Skip to content

Commit b03e75e

Browse files
jorgectfjorgectf
committed
Extend ldap3's start_tls and fix tests
1 parent a34d6d3 commit b03e75e

File tree

2 files changed

+8
-3
lines changed
  • python/ql

2 files changed

+8
-3
lines changed

python/ql/src/experimental/semmle/python/frameworks/LDAP.qll

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -219,6 +219,11 @@ private module LDAP {
219219
.(DataFlow::LocalSourceNode)
220220
.flowsTo([serverCall.getArg(2), serverCall.getArgByName("use_ssl")])
221221
)
222+
or
223+
exists(DataFlow::AttrRead startTLS |
224+
startTLS.getAttributeName().matches("%start_tls%") and
225+
startTLS.getObject().getALocalSource() = this
226+
)
222227
}
223228
}
224229

python/ql/test/experimental/query-tests/Security/CWE-522/ldap3_remote.py

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -48,7 +48,7 @@ def three():
4848
def four():
4949
host = "ldap://" + remote_host
5050

51-
srv = Server(host, port=1337, True)
51+
srv = Server(host, 1337, True)
5252
conn = Connection(srv, "dn", "password")
5353
conn.search("dn", "search_filter")
5454
return conn.response
@@ -87,7 +87,7 @@ def six():
8787
def seven():
8888
host = schema + request.args['host']
8989

90-
srv = Server(host, port=1337, True)
90+
srv = Server(host, 1337, True)
9191
conn = Connection(srv, "dn", "password")
9292
conn.search("dn", "search_filter")
9393
return conn.response
@@ -112,7 +112,7 @@ def eight():
112112
@app.route("/nine")
113113
def nine():
114114
host = schema + "somethingon.theinternet.com"
115-
srv = Server(host, port=1337, False)
115+
srv = Server(host, 1337, False)
116116
conn = Connection(srv, "dn", "password")
117117
conn.search("dn", "search_filter")
118118
return conn.response

0 commit comments

Comments
 (0)