Skip to content

/ securitylab

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Python : Add Xpath injection query #92

Closed
porcupineyhairs opened this issue May 21, 2020 · 1 comment
Closed

Python : Add Xpath injection query #92

porcupineyhairs opened this issue May 21, 2020 · 1 comment
Labels
All For One

Comments

@porcupineyhairs
Copy link

@porcupineyhairs porcupineyhairs commented May 21, 2020
edited

CVE

There is no CVE for this.

Report

This query adds Xpath injection query to codeql-python. It models the lxml package.

It detects the following code patterns.

f = StringIO('<foo><bar></bar></foo>')
tree = etree.parse(f)
r = tree.xpath('`sink`')
root = etree.XML("<xmlContent>")
find_text = etree.XPath("`sink`")
root = etree.XML("<xmlContent>")
find_text = etree.EtXPath("`sink`")

The PR also includes necessary tests for the same.

Link to the corresponding PR [github/codeql#3522]
@porcupineyhairs
Copy link
Author

@porcupineyhairs porcupineyhairs commented Jun 24, 2020

Per our conversation here, I am closing this issue as this is ineligible for bounty.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
All For One
Projects
None yet
Milestone
No milestone
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
1 participant
@porcupineyhairs
You can’t perform that action at this time.