Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit e14b103

Browse files
jorgectfjorgectf
committed
Add indeterminate test to pyjwt
1 parent f1b3c70 commit e14b103

1 file changed

Lines changed: 9 additions & 5 deletions

File tree

  • python/ql/test/experimental/query-tests/Security/CWE-437

python/ql/test/experimental/query-tests/Security/CWE-437/pyjwt.py

Lines changed: 9 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -3,15 +3,15 @@
33
# Encoding
44

55
# good - key and algorithm supplied
6-
jwt.encode({"foo": "bar"}, "key", "HS256")
7-
jwt.encode({"foo": "bar"}, key="key", algorithm="HS256")
6+
jwt.encode(token, "key", "HS256")
7+
jwt.encode(token, key="key", algorithm="HS256")
88

99
# bad - both key and algorithm set to None
10-
jwt.encode({"foo": "bar"}, None, None)
10+
jwt.encode(token, None, None)
1111

1212
# bad - empty key
13-
jwt.encode({"foo": "bar"}, "", algorithm="HS256")
14-
jwt.encode({"foo": "bar"}, key="", algorithm="HS256")
13+
jwt.encode(token, "", algorithm="HS256")
14+
jwt.encode(token, key="", algorithm="HS256")
1515

1616
# Decoding
1717

@@ -25,3 +25,7 @@
2525
# good - verified decoding
2626
jwt.decode(token, verify=True)
2727
jwt.decode(token, key, options={"verify_signature": True})
28+
29+
30+
def indeterminate(verify):
31+
jwt.decode(token, key, verify)

0 commit comments

Comments
 (0)