Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit b30142c

Browse files
RasmusWLRasmusWL
committed
Python: Move CommandInjection to new dataflow API
1 parent 700841e commit b30142c

2 files changed

Lines changed: 17 additions & 4 deletions

File tree

python/ql/lib/semmle/python/security/dataflow/CommandInjectionQuery.qll

Lines changed: 14 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -12,9 +12,11 @@ import semmle.python.dataflow.new.TaintTracking
1212
import CommandInjectionCustomizations::CommandInjection
1313

1414
/**
15+
* DEPRECATED: Use `CommandInjectionFlow` module instead.
16+
*
1517
* A taint-tracking configuration for detecting "command injection" vulnerabilities.
1618
*/
17-
class Configuration extends TaintTracking::Configuration {
19+
deprecated class Configuration extends TaintTracking::Configuration {
1820
Configuration() { this = "CommandInjection" }
1921

2022
override predicate isSource(DataFlow::Node source) { source instanceof Source }
@@ -27,3 +29,14 @@ class Configuration extends TaintTracking::Configuration {
2729
guard instanceof SanitizerGuard
2830
}
2931
}
32+
33+
private module CommandInjectionConfig implements DataFlow::ConfigSig {
34+
predicate isSource(DataFlow::Node source) { source instanceof Source }
35+
36+
predicate isSink(DataFlow::Node sink) { sink instanceof Sink }
37+
38+
predicate isBarrier(DataFlow::Node node) { node instanceof Sanitizer }
39+
}
40+
41+
/** Global taint-tracking for detecting "command injection" vulnerabilities. */
42+
module CommandInjectionFlow = TaintTracking::Global<CommandInjectionConfig>;

python/ql/src/Security/CWE-078/CommandInjection.ql

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -16,9 +16,9 @@
1616

1717
import python
1818
import semmle.python.security.dataflow.CommandInjectionQuery
19-
import DataFlow::PathGraph
19+
import CommandInjectionFlow::PathGraph
2020

21-
from Configuration config, DataFlow::PathNode source, DataFlow::PathNode sink
22-
where config.hasFlowPath(source, sink)
21+
from CommandInjectionFlow::PathNode source, CommandInjectionFlow::PathNode sink
22+
where CommandInjectionFlow::flowPath(source, sink)
2323
select sink.getNode(), source, sink, "This command line depends on a $@.", source.getNode(),
2424
"user-provided value"

0 commit comments

Comments
 (0)