Python: Add docs to web/stdlib/Request.qll

RasmusWL · RasmusWL · commit 6eb24011eb83 · 2020-04-22T11:26:50.000+02:00
diff --git a/python/ql/src/semmle/python/web/stdlib/Request.qll b/python/ql/src/semmle/python/web/stdlib/Request.qll
@@ -2,6 +2,7 @@ import python
 import semmle.python.security.TaintTracking
 import semmle.python.web.Http
 
+/** Source of BaseHTTPRequestHandler instances. */
 class StdLibRequestSource extends HttpRequestTaintSource {
     StdLibRequestSource() {
         exists(ClassValue cls |
@@ -16,6 +17,7 @@ class StdLibRequestSource extends HttpRequestTaintSource {
     override predicate isSourceOf(TaintKind kind) { kind instanceof BaseHTTPRequestHandlerKind }
 }
 
+/** TaintKind for an instance of BaseHTTPRequestHandler. */
 class BaseHTTPRequestHandlerKind extends TaintKind {
     BaseHTTPRequestHandlerKind() { this = "BaseHTTPRequestHandlerKind" }
 
@@ -31,6 +33,7 @@ class BaseHTTPRequestHandlerKind extends TaintKind {
     }
 }
 
+/** TaintKind for headers (instance of HTTPMessage). */
 class HTTPMessageKind extends ExternalStringDictKind {
     override TaintKind getTaintOfMethodResult(string name) {
         result = super.getTaintOfMethodResult(name)

Original file line number	Diff line number	Diff line change
`@@ -2,6 +2,7 @@ import python`
`2`	`2`	`import semmle.python.security.TaintTracking`
`3`	`3`	`import semmle.python.web.Http`
`4`	`4`
	`5`	`+/** Source of BaseHTTPRequestHandler instances. */`
`5`	`6`	`class StdLibRequestSource extends HttpRequestTaintSource {`
`6`	`7`	`StdLibRequestSource() {`
`7`	`8`	`exists(ClassValue cls \|`
`@@ -16,6 +17,7 @@ class StdLibRequestSource extends HttpRequestTaintSource {`
`16`	`17`	`override predicate isSourceOf(TaintKind kind) { kind instanceof BaseHTTPRequestHandlerKind }`
`17`	`18`	`}`
`18`	`19`
	`20`	`+/** TaintKind for an instance of BaseHTTPRequestHandler. */`
`19`	`21`	`class BaseHTTPRequestHandlerKind extends TaintKind {`
`20`	`22`	`BaseHTTPRequestHandlerKind() { this = "BaseHTTPRequestHandlerKind" }`
`21`	`23`
`@@ -31,6 +33,7 @@ class BaseHTTPRequestHandlerKind extends TaintKind {`
`31`	`33`	`}`
`32`	`34`	`}`
`33`	`35`
	`36`	`+/** TaintKind for headers (instance of HTTPMessage). */`
`34`	`37`	`class HTTPMessageKind extends ExternalStringDictKind {`
`35`	`38`	`override TaintKind getTaintOfMethodResult(string name) {`
`36`	`39`	`result = super.getTaintOfMethodResult(name)`