Skip to content

Commit 8d9a797

Browse files
RasmusWLRasmusWL
committed
Python: Add tricky .format SSRF tests
1 parent 6f297f4 commit 8d9a797

File tree

3 files changed

+133
-117
lines changed

3 files changed

+133
-117
lines changed

python/ql/test/query-tests/Security/CWE-918-ServerSideRequestForgery/FullServerSideRequestForgery.expected

Lines changed: 57 additions & 53 deletions
Original file line numberDiff line numberDiff line change
@@ -20,33 +20,32 @@ edges
2020
| full_partial_test.py:30:18:30:48 | ControlFlowNode for Subscript | full_partial_test.py:35:18:35:20 | ControlFlowNode for url |
2121
| full_partial_test.py:30:18:30:48 | ControlFlowNode for Subscript | full_partial_test.py:38:18:38:20 | ControlFlowNode for url |
2222
| full_partial_test.py:30:18:30:48 | ControlFlowNode for Subscript | full_partial_test.py:41:18:41:20 | ControlFlowNode for url |
23+
| full_partial_test.py:30:18:30:48 | ControlFlowNode for Subscript | full_partial_test.py:44:18:44:20 | ControlFlowNode for url |
24+
| full_partial_test.py:30:18:30:48 | ControlFlowNode for Subscript | full_partial_test.py:47:18:47:20 | ControlFlowNode for url |
2325
| full_partial_test.py:31:17:31:23 | ControlFlowNode for request | full_partial_test.py:31:17:31:28 | ControlFlowNode for Attribute |
2426
| full_partial_test.py:31:17:31:28 | ControlFlowNode for Attribute | full_partial_test.py:31:17:31:41 | ControlFlowNode for Subscript |
2527
| full_partial_test.py:31:17:31:41 | ControlFlowNode for Subscript | full_partial_test.py:41:18:41:20 | ControlFlowNode for url |
26-
| full_partial_test.py:44:18:44:24 | ControlFlowNode for request | full_partial_test.py:44:18:44:29 | ControlFlowNode for Attribute |
27-
| full_partial_test.py:44:18:44:24 | ControlFlowNode for request | full_partial_test.py:45:17:45:23 | ControlFlowNode for request |
28-
| full_partial_test.py:44:18:44:24 | ControlFlowNode for request | full_partial_test.py:45:17:45:28 | ControlFlowNode for Attribute |
29-
| full_partial_test.py:44:18:44:29 | ControlFlowNode for Attribute | full_partial_test.py:44:18:44:48 | ControlFlowNode for Subscript |
30-
| full_partial_test.py:44:18:44:48 | ControlFlowNode for Subscript | full_partial_test.py:49:18:49:20 | ControlFlowNode for url |
31-
| full_partial_test.py:44:18:44:48 | ControlFlowNode for Subscript | full_partial_test.py:52:18:52:20 | ControlFlowNode for url |
32-
| full_partial_test.py:44:18:44:48 | ControlFlowNode for Subscript | full_partial_test.py:54:38:54:58 | ControlFlowNode for Tuple |
33-
| full_partial_test.py:45:17:45:23 | ControlFlowNode for request | full_partial_test.py:45:17:45:28 | ControlFlowNode for Attribute |
34-
| full_partial_test.py:45:17:45:28 | ControlFlowNode for Attribute | full_partial_test.py:45:17:45:41 | ControlFlowNode for Subscript |
35-
| full_partial_test.py:45:17:45:41 | ControlFlowNode for Subscript | full_partial_test.py:54:38:54:58 | ControlFlowNode for Tuple |
36-
| full_partial_test.py:54:38:54:58 | ControlFlowNode for Tuple | full_partial_test.py:55:18:55:20 | ControlFlowNode for url |
37-
| full_partial_test.py:58:18:58:24 | ControlFlowNode for request | full_partial_test.py:58:18:58:29 | ControlFlowNode for Attribute |
38-
| full_partial_test.py:58:18:58:24 | ControlFlowNode for request | full_partial_test.py:59:17:59:23 | ControlFlowNode for request |
39-
| full_partial_test.py:58:18:58:24 | ControlFlowNode for request | full_partial_test.py:59:17:59:28 | ControlFlowNode for Attribute |
40-
| full_partial_test.py:58:18:58:29 | ControlFlowNode for Attribute | full_partial_test.py:58:18:58:48 | ControlFlowNode for Subscript |
41-
| full_partial_test.py:58:18:58:48 | ControlFlowNode for Subscript | full_partial_test.py:63:18:63:20 | ControlFlowNode for url |
42-
| full_partial_test.py:58:18:58:48 | ControlFlowNode for Subscript | full_partial_test.py:66:18:66:20 | ControlFlowNode for url |
43-
| full_partial_test.py:58:18:58:48 | ControlFlowNode for Subscript | full_partial_test.py:69:18:69:20 | ControlFlowNode for url |
44-
| full_partial_test.py:59:17:59:23 | ControlFlowNode for request | full_partial_test.py:59:17:59:28 | ControlFlowNode for Attribute |
45-
| full_partial_test.py:59:17:59:28 | ControlFlowNode for Attribute | full_partial_test.py:59:17:59:41 | ControlFlowNode for Subscript |
