Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 9e268d7

Browse files
markshannonmarkshannon
committed
Python: Add responses to Falcon framework support.
1 parent 6a48420 commit 9e268d7

6 files changed

Lines changed: 57 additions & 3 deletions

File tree

python/ql/src/semmle/python/web/HttpResponse.qll

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -5,3 +5,4 @@ import semmle.python.web.tornado.Response
55
import semmle.python.web.twisted.Response
66
import semmle.python.web.bottle.Response
77
import semmle.python.web.turbogears.Response
8+
import semmle.python.web.falcon.Response

python/ql/src/semmle/python/web/falcon/Response.qll

Lines changed: 48 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,48 @@
1+
import python
2+
3+
4+
import semmle.python.security.TaintTracking
5+
import semmle.python.web.Http
6+
import semmle.python.web.falcon.General
7+
import semmle.python.security.strings.External
8+
9+
10+
/** https://falcon.readthedocs.io/en/stable/api/request_and_response.html */
11+
class FalconResponse extends TaintKind {
12+
13+
FalconResponse() {
14+
this = "falcon.response"
15+
}
16+
17+
}
18+
19+
class FalconResponseParameter extends TaintSource {
20+
21+
FalconResponseParameter() {
22+
exists(FalconHandlerFunction f |
23+
f.getResponse() = this.(ControlFlowNode).getNode()
24+
)
25+
}
26+
27+
override predicate isSourceOf(TaintKind k) {
28+
k instanceof FalconResponse
29+
}
30+
31+
}
32+
33+
class FalconResponseBodySink extends TaintSink {
34+
35+
FalconResponseBodySink() {
36+
exists(AttrNode attr |
37+
any(FalconResponse f).taints(attr.getObject("body")) |
38+
attr.(DefinitionNode).getValue() = this
39+
)
40+
}
41+
42+
override predicate sinks(TaintKind kind) {
43+
kind instanceof ExternalStringKind
44+
}
45+
46+
}
47+
48+

python/ql/test/library-tests/web/falcon/Routing.expected

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,2 +1,2 @@
11
| /hello | get | test.py:9:5:9:32 | Function on_get |
2-
| /hello | post | test.py:12:5:12:33 | Function on_post |
2+
| /hello | post | test.py:19:5:19:33 | Function on_post |

python/ql/test/library-tests/web/falcon/Sinks.expected

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1 +1 @@
1-
fail
1+
| test.py:17 | Attribute() | externally controlled string |

python/ql/test/library-tests/web/falcon/Sources.expected

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1 +1,2 @@
1-
fail
1+
| test.py:9 | req | falcon.request |
2+
| test.py:19 | req | falcon.request |

python/ql/test/library-tests/web/falcon/Taint.expected

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,14 +1,18 @@
11
| test.py:9 | req | falcon.request |
2+
| test.py:9 | resp | falcon.response |
23
| test.py:10 | Attribute | file[externally controlled string] |
34
| test.py:10 | Attribute() | externally controlled string |
45
| test.py:10 | req | falcon.request |
56
| test.py:11 | Attribute() | externally controlled string |
67
| test.py:11 | Attribute() | json[externally controlled string] |
78
| test.py:11 | raw_json | externally controlled string |
9+
| test.py:12 | resp | falcon.response |
810
| test.py:13 | Dict | {externally controlled string} |
911
| test.py:13 | Dict | {json[externally controlled string]} |
1012
| test.py:15 | result | externally controlled string |
1113
| test.py:15 | result | json[externally controlled string] |
14+
| test.py:17 | resp | falcon.response |
1215
| test.py:17 | result | {externally controlled string} |
1316
| test.py:17 | result | {json[externally controlled string]} |
1417
| test.py:19 | req | falcon.request |
18+
| test.py:19 | resp | falcon.response |

0 commit comments

Comments
 (0)