |
|
|
| test_path_validation.py:61:5:61:7 | url | test_path_validation.py:95:32:95:34 | url | provenance | Sink:MaD:2 |
|
|
| test_path_validation.py:61:5:61:7 | url | test_path_validation.py:102:32:102:34 | url | provenance | Sink:MaD:2 |
|
|
| test_path_validation.py:61:5:61:7 | url | test_path_validation.py:107:32:107:34 | url | provenance | Sink:MaD:2 |
|
|
| test_path_validation.py:61:5:61:7 | url | test_path_validation.py:110:32:110:34 | url | provenance | Sink:MaD:2 |
|
|
| test_path_validation.py:61:5:61:7 | url | test_path_validation.py:115:32:115:34 | url | provenance | Sink:MaD:2 |
|
|
| test_path_validation.py:61:5:61:7 | url | test_path_validation.py:122:32:122:34 | url | provenance | Sink:MaD:2 |
|
|
| test_path_validation.py:61:5:61:7 | url | test_path_validation.py:125:32:125:34 | url | provenance | Sink:MaD:2 |
|
|
| test_path_validation.py:61:5:61:7 | url | test_path_validation.py:132:32:132:34 | url | provenance | Sink:MaD:2 |
|
|
| test_requests.py:1:19:1:25 | After ImportMember | test_requests.py:1:19:1:25 | request | provenance | |
|
|
| test_requests.py:1:19:1:25 | request | test_requests.py:7:18:7:24 | request | provenance | |
|
|
| test_requests.py:1:19:1:25 | request | test_requests.py:14:18:14:24 | request | provenance | |
|
|
| test_requests.py:1:19:1:25 | request | test_requests.py:20:18:20:24 | request | provenance | |
|
|
| test_requests.py:7:5:7:14 | user_input | test_requests.py:9:18:9:27 | user_input | provenance | |
|
|
| test_requests.py:7:18:7:24 | request | test_requests.py:7:5:7:14 | user_input | provenance | AdditionalTaintStep |
|
|
| test_requests.py:14:5:14:14 | user_input | test_requests.py:17:17:17:26 | user_input | provenance | |
|
|
| test_requests.py:14:18:14:24 | request | test_requests.py:14:5:14:14 | user_input | provenance | AdditionalTaintStep |
|
|
| test_requests.py:20:5:20:14 | user_input | test_requests.py:22:34:22:43 | user_input | provenance | |
|
|
| test_requests.py:20:18:20:24 | request | test_requests.py:20:5:20:14 | user_input | provenance | AdditionalTaintStep |
|
|
models
|
|
| 1 | Sink: azure.keyvault.keys.KeyClient!; Call.Argument[0,vault_url:]; request-forgery |
|
|
| 2 | Sink: azure.keyvault.secrets.SecretClient!; Call.Argument[0,vault_url:]; request-forgery |
|
|
| 3 | Sink: azure.storage.blob.ContainerClient!; Member[from_container_url].Argument[0,container_url:]; request-forgery |
|
|
| 4 | Sink: azure.storage.fileshare.ShareFileClient!; Member[from_file_url].Argument[0,file_url:]; request-forgery |
|
|
| 5 | Sink: azure; Member[storage].Member[blob].Member[download_blob_from_url].Argument[0,blob_url:]; request-forgery |
|
|
nodes
|
|
| full_partial_test.py:1:19:1:25 | After ImportMember | semmle.label | After ImportMember |
|
|
| full_partial_test.py:1:19:1:25 | request | semmle.label | request |
|
|
| full_partial_test.py:7:5:7:14 | user_input | semmle.label | user_input |
|
|
| full_partial_test.py:7:18:7:24 | request | semmle.label | request |
|
|
| full_partial_test.py:11:18:11:27 | user_input | semmle.label | user_input |
|
|
| full_partial_test.py:13:5:13:7 | url | semmle.label | url |
|
|
| full_partial_test.py:15:18:15:20 | url | semmle.label | url |
|
|
| full_partial_test.py:20:5:20:7 | url | semmle.label | url |
|
|
| full_partial_test.py:22:18:22:20 | url | semmle.label | url |
|
|
| full_partial_test.py:25:5:25:7 | url | semmle.label | url |
|
|
| full_partial_test.py:27:18:27:20 | url | semmle.label | url |
|
|
| full_partial_test.py:41:5:41:14 | user_input | semmle.label | user_input |
