Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit f75e65c

Browse files
committed
Python: Move LogInjection to new dataflow API
1 parent 88cf9c9 commit f75e65c

2 files changed

Lines changed: 18 additions & 5 deletions

File tree

python/ql/lib/semmle/python/security/dataflow/LogInjectionQuery.qll

Lines changed: 15 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
/**
2-
* Provides a taint-tracking configuration for tracking untrusted user input used in log entries.
2+
* Provides a taint-tracking configuration for tracking "log injection" vulnerabilities.
33
*
44
* Note, for performance reasons: only import this file if
55
* `LogInjection::Configuration` is needed, otherwise
@@ -12,9 +12,11 @@ import semmle.python.dataflow.new.TaintTracking
1212
import LogInjectionCustomizations::LogInjection
1313

1414
/**
15+
* DEPRECATED: Use `LogInjectionFlow` module instead.
16+
*
1517
* A taint-tracking configuration for tracking untrusted user input used in log entries.
1618
*/
17-
class Configuration extends TaintTracking::Configuration {
19+
deprecated class Configuration extends TaintTracking::Configuration {
1820
Configuration() { this = "LogInjection" }
1921

2022
override predicate isSource(DataFlow::Node source) { source instanceof Source }
@@ -27,3 +29,14 @@ class Configuration extends TaintTracking::Configuration {
2729
guard instanceof SanitizerGuard
2830
}
2931
}
32+
33+
private module LogInjectionConfig implements DataFlow::ConfigSig {
34+
predicate isSource(DataFlow::Node source) { source instanceof Source }
35+
36+
predicate isSink(DataFlow::Node sink) { sink instanceof Sink }
37+
38+
predicate isBarrier(DataFlow::Node node) { node instanceof Sanitizer }
39+
}
40+
41+
/** Global taint-tracking for detecting "log injection" vulnerabilities. */
42+
module LogInjectionFlow = TaintTracking::Global<LogInjectionConfig>;

python/ql/src/Security/CWE-117/LogInjection.ql

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -13,9 +13,9 @@
1313

1414
import python
1515
import semmle.python.security.dataflow.LogInjectionQuery
16-
import DataFlow::PathGraph
16+
import LogInjectionFlow::PathGraph
1717

18-
from Configuration config, DataFlow::PathNode source, DataFlow::PathNode sink
19-
where config.hasFlowPath(source, sink)
18+
from LogInjectionFlow::PathNode source, LogInjectionFlow::PathNode sink
19+
where LogInjectionFlow::flowPath(source, sink)
2020
select sink.getNode(), source, sink, "This log entry depends on a $@.", source.getNode(),
2121
"user-provided value"

0 commit comments

Comments
 (0)