Update TimingAttack.qll

ahmed-farid-dev · web-flow · commit a42cb20b862b · 2022-08-31T16:07:58.000+01:00
diff --git a/python/ql/src/experimental/semmle/python/security/TimingAttack.qll b/python/ql/src/experimental/semmle/python/security/TimingAttack.qll
@@ -186,7 +186,7 @@ abstract class ClientSuppliedSecret extends API::CallNode { }
 private class FlaskClientSuppliedSecret extends ClientSuppliedSecret {
   FlaskClientSuppliedSecret() {
     this = Flask::request().getMember("headers").getMember(["get", "get_all", "getlist"]).getACall() and
-    this.getParameter(0, ["key", "name"]).toString().toLowerCase() = sensitiveheaders()
+    this.getParameter(0, "key").asSink().asExpr().(StrConst).getText().toLowerCase() = sensitiveheaders()
   }
 }
 
@@ -197,7 +197,7 @@ private class DjangoClientSuppliedSecret extends ClientSuppliedSecret {
           .getMember(["headers", "META"])
           .getMember("get")
           .getACall() and
-    this.getParameter(0, "key").toString().toLowerCase() = sensitiveheaders()
+    this.getParameter(0, "key").asSink().asExpr().(StrConst).getText().toLowerCase() = sensitiveheaders()
   }
 }
 
@@ -209,7 +209,7 @@ API::Node requesthandler() {
 private class TornadoClientSuppliedSecret extends ClientSuppliedSecret {
   TornadoClientSuppliedSecret() {
     this = requesthandler().getMember(["headers", "META"]).getMember("get").getACall() and
-    this.getParameter(0, "key").toString().toLowerCase() = sensitiveheaders()
+    this.getParameter(0, "key").asSink().asExpr().(StrConst).getText().toLowerCase() = sensitiveheaders()
   }
 }
 
@@ -222,7 +222,7 @@ private class WerkzeugClientSuppliedSecret extends ClientSuppliedSecret {
   WerkzeugClientSuppliedSecret() {
     this =
       headers().getMember(["headers", "META"]).getMember(["get", "get_all", "getlist"]).getACall() and
-    this.getParameter(0, ["key", "name"]).toString().toLowerCase() = sensitiveheaders()
+    this.getParameter(0, "key").asSink().asExpr().(StrConst).getText().toLowerCase() = sensitiveheaders()
   }
 }
 

Original file line number	Diff line number	Diff line change
`@@ -186,7 +186,7 @@ abstract class ClientSuppliedSecret extends API::CallNode { }`
`186`	`186`	`private class FlaskClientSuppliedSecret extends ClientSuppliedSecret {`
`187`	`187`	`FlaskClientSuppliedSecret() {`
`188`	`188`	`this = Flask::request().getMember("headers").getMember(["get", "get_all", "getlist"]).getACall() and`
`189`		`- this.getParameter(0, ["key", "name"]).toString().toLowerCase() = sensitiveheaders()`
	`189`	`+ this.getParameter(0, "key").asSink().asExpr().(StrConst).getText().toLowerCase() = sensitiveheaders()`
`190`	`190`	`}`
`191`	`191`	`}`
`192`	`192`
`@@ -197,7 +197,7 @@ private class DjangoClientSuppliedSecret extends ClientSuppliedSecret {`
`197`	`197`	`.getMember(["headers", "META"])`
`198`	`198`	`.getMember("get")`
`199`	`199`	`.getACall() and`
`200`		`- this.getParameter(0, "key").toString().toLowerCase() = sensitiveheaders()`
	`200`	`+ this.getParameter(0, "key").asSink().asExpr().(StrConst).getText().toLowerCase() = sensitiveheaders()`
`201`	`201`	`}`
`202`	`202`	`}`
`203`	`203`
`@@ -209,7 +209,7 @@ API::Node requesthandler() {`
`209`	`209`	`private class TornadoClientSuppliedSecret extends ClientSuppliedSecret {`
`210`	`210`	`TornadoClientSuppliedSecret() {`
`211`	`211`	`this = requesthandler().getMember(["headers", "META"]).getMember("get").getACall() and`
`212`		`- this.getParameter(0, "key").toString().toLowerCase() = sensitiveheaders()`
	`212`	`+ this.getParameter(0, "key").asSink().asExpr().(StrConst).getText().toLowerCase() = sensitiveheaders()`
`213`	`213`	`}`
`214`	`214`	`}`
`215`	`215`
`@@ -222,7 +222,7 @@ private class WerkzeugClientSuppliedSecret extends ClientSuppliedSecret {`
`222`	`222`	`WerkzeugClientSuppliedSecret() {`
`223`	`223`	`this =`
`224`	`224`	`headers().getMember(["headers", "META"]).getMember(["get", "get_all", "getlist"]).getACall() and`
`225`		`- this.getParameter(0, ["key", "name"]).toString().toLowerCase() = sensitiveheaders()`
	`225`	`+ this.getParameter(0, "key").asSink().asExpr().(StrConst).getText().toLowerCase() = sensitiveheaders()`
`226`	`226`	`}`
`227`	`227`	`}`
`228`	`228`