Python: Convert stack-trace-exposure query to path-problem.

Mark Shannon · markshannon · commit 88d82017b38b · 2018-11-22T11:05:08.000Z
diff --git a/python/ql/test/query-tests/Security/CWE-209/StackTraceExposure.expected b/python/ql/test/query-tests/Security/CWE-209/StackTraceExposure.expected
@@ -1 +1,11 @@
-| test.py:16:16:16:37 | flask.routed.response | $@ may be exposed to an external user | test.py:16:16:16:37 | exception.info.source | Error information |
+edges
+| test.py:33:15:33:36 | Taint exception.info at test.py:33 | test.py:34:29:34:31 | Taint exception.info at test.py:34 |
+| test.py:34:29:34:31 | Taint exception.info at test.py:34 | test.py:36:18:36:20 | Taint exception.info at test.py:36 |
+| test.py:36:18:36:20 | Taint exception.info at test.py:36 | test.py:37:25:37:27 | Taint exception.info at test.py:37 |
+| test.py:37:12:37:27 | Taint exception.info at test.py:37 | test.py:34:16:34:32 | Taint exception.info at test.py:34 |
+| test.py:37:25:37:27 | Taint exception.info at test.py:37 | test.py:37:12:37:27 | Taint exception.info at test.py:37 |
+parents
+| test.py:36:18:36:20 | Taint exception.info at test.py:36 | test.py:34:29:34:31 | Taint exception.info at test.py:34 |
+#select
+| test.py:16:16:16:37 | flask.routed.response | test.py:16:16:16:37 | Taint exception.info at test.py:16 | test.py:16:16:16:37 | Taint exception.info at test.py:16 | $@ may be exposed to an external user | test.py:16:16:16:37 | exception.info.source | Error information |
+| test.py:34:16:34:32 | flask.routed.response | test.py:33:15:33:36 | Taint exception.info at test.py:33 | test.py:34:16:34:32 | Taint exception.info at test.py:34 | $@ may be exposed to an external user | test.py:33:15:33:36 | exception.info.source | Error information |
diff --git a/python/ql/test/query-tests/Security/CWE-209/test.py b/python/ql/test/query-tests/Security/CWE-209/test.py
@@ -23,3 +23,15 @@ def server_good():
     except Exception as e:
         log(traceback.format_exc())
         return "An internal error has occurred!"
+
+#BAD
+@app.route('/bad/with-flow')
+def server_bad_flow():
+    try:
+        do_computation()
+    except Exception as e:
+        err = traceback.format_exc()
+        return format_error(err)
+
+def format_error(msg):
+    return "[ERROR] " + msg
