Describe the bug
running semgrep scan --config p/python --verbose
the rules return no results although the python file scanned contain a huge vulnerability calling a gradio with demo.launch(allowed_paths=["D:/", "C:"])
To Reproduce
Steps to reproduce the behavior, ideally a link to https://semgrep.dev/playground (click "share" and make public to get a shortlink):
with gr.Blocks() as demo:
gr.Markdown("## Demo")
gr.Markdown(
"Bug not caught"
)
demo.launch(allowed_paths=["D:/", "C:"])
Expected behavior
The rules should mark that the script opens up C and D drive to the internet...
What is the priority of the bug to you?
Environment
Docker on windows
Use case
What will fixing this bug enable for you?
improve the rules to make sure elementary mistakes like this are cought-
Describe the bug
running semgrep scan --config p/python --verbose
the rules return no results although the python file scanned contain a huge vulnerability calling a gradio with demo.launch(allowed_paths=["D:/", "C:"])
To Reproduce
Steps to reproduce the behavior, ideally a link to https://semgrep.dev/playground (click "share" and make public to get a shortlink):
with gr.Blocks() as demo:
gr.Markdown("## Demo")
gr.Markdown(
"Bug not caught"
)
demo.launch(allowed_paths=["D:/", "C:"])
Expected behavior
The rules should mark that the script opens up C and D drive to the internet...
What is the priority of the bug to you?
Environment
Docker on windows
Use case
What will fixing this bug enable for you?
improve the rules to make sure elementary mistakes like this are cought-