Python: Add test-case to password_in_cookie

RasmusWL · RasmusWL · commit 54246660c6a8 · 2019-11-12T10:36:12.000+01:00
diff --git a/python/ql/test/query-tests/Security/CWE-312/CleartextLogging.expected b/python/ql/test/query-tests/Security/CWE-312/CleartextLogging.expected
@@ -1,5 +1,6 @@
 edges
 | password_in_cookie.py:7:16:7:43 | a password | password_in_cookie.py:9:33:9:40 | a password |
+| password_in_cookie.py:14:16:14:43 | a password | password_in_cookie.py:16:33:16:40 | a password |
 | test.py:7:16:7:29 | a password | test.py:8:35:8:42 | a password |
 | test.py:7:16:7:29 | a password | test.py:8:35:8:42 | a password |
 | test.py:20:12:20:21 | a certificate or key | test.py:22:20:22:23 | a certificate or key |
diff --git a/python/ql/test/query-tests/Security/CWE-312/CleartextStorage.expected b/python/ql/test/query-tests/Security/CWE-312/CleartextStorage.expected
@@ -1,9 +1,12 @@
 edges
 | password_in_cookie.py:7:16:7:43 | a password | password_in_cookie.py:9:33:9:40 | a password |
 | password_in_cookie.py:7:16:7:43 | a password | password_in_cookie.py:9:33:9:40 | a password |
+| password_in_cookie.py:14:16:14:43 | a password | password_in_cookie.py:16:33:16:40 | a password |
+| password_in_cookie.py:14:16:14:43 | a password | password_in_cookie.py:16:33:16:40 | a password |
 | test.py:7:16:7:29 | a password | test.py:8:35:8:42 | a password |
 | test.py:20:12:20:21 | a certificate or key | test.py:22:20:22:23 | a certificate or key |
 | test.py:20:12:20:21 | a certificate or key | test.py:22:20:22:23 | a certificate or key |
 #select
 | password_in_cookie.py:9:33:9:40 | password | password_in_cookie.py:7:16:7:43 | a password | password_in_cookie.py:9:33:9:40 | a password | Sensitive data from $@ is stored here. | password_in_cookie.py:7:16:7:43 | Attribute() | a request parameter containing a password |
+| password_in_cookie.py:16:33:16:40 | password | password_in_cookie.py:14:16:14:43 | a password | password_in_cookie.py:16:33:16:40 | a password | Sensitive data from $@ is stored here. | password_in_cookie.py:14:16:14:43 | Attribute() | a request parameter containing a password |
 | test.py:22:20:22:23 | cert | test.py:20:12:20:21 | a certificate or key | test.py:22:20:22:23 | a certificate or key | Sensitive data from $@ is stored here. | test.py:20:12:20:21 | get_cert() | a call returning a certificate or key |
diff --git a/python/ql/test/query-tests/Security/CWE-312/password_in_cookie.py b/python/ql/test/query-tests/Security/CWE-312/password_in_cookie.py
@@ -1,4 +1,4 @@
-from flask import Flask, make_response, request
+from flask import Flask, make_response, request, Response
 
 app = Flask("Leak password")
 
@@ -8,3 +8,10 @@ def index():
     resp = make_response(render_template(...))
     resp.set_cookie("password", password)
     return resp
+
+@app.route('/')
+def index2():
+    password = request.args.get("password")
+    resp = Response(...)
+    resp.set_cookie("password", password)
+    return resp
