-
Notifications
You must be signed in to change notification settings - Fork 23
Expand file tree
/
Copy pathHelpers.qll
More file actions
45 lines (42 loc) · 1.56 KB
/
Helpers.qll
File metadata and controls
45 lines (42 loc) · 1.56 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
import python
import semmle.python.dataflow.new.DataFlow
import semmle.python.dataflow.new.RemoteFlowSources
// Import Sinks
private import semmle.python.security.dataflow.CommandInjectionCustomizations
private import semmle.python.security.dataflow.CodeInjectionCustomizations
private import semmle.python.security.dataflow.ServerSideRequestForgeryCustomizations
private import semmle.python.security.dataflow.SqlInjectionCustomizations
private import semmle.python.security.dataflow.UnsafeDeserializationCustomizations
// Fields Sinks
private import ghsl.HardcodedSecretSinks
private import ghsl.MassAssignment
// Find Node at Location
predicate findByLocation(DataFlow::Node node, string relative_path, int linenumber) {
node.getLocation().getFile().getRelativePath() = relative_path and
node.getLocation().getStartLine() = linenumber
}
// Dangerous Sinks
predicate dangerousSinks(DataFlow::Node sink) {
(
sink instanceof CommandInjection::Sink or
sink instanceof CodeInjection::Sink or
sink instanceof ServerSideRequestForgery::Sink or
sink instanceof SqlInjection::Sink or
sink instanceof UnsafeDeserialization::Sink or
// Fields Query Addtional Sinks
sink instanceof CredentialSink or
sink instanceof MassAssignment::Sinks
) and
sink.getScope().inSource()
}
predicate functionParameters(DataFlow::Node node) {
(
// // Function Call Parameters
node instanceof DataFlow::ParameterNode
or
// Function Call Arguments
node instanceof DataFlow::ArgumentNode
) and
not dangerousSinks(node) and
node.getScope().inSource()
}