46-
| full_partial_test.py:59:17:59:41 | ControlFlowNode for Subscript | full_partial_test.py:69:18:69:20 | ControlFlowNode for url |
47-
| full_partial_test.py:73:18:73:24 | ControlFlowNode for request | full_partial_test.py:73:18:73:29 | ControlFlowNode for Attribute |
48-
| full_partial_test.py:73:18:73:29 | ControlFlowNode for Attribute | full_partial_test.py:73:18:73:48 | ControlFlowNode for Subscript |
49-
| full_partial_test.py:73:18:73:48 | ControlFlowNode for Subscript | full_partial_test.py:76:18:76:20 | ControlFlowNode for url |
28+
| full_partial_test.py:50:18:50:24 | ControlFlowNode for request | full_partial_test.py:50:18:50:29 | ControlFlowNode for Attribute |
29+
| full_partial_test.py:50:18:50:24 | ControlFlowNode for request | full_partial_test.py:51:17:51:23 | ControlFlowNode for request |
30+
| full_partial_test.py:50:18:50:24 | ControlFlowNode for request | full_partial_test.py:51:17:51:28 | ControlFlowNode for Attribute |
31+
| full_partial_test.py:50:18:50:29 | ControlFlowNode for Attribute | full_partial_test.py:50:18:50:48 | ControlFlowNode for Subscript |
32+
| full_partial_test.py:50:18:50:48 | ControlFlowNode for Subscript | full_partial_test.py:55:18:55:20 | ControlFlowNode for url |
33+
| full_partial_test.py:50:18:50:48 | ControlFlowNode for Subscript | full_partial_test.py:58:18:58:20 | ControlFlowNode for url |
34+
| full_partial_test.py:50:18:50:48 | ControlFlowNode for Subscript | full_partial_test.py:60:38:60:58 | ControlFlowNode for Tuple |
35+
| full_partial_test.py:51:17:51:23 | ControlFlowNode for request | full_partial_test.py:51:17:51:28 | ControlFlowNode for Attribute |
36+
| full_partial_test.py:51:17:51:28 | ControlFlowNode for Attribute | full_partial_test.py:51:17:51:41 | ControlFlowNode for Subscript |
37+
| full_partial_test.py:51:17:51:41 | ControlFlowNode for Subscript | full_partial_test.py:60:38:60:58 | ControlFlowNode for Tuple |
38+
| full_partial_test.py:60:38:60:58 | ControlFlowNode for Tuple | full_partial_test.py:61:18:61:20 | ControlFlowNode for url |
39+
| full_partial_test.py:64:18:64:24 | ControlFlowNode for request | full_partial_test.py:64:18:64:29 | ControlFlowNode for Attribute |
40+
| full_partial_test.py:64:18:64:24 | ControlFlowNode for request | full_partial_test.py:65:17:65:23 | ControlFlowNode for request |
41+
| full_partial_test.py:64:18:64:24 | ControlFlowNode for request | full_partial_test.py:65:17:65:28 | ControlFlowNode for Attribute |
42+
| full_partial_test.py:64:18:64:29 | ControlFlowNode for Attribute | full_partial_test.py:64:18:64:48 | ControlFlowNode for Subscript |
43+
| full_partial_test.py:64:18:64:48 | ControlFlowNode for Subscript | full_partial_test.py:69:18:69:20 | ControlFlowNode for url |
44+
| full_partial_test.py:64:18:64:48 | ControlFlowNode for Subscript | full_partial_test.py:72:18:72:20 | ControlFlowNode for url |
45+
| full_partial_test.py:64:18:64:48 | ControlFlowNode for Subscript | full_partial_test.py:75:18:75:20 | ControlFlowNode for url |
46+
| full_partial_test.py:65:17:65:23 | ControlFlowNode for request | full_partial_test.py:65:17:65:28 | ControlFlowNode for Attribute |
47+
| full_partial_test.py:65:17:65:28 | ControlFlowNode for Attribute | full_partial_test.py:65:17:65:41 | ControlFlowNode for Subscript |
48+
| full_partial_test.py:65:17:65:41 | ControlFlowNode for Subscript | full_partial_test.py:75:18:75:20 | ControlFlowNode for url |
5049
| full_partial_test.py:79:18:79:24 | ControlFlowNode for request | full_partial_test.py:79:18:79:29 | ControlFlowNode for Attribute |
5150
| full_partial_test.py:79:18:79:29 | ControlFlowNode for Attribute | full_partial_test.py:79:18:79:48 | ControlFlowNode for Subscript |
5251
| full_partial_test.py:79:18:79:48 | ControlFlowNode for Subscript | full_partial_test.py:82:18:82:20 | ControlFlowNode for url |
@@ -58,10 +57,13 @@ edges
5857
| full_partial_test.py:91:18:91:48 | ControlFlowNode for Subscript | full_partial_test.py:94:18:94:20 | ControlFlowNode for url |
5958
| full_partial_test.py:97:18:97:24 | ControlFlowNode for request | full_partial_test.py:97:18:97:29 | ControlFlowNode for Attribute |
6059