|
|
| full_partial_test.py:41:18:41:24 | request | semmle.label | request |
|
|
| full_partial_test.py:45:5:45:7 | url | semmle.label | url |
|
|
| full_partial_test.py:47:18:47:20 | url | semmle.label | url |
|
|
| full_partial_test.py:49:5:49:7 | url | semmle.label | url |
|
|
| full_partial_test.py:51:18:51:20 | url | semmle.label | url |
|
|
| full_partial_test.py:53:5:53:7 | url | semmle.label | url |
|
|
| full_partial_test.py:55:18:55:20 | url | semmle.label | url |
|
|
| full_partial_test.py:57:5:57:7 | url | semmle.label | url |
|
|
| full_partial_test.py:59:18:59:20 | url | semmle.label | url |
|
|
| full_partial_test.py:61:5:61:7 | url | semmle.label | url |
|
|
| full_partial_test.py:63:18:63:20 | url | semmle.label | url |
|
|
| full_partial_test.py:66:5:66:14 | user_input | semmle.label | user_input |
|
|
| full_partial_test.py:66:18:66:24 | request | semmle.label | request |
|
|
| full_partial_test.py:70:5:70:7 | url | semmle.label | url |
|
|
| full_partial_test.py:72:18:72:20 | url | semmle.label | url |
|
|
| full_partial_test.py:74:5:74:7 | url | semmle.label | url |
|
|
| full_partial_test.py:76:18:76:20 | url | semmle.label | url |
|
|
| full_partial_test.py:83:5:83:14 | user_input | semmle.label | user_input |
|
|
| full_partial_test.py:83:18:83:24 | request | semmle.label | request |
|
|
| full_partial_test.py:87:5:87:7 | url | semmle.label | url |
|
|
| full_partial_test.py:89:18:89:20 | url | semmle.label | url |
|
|
| full_partial_test.py:91:5:91:7 | url | semmle.label | url |
|
|
| full_partial_test.py:93:18:93:20 | url | semmle.label | url |
|
|
| full_partial_test.py:95:5:95:7 | url | semmle.label | url |
|
|
| full_partial_test.py:97:18:97:20 | url | semmle.label | url |
|
|
| test_azure_client.py:6:19:6:25 | After ImportMember | semmle.label | After ImportMember |
|
|
| test_azure_client.py:6:19:6:25 | request | semmle.label | request |
|
|
| test_azure_client.py:9:18:9:24 | request | semmle.label | request |
|
|
| test_azure_client.py:10:5:10:15 | user_input2 | semmle.label | user_input2 |
|
|
| test_azure_client.py:10:19:10:25 | request | semmle.label | request |
|
|
| test_azure_client.py:13:5:13:12 | full_url | semmle.label | full_url |
|
|
| test_azure_client.py:16:28:16:35 | full_url | semmle.label | full_url |
|
|
| test_azure_client.py:18:35:18:42 | full_url | semmle.label | full_url |
|
|
| test_azure_client.py:20:15:20:22 | full_url | semmle.label | full_url |
|
|
| test_azure_client.py:22:54:22:61 | full_url | semmle.label | full_url |
|
|
| test_azure_client.py:25:37:25:44 | full_url | semmle.label | full_url |
|
|
| test_http_client.py:1:19:1:25 | After ImportMember | semmle.label | After ImportMember |
|
|
| test_http_client.py:1:19:1:25 | request | semmle.label | request |
|
|
| test_http_client.py:9:5:9:15 | unsafe_host | semmle.label | unsafe_host |
|
|
| test_http_client.py:9:19:9:25 | request | semmle.label | request |
|
|
| test_http_client.py:10:5:10:15 | unsafe_path | semmle.label | unsafe_path |
|
|
| test_http_client.py:10:19:10:25 | request | semmle.label | request |
|
|
| test_http_client.py:13:27:13:37 | unsafe_host | semmle.label | unsafe_host |
|
|
| test_http_client.py:15:25:15:35 | unsafe_path | semmle.label | unsafe_path |
|
|
| test_http_client.py:19:27:19:37 | unsafe_host | semmle.label | unsafe_host |
|
|
| test_http_client.py:21:25:21:35 | unsafe_path | semmle.label | unsafe_path |
|
|
| test_http_client.py:28:27:28:37 | unsafe_host | semmle.label | unsafe_host |
|
|
