Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Python: Remove imprecise container steps #17493

Draft
wants to merge 3 commits into
base: main
Choose a base branch
from
Draft

Python: Remove imprecise container steps #17493

wants to merge 3 commits into from

Conversation

yoff
Copy link
Contributor

@yoff yoff commented Sep 17, 2024

  • remove tupleStoreStep and dictStoreStep from containerStep These are imprecise compared to the content being precise.
  • add implicit reads to recover taint at sinks
  • add implicit read steps for decoders to supplement the AdditionalTaintStep that now only covers when the full container is tainted.

Pull Request checklist

All query authors

Internal query authors only

  • Autofixes generated based on these changes are valid, only needed if this PR makes significant changes to .ql, .qll, or .qhelp files. See the documentation (internal access required).
  • Changes are validated at scale (internal access required).
  • Adding a new query? Consider also adding the query to autofix.

@yoff yoff force-pushed the python/no-imprecise-container-steps-cleaned branch from 9e17962 to 060d0b4 Compare September 17, 2024 20:14
@yoff
Python: Remove imprecise container steps
e9bc435 
- remove `tupleStoreStep` and `dictStoreStep` from `containerStep`
   These are imprecise compared to the content being precise.
- add implicit reads to recover taint at sinks
- add implicit read steps for decoders
  to supplement the `AdditionalTaintStep`
  that now only covers when the full container is tainted.
@yoff
Python: recover taint for % format strings
5902da4
@yoff
Python: adjust test expectations
a74474e 
We now find an alert on this line as we hope to
It is not an alert for _full_ SSRF, though, since that configuration cannot handle multiple substitutions.
@yoff yoff force-pushed the python/no-imprecise-container-steps-cleaned branch from 31faf91 to a74474e Compare November 1, 2024 13:54
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
Python
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@yoff