| full_partial_test.py:97:18:97:29 | ControlFlowNode for Attribute | full_partial_test.py:97:18:97:48 | ControlFlowNode for Subscript |
61-
| full_partial_test.py:97:18:97:48 | ControlFlowNode for Subscript | full_partial_test.py:103:18:103:20 | ControlFlowNode for url |
62-
| full_partial_test.py:106:18:106:24 | ControlFlowNode for request | full_partial_test.py:106:18:106:29 | ControlFlowNode for Attribute |
63-
| full_partial_test.py:106:18:106:29 | ControlFlowNode for Attribute | full_partial_test.py:106:18:106:48 | ControlFlowNode for Subscript |
64-
| full_partial_test.py:106:18:106:48 | ControlFlowNode for Subscript | full_partial_test.py:109:18:109:20 | ControlFlowNode for url |
60+
| full_partial_test.py:97:18:97:48 | ControlFlowNode for Subscript | full_partial_test.py:100:18:100:20 | ControlFlowNode for url |
61+
| full_partial_test.py:103:18:103:24 | ControlFlowNode for request | full_partial_test.py:103:18:103:29 | ControlFlowNode for Attribute |
62+
| full_partial_test.py:103:18:103:29 | ControlFlowNode for Attribute | full_partial_test.py:103:18:103:48 | ControlFlowNode for Subscript |
63+
| full_partial_test.py:103:18:103:48 | ControlFlowNode for Subscript | full_partial_test.py:109:18:109:20 | ControlFlowNode for url |
64+
| full_partial_test.py:112:18:112:24 | ControlFlowNode for request | full_partial_test.py:112:18:112:29 | ControlFlowNode for Attribute |
65+
| full_partial_test.py:112:18:112:29 | ControlFlowNode for Attribute | full_partial_test.py:112:18:112:48 | ControlFlowNode for Subscript |
66+
| full_partial_test.py:112:18:112:48 | ControlFlowNode for Subscript | full_partial_test.py:115:18:115:20 | ControlFlowNode for url |
6567
| test_http_client.py:9:19:9:25 | ControlFlowNode for request | test_http_client.py:9:19:9:30 | ControlFlowNode for Attribute |
6668
| test_http_client.py:9:19:9:25 | ControlFlowNode for request | test_http_client.py:9:19:9:30 | ControlFlowNode for Attribute |
6769
| test_http_client.py:9:19:9:25 | ControlFlowNode for request | test_http_client.py:10:19:10:25 | ControlFlowNode for request |
@@ -124,29 +126,27 @@ nodes
124126
| full_partial_test.py:35:18:35:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
125127
| full_partial_test.py:38:18:38:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
126128
| full_partial_test.py:41:18:41:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
127-
| full_partial_test.py:44:18:44:24 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
128-
| full_partial_test.py:44:18:44:29 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
129-
| full_partial_test.py:44:18:44:48 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
130-
| full_partial_test.py:45:17:45:23 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
131-
| full_partial_test.py:45:17:45:28 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
132-
| full_partial_test.py:45:17:45:41 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
133-
| full_partial_test.py:49:18:49:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
134-
| full_partial_test.py:52:18:52:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
135-
| full_partial_test.py:54:38:54:58 | ControlFlowNode for Tuple | semmle.label | ControlFlowNode for Tuple |
129+
| full_partial_test.py:44:18:44:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
130+
| full_partial_test.py:47:18:47:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
131+
| full_partial_test.py:50:18:50:24 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
132+
| full_partial_test.py:50:18:50:29 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
133+
| full_partial_test.py:50:18:50:48 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
134+
| full_partial_test.py:51:17:51:23 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
135+
| full_partial_test.py:51:17:51:28 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
136+
| full_partial_test.py:51:17:51:41 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
136137
| full_partial_test.py:55:18:55:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
137-
| full_partial_test.py:58:18:58:24 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
138-
| full_partial_test.py:58:18:58:29 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