| test_http_client.py:34:25:34:35 | unsafe_path | semmle.label | unsafe_path |
|
|
| test_path_validation.py:5:19:5:25 | After ImportMember | semmle.label | After ImportMember |
|
|
| test_path_validation.py:5:19:5:25 | request | semmle.label | request |
|
|
| test_path_validation.py:8:18:8:24 | request | semmle.label | request |
|
|
| test_path_validation.py:9:5:9:15 | user_input2 | semmle.label | user_input2 |
|
|
| test_path_validation.py:9:19:9:25 | request | semmle.label | request |
|
|
| test_path_validation.py:11:5:11:12 | full_url | semmle.label | full_url |
|
|
| test_path_validation.py:21:32:21:39 | full_url | semmle.label | full_url |
|
|
| test_path_validation.py:24:18:24:24 | request | semmle.label | request |
|
|
| test_path_validation.py:25:5:25:15 | user_input2 | semmle.label | user_input2 |
|
|
| test_path_validation.py:25:19:25:25 | request | semmle.label | request |
|
|
| test_path_validation.py:27:5:27:12 | full_url | semmle.label | full_url |
|
|
| test_path_validation.py:37:29:37:36 | full_url | semmle.label | full_url |
|
|
| test_path_validation.py:40:18:40:24 | request | semmle.label | request |
|
|
| test_path_validation.py:41:5:41:15 | user_input2 | semmle.label | user_input2 |
|
|
| test_path_validation.py:41:19:41:25 | request | semmle.label | request |
|
|
| test_path_validation.py:43:5:43:12 | full_url | semmle.label | full_url |
|
|
| test_path_validation.py:53:39:53:46 | full_url | semmle.label | full_url |
|
|
| test_path_validation.py:57:5:57:14 | user_input | semmle.label | user_input |
|
|
| test_path_validation.py:57:18:57:24 | request | semmle.label | request |
|
|
| test_path_validation.py:61:5:61:7 | url | semmle.label | url |
|
|
| test_path_validation.py:64:32:64:34 | url | semmle.label | url |
|
|
| test_path_validation.py:71:32:71:34 | url | semmle.label | url |
|
|
| test_path_validation.py:74:32:74:34 | url | semmle.label | url |
|
|
| test_path_validation.py:79:32:79:34 | url | semmle.label | url |
|
|
| test_path_validation.py:87:32:87:34 | url | semmle.label | url |
|
|
| test_path_validation.py:90:32:90:34 | url | semmle.label | url |
|
|
| test_path_validation.py:95:32:95:34 | url | semmle.label | url |
|
|
| test_path_validation.py:102:32:102:34 | url | semmle.label | url |
|
|
| test_path_validation.py:107:32:107:34 | url | semmle.label | url |
|
|
| test_path_validation.py:110:32:110:34 | url | semmle.label | url |
|
|
| test_path_validation.py:115:32:115:34 | url | semmle.label | url |
|
|
| test_path_validation.py:122:32:122:34 | url | semmle.label | url |
|
|
| test_path_validation.py:125:32:125:34 | url | semmle.label | url |
|
|
| test_path_validation.py:132:32:132:34 | url | semmle.label | url |
|
|
| test_requests.py:1:19:1:25 | After ImportMember | semmle.label | After ImportMember |
|
|
| test_requests.py:1:19:1:25 | request | semmle.label | request |
|
|
| test_requests.py:7:5:7:14 | user_input | semmle.label | user_input |
|
|
| test_requests.py:7:18:7:24 | request | semmle.label | request |
|
|
| test_requests.py:9:18:9:27 | user_input | semmle.label | user_input |
|
|
| test_requests.py:14:5:14:14 | user_input | semmle.label | user_input |
|
|
| test_requests.py:14:18:14:24 | request | semmle.label | request |
|
|
| test_requests.py:17:17:17:26 | user_input | semmle.label | user_input |
|
|
| test_requests.py:20:5:20:14 | user_input | semmle.label | user_input |
|
|
| test_requests.py:20:18:20:24 | request | semmle.label | request |
|
|
| test_requests.py:22:34:22:43 | user_input | semmle.label | user_input |
|
|
subpaths
|