Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit e51b797

Browse files
markshannonmarkshannon
committed
Python taint-tracking. Add an adapter for old 'dataflow config'.
1 parent 179f4ee commit e51b797

3 files changed

Lines changed: 90 additions & 0 deletions

File tree

python/ql/src/semmle/python/security/TaintTracking.qll

Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -705,6 +705,24 @@ module DataFlow {
705705

706706
}
707707

708+
private class ConfigurationAdapter extends TaintTracking::Configuration {
709+
710+
ConfigurationAdapter() {
711+
this instanceof Configuration
712+
}
713+
714+
override predicate isSource(DataFlow::Node node, TaintKind kind) {
715+
this.(Configuration).isSource(node.asCfgNode()) and
716+
kind instanceof DataFlowType
717+
}
718+
719+
override predicate isSink(DataFlow::Node node, TaintKind kind) {
720+
this.(Configuration).isSink(node.asCfgNode()) and
721+
kind instanceof DataFlowType
722+
}
723+
724+
}
725+
708726
private newtype TDataFlowNode =
709727
TEssaNode(EssaVariable var)
710728
or

python/ql/test/library-tests/taint/dataflow/Dataflow.expected

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,14 @@
1+
| test.py:3:10:3:15 | ControlFlowNode for SOURCE | test.py:3:10:3:15 | ControlFlowNode for SOURCE |
2+
| test.py:6:9:6:14 | ControlFlowNode for SOURCE | test.py:7:10:7:10 | ControlFlowNode for s |
3+
| test.py:10:12:10:17 | ControlFlowNode for SOURCE | test.py:13:10:13:12 | ControlFlowNode for arg |
4+
| test.py:10:12:10:17 | ControlFlowNode for SOURCE | test.py:17:10:17:10 | ControlFlowNode for t |
5+
| test.py:20:9:20:14 | ControlFlowNode for SOURCE | test.py:13:10:13:12 | ControlFlowNode for arg |
6+
| test.py:37:13:37:18 | ControlFlowNode for SOURCE | test.py:41:14:41:14 | ControlFlowNode for t |
7+
| test.py:62:13:62:18 | ControlFlowNode for SOURCE | test.py:13:10:13:12 | ControlFlowNode for arg |
8+
| test.py:67:13:67:18 | ControlFlowNode for SOURCE | test.py:13:10:13:12 | ControlFlowNode for arg |
9+
| test.py:76:9:76:14 | ControlFlowNode for SOURCE | test.py:78:10:78:10 | ControlFlowNode for t |
10+
| test.py:108:13:108:18 | ControlFlowNode for SOURCE | test.py:112:14:112:14 | ControlFlowNode for t |
11+
| test.py:139:10:139:15 | ControlFlowNode for SOURCE | test.py:140:14:140:14 | ControlFlowNode for t |
12+
| test.py:143:9:143:14 | ControlFlowNode for SOURCE | test.py:145:10:145:10 | ControlFlowNode for s |
13+
| test.py:158:9:158:14 | ControlFlowNode for SOURCE | test.py:160:14:160:14 | ControlFlowNode for t |
14+
| test.py:158:9:158:14 | ControlFlowNode for SOURCE | test.py:166:14:166:14 | ControlFlowNode for t |

python/ql/test/library-tests/taint/dataflow/TestNode.expected

Lines changed: 58 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1 +1,59 @@
11
WARNING: Predicate getNode has been deprecated and may be removed in future (TestNode.ql:5,77-84)
2+
| Taint Data flow | test.py:3 | SOURCE | |
3+
| Taint Data flow | test.py:6 | SOURCE | |
4+
| Taint Data flow | test.py:7 | s | |
5+
| Taint Data flow | test.py:10 | SOURCE | |
6+
| Taint Data flow | test.py:12 | arg | p0 = Data flow |
7+
| Taint Data flow | test.py:13 | arg | p0 = Data flow |
8+
| Taint Data flow | test.py:16 | source() | |
9+
| Taint Data flow | test.py:17 | t | |
10+
| Taint Data flow | test.py:20 | SOURCE | |
11+
| Taint Data flow | test.py:21 | t | |
12+
| Taint Data flow | test.py:24 | source() | |
13+
| Taint Data flow | test.py:25 | t | |
14+
| Taint Data flow | test.py:31 | SOURCE | |
15+
| Taint Data flow | test.py:37 | SOURCE | |
16+
| Taint Data flow | test.py:41 | t | |
17+
| Taint Data flow | test.py:44 | source() | |
18+
| Taint Data flow | test.py:46 | arg | p0 = Data flow |
19+
| Taint Data flow | test.py:47 | arg | p0 = Data flow |
20+
| Taint Data flow | test.py:49 | arg | p1 = Data flow |
21+
| Taint Data flow | test.py:51 | arg | p1 = Data flow |
22+
| Taint Data flow | test.py:54 | source2() | |
23+
| Taint Data flow | test.py:55 | t | |
24+
| Taint Data flow | test.py:62 | SOURCE | |
25+
| Taint Data flow | test.py:63 | t | |
26+
| Taint Data flow | test.py:67 | SOURCE | |
27+
| Taint Data flow | test.py:70 | t | |
28+
| Taint Data flow | test.py:72 | arg | p0 = Data flow |
29+
| Taint Data flow | test.py:73 | arg | p0 = Data flow |
30+
| Taint Data flow | test.py:76 | SOURCE | |
31+
| Taint Data flow | test.py:77 | hub() | |
32+
| Taint Data flow | test.py:77 | t | |
33+
| Taint Data flow | test.py:78 | t | |
34+
| Taint Data flow | test.py:108 | SOURCE | |
35+
| Taint Data flow | test.py:112 | t | |
36+
| Taint Data flow | test.py:118 | SOURCE | |
37+
| Taint Data flow | test.py:120 | t | |
38+
| Taint Data flow | test.py:128 | SOURCE | |
39+
| Taint Data flow | test.py:129 | t | |
40+
| Taint Data flow | test.py:139 | SOURCE | |
41+
| Taint Data flow | test.py:140 | t | |
42+
| Taint Data flow | test.py:143 | SOURCE | |
43+
| Taint Data flow | test.py:144 | s | |
44+
| Taint Data flow | test.py:145 | s | |
45+
| Taint Data flow | test.py:148 | SOURCE | |
46+
| Taint Data flow | test.py:149 | SOURCE | |
47+
| Taint Data flow | test.py:158 | SOURCE | |
48+
| Taint Data flow | test.py:159 | t | |
49+
| Taint Data flow | test.py:160 | t | |
50+
| Taint Data flow | test.py:163 | t | |
51+
| Taint Data flow | test.py:166 | t | |
52+
| Taint [Data flow] | test.py:148 | List | |
53+
| Taint [Data flow] | test.py:150 | l | |
54+
| Taint [Data flow] | test.py:154 | l | |
55+
| Taint [Data flow] | test.py:154 | list() | |
56+
| Taint {Data flow} | test.py:149 | Dict | |
57+
| Taint {Data flow} | test.py:151 | d | |
58+
| Taint {Data flow} | test.py:155 | d | |
59+
| Taint {Data flow} | test.py:155 | dict() | |

0 commit comments

Comments
 (0)