Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit d3f3cef

Browse files
RasmusWLRasmusWL
committed
Python: Autoformat (4 spaces) falcon library
1 parent 7a112f3 commit d3f3cef

3 files changed

Lines changed: 21 additions & 78 deletions

File tree

python/ql/src/semmle/python/web/falcon/General.qll

Lines changed: 10 additions & 35 deletions
Original file line numberDiff line numberDiff line change
@@ -1,15 +1,10 @@
11
import python
22
import semmle.python.web.Http
33

4-
54
/** The falcon API class */
6-
ClassValue theFalconAPIClass() {
7-
result = Value::named("falcon.API")
8-
}
5+
ClassValue theFalconAPIClass() { result = Value::named("falcon.API") }
96

10-
11-
/** Holds if `route` is routed to `resource`
12-
*/
7+
/** Holds if `route` is routed to `resource` */
138
private predicate api_route(CallNode route_call, ControlFlowNode route, ClassValue resource) {
149
route_call.getFunction().(AttrNode).getObject("add_route").pointsTo().getClass() = theFalconAPIClass() and
1510
route_call.getArg(0) = route and
@@ -21,10 +16,7 @@ private predicate route(FalconRoute route, Function target, string funcname) {
2116
}
2217

2318
class FalconRoute extends ControlFlowNode {
24-
25-
FalconRoute() {
26-
api_route(this, _, _)
27-
}
19+
FalconRoute() { api_route(this, _, _) }
2820

2921
string getUrl() {
3022
exists(StrConst url |
@@ -33,36 +25,19 @@ class FalconRoute extends ControlFlowNode {
3325
)
3426
}
3527

36-
ClassValue getResourceClass() {
37-
api_route(this, _, result)
38-
}
39-
40-
FalconHandlerFunction getHandlerFunction(string method) {
41-
route(this, result, method)
42-
}
28+
ClassValue getResourceClass() { api_route(this, _, result) }
4329

30+
FalconHandlerFunction getHandlerFunction(string method) { route(this, result, method) }
4431
}
4532

4633
class FalconHandlerFunction extends Function {
34+
FalconHandlerFunction() { route(_, this, _) }
4735

48-
FalconHandlerFunction() {
49-
route(_, this, _)
50-
}
51-
52-
private string methodName() {
53-
route(_, this, result)
54-
}
36+
private string methodName() { route(_, this, result) }
5537

56-
string getMethod() {
57-
result = this.methodName().toUpperCase()
58-
}
38+
string getMethod() { result = this.methodName().toUpperCase() }
5939

60-
Parameter getRequest() {
61-
result = this.getArg(1)
62-
}
63-
64-
Parameter getResponse() {
65-
result = this.getArg(2)
66-
}
40+
Parameter getRequest() { result = this.getArg(1) }
6741

42+
Parameter getResponse() { result = this.getArg(2) }
6843
}

python/ql/src/semmle/python/web/falcon/Request.qll

Lines changed: 6 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -1,32 +1,27 @@
11
import python
2-
32
import semmle.python.security.TaintTracking
43
import semmle.python.web.Http
54
import semmle.python.web.falcon.General
65
import semmle.python.security.strings.External
76

87
/** https://falcon.readthedocs.io/en/stable/api/request_and_response.html */
98
class FalconRequest extends TaintKind {
10-
11-
FalconRequest() {
12-
this = "falcon.request"
13-
}
9+
FalconRequest() { this = "falcon.request" }
1410

1511
override TaintKind getTaintOfAttribute(string name) {
1612
name = "env" and result instanceof WsgiEnvironment
1713
or
1814
result instanceof ExternalStringKind and
1915
(
20-
name = "uri" or name = "url" or
16+
name = "uri" or
17+
name = "url" or
2118
name = "forwarded_uri" or
2219
name = "relative_uri" or
2320
name = "query_string"
2421
)
2522
or
2623
result instanceof ExternalStringDictKind and
27-
(
28-
name = "cookies" or name = "params"
29-
)
24+
(name = "cookies" or name = "params")
3025
or
3126
name = "stream" and result instanceof ExternalFileObject
3227
}
@@ -41,16 +36,9 @@ class FalconRequest extends TaintKind {
4136
}
4237

4338
class FalconRequestParameter extends TaintSource {
44-
4539
FalconRequestParameter() {
46-
exists(FalconHandlerFunction f |
47-
f.getRequest() = this.(ControlFlowNode).getNode()
48-
)
49-
}
50-
51-
override predicate isSourceOf(TaintKind k) {
52-
k instanceof FalconRequest
40+
exists(FalconHandlerFunction f | f.getRequest() = this.(ControlFlowNode).getNode())
5341
}
5442

43+
override predicate isSourceOf(TaintKind k) { k instanceof FalconRequest }
5544
}
56-

python/ql/src/semmle/python/web/falcon/Response.qll

Lines changed: 5 additions & 25 deletions
Original file line numberDiff line numberDiff line change
@@ -1,48 +1,28 @@
11
import python
2-
3-
42
import semmle.python.security.TaintTracking
53
import semmle.python.web.Http
64
import semmle.python.web.falcon.General
75
import semmle.python.security.strings.External
86

9-
107
/** https://falcon.readthedocs.io/en/stable/api/request_and_response.html */
118
class FalconResponse extends TaintKind {
12-
13-
FalconResponse() {
14-
this = "falcon.response"
15-
}
16-
9+
FalconResponse() { this = "falcon.response" }
1710
}
1811

1912
class FalconResponseParameter extends TaintSource {
20-
2113
FalconResponseParameter() {
22-
exists(FalconHandlerFunction f |
23-
f.getResponse() = this.(ControlFlowNode).getNode()
24-
)
25-
}
26-
27-
override predicate isSourceOf(TaintKind k) {
28-
k instanceof FalconResponse
14+
exists(FalconHandlerFunction f | f.getResponse() = this.(ControlFlowNode).getNode())
2915
}
3016

17+
override predicate isSourceOf(TaintKind k) { k instanceof FalconResponse }
3118
}
3219

3320
class FalconResponseBodySink extends HttpResponseTaintSink {
34-
3521
FalconResponseBodySink() {
36-
exists(AttrNode attr |
37-
any(FalconResponse f).taints(attr.getObject("body")) |
22+
exists(AttrNode attr | any(FalconResponse f).taints(attr.getObject("body")) |
3823
attr.(DefinitionNode).getValue() = this
3924
)
4025
}
4126

42-
override predicate sinks(TaintKind kind) {
43-
kind instanceof StringKind
44-
}
45-
27+
override predicate sinks(TaintKind kind) { kind instanceof StringKind }
4628
}
47-
48-

0 commit comments

Comments
 (0)