From 454489e8de8804f3c2afb6b49a865d119bfe292a Mon Sep 17 00:00:00 2001
From: Ana Scolari <127357173+apsscolