codeql icon indicating copy to clipboard operation
codeql copied to clipboard

Published 20 hours ago verified publisher icon github

Python: Add tracking steps for class level attributes

Open naneer opened this issue 1 year ago • 0 comments

Adds support for type tracking for class level attributes and default instance variables. For example, to identify missing SQLExecution sinks for the SQLInjection DataFlow Rule. Also supports values inherited from base classes.

These SQLExecution sinks will be found:

from django.views import View
from django.db import connection

class ClassBasedView(View):
  _connection = connection
  def get(self, request):
     ...
     with self._connection.cursor() as cursor:
       self._connection.execute("SELECT ... FROM ... WHERE")
     ...
  ...

class ClassBasedViewInit(View):
  def __init__(self, conn = connection):
    self._connection = conn
  ...
  def get(self, request):
    ...
    with self._connection.cursor() as cursor:
       self._connection.execute("SELECT ... FROM ... WHERE")
    ...
  ...

// Inherited from base classes

class SubClassBasedView(ClassBasedView):
  def get(self, request):
    ...
    with self._connection.cursor() as cursor:
       self._connection.execute("SELECT ... FROM ... WHERE")
    ...
  ...

class SubClassBasedViewInit(ClassBasedViewInit):
  def get(self, request):
    ...
    with self._connection.cursor() as cursor:
       self._connection.execute("SELECT ... FROM ... WHERE")
    ...
  ...

naneer avatar May 18 '24 20:05 naneer