hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 18:33:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
dd31be43e07d901bafb543c8f65be8e9b5abb364
codeql/python/ql/test/query-tests/Security/CWE-022-PathInjection/flask_path_injection.py
Rasmus Lerchedahl Petersen 03bd6cb414 python: Allow optional result=OK 
Also add a further test case
2023-01-06 13:33:12 +01:00

22 lines
750 B
Python
Raw Blame History

from flask import Flask, request, send_from_directory
app = Flask(__name__)
STATIC_DIR = "/server/static/"
# see https://flask.palletsprojects.com/en/1.1.x/api/#flask.send_from_directory
@app.route("/provide-filename")
def download_file():
filename = request.args.get('filename', '')
# ok since `send_from_directory` ensure this stays within `STATIC_DIR`
return send_from_directory(STATIC_DIR, filename) # $result=OK
# see https://flask.palletsprojects.com/en/1.1.x/api/#flask.send_from_directory
@app.route("/also-provide-dirname")
def download_file():
dirname = request.args.get('dirname', '')
filename = request.args.get('filename', '')
return send_from_directory(dirname, filename) # $result=BAD result=OK(filename)
Reference in New Issue View Git Blame Copy Permalink