Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 6a45f6e

Browse files
yoffyoff
committed
Python: Port StackTraceExposure query
using empty concept implementation
1 parent 77ae91c commit 6a45f6e

2 files changed

Lines changed: 27 additions & 14 deletions

File tree

python/ql/src/Security/CWE-209/StackTraceExposure.ql

Lines changed: 5 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -13,19 +13,10 @@
1313
*/
1414

1515
import python
16-
import semmle.python.security.Paths
17-
import semmle.python.security.Exceptions
18-
import semmle.python.web.HttpResponse
16+
import semmle.python.security.dataflow.StackTraceExposure
17+
import DataFlow::PathGraph
1918

20-
class StackTraceExposureConfiguration extends TaintTracking::Configuration {
21-
StackTraceExposureConfiguration() { this = "Stack trace exposure configuration" }
22-
23-
override predicate isSource(TaintTracking::Source source) { source instanceof ErrorInfoSource }
24-
25-
override predicate isSink(TaintTracking::Sink sink) { sink instanceof HttpResponseTaintSink }
26-
}
27-
28-
from StackTraceExposureConfiguration config, TaintedPathSource src, TaintedPathSink sink
29-
where config.hasFlowPath(src, sink)
30-
select sink.getSink(), src, sink, "$@ may be exposed to an external user", src.getSource(),
19+
from StackTraceExposureConfiguration config, DataFlow::PathNode source, DataFlow::PathNode sink
20+
where config.hasFlowPath(source, sink)
21+
select sink.getNode(), source, sink, "$@ may be exposed to an external user", source.getNode(),
3122
"Error information"

python/ql/src/semmle/python/security/dataflow/StackTraceExposure.qll

Lines changed: 22 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,22 @@
1+
/**
2+
* Provides a taint-tracking configuration for detecting SQL injection
3+
* vulnerabilities.
4+
*/
5+
6+
import python
7+
import semmle.python.dataflow.new.DataFlow
8+
import semmle.python.dataflow.new.TaintTracking
9+
import semmle.python.Concepts
10+
11+
/**
12+
* A taint-tracking configuration for detecting SQL injection vulnerabilities.
13+
*/
14+
class StackTraceExposureConfiguration extends TaintTracking::Configuration {
15+
StackTraceExposureConfiguration() { this = "StackTraceExposureConfiguration" }
16+
17+
override predicate isSource(DataFlow::Node source) { source instanceof ErrorInfoSource }
18+
19+
override predicate isSink(DataFlow::Node sink) {
20+
sink = any(HTTP::Server::HttpResponse response).getBody()
21+
}
22+
}

0 commit comments

Comments
 (0)