139-
| full_partial_test.py:58:18:58:48 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
140-
| full_partial_test.py:59:17:59:23 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
141-
| full_partial_test.py:59:17:59:28 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
142-
| full_partial_test.py:59:17:59:41 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
143-
| full_partial_test.py:63:18:63:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
144-
| full_partial_test.py:66:18:66:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
138+
| full_partial_test.py:58:18:58:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
139+
| full_partial_test.py:60:38:60:58 | ControlFlowNode for Tuple | semmle.label | ControlFlowNode for Tuple |
140+
| full_partial_test.py:61:18:61:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
141+
| full_partial_test.py:64:18:64:24 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
142+
| full_partial_test.py:64:18:64:29 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
143+
| full_partial_test.py:64:18:64:48 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
144+
| full_partial_test.py:65:17:65:23 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
145+
| full_partial_test.py:65:17:65:28 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
146+
| full_partial_test.py:65:17:65:41 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
145147
| full_partial_test.py:69:18:69:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
146-
| full_partial_test.py:73:18:73:24 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
147-
| full_partial_test.py:73:18:73:29 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
148-
| full_partial_test.py:73:18:73:48 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
149-
| full_partial_test.py:76:18:76:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
148+
| full_partial_test.py:72:18:72:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
149+
| full_partial_test.py:75:18:75:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
150150
| full_partial_test.py:79:18:79:24 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
151151
| full_partial_test.py:79:18:79:29 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
152152
| full_partial_test.py:79:18:79:48 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
@@ -162,11 +162,15 @@ nodes
162162
| full_partial_test.py:97:18:97:24 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
163163
| full_partial_test.py:97:18:97:29 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
164164
| full_partial_test.py:97:18:97:48 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
165-
| full_partial_test.py:103:18:103:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
166-
| full_partial_test.py:106:18:106:24 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
167-
| full_partial_test.py:106:18:106:29 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
168-
| full_partial_test.py:106:18:106:48 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
165+
| full_partial_test.py:100:18:100:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
166+
| full_partial_test.py:103:18:103:24 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
167+
| full_partial_test.py:103:18:103:29 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
168+
| full_partial_test.py:103:18:103:48 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
169169
| full_partial_test.py:109:18:109:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
170+
| full_partial_test.py:112:18:112:24 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
171+
| full_partial_test.py:112:18:112:29 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
172+
| full_partial_test.py:112:18:112:48 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
173+
| full_partial_test.py:115:18:115:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
170174
| test_http_client.py:9:19:9:25 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
171175
| test_http_client.py:9:19:9:25 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
172176
| test_http_client.py:9:19:9:30 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |

0 commit comments

Comments
 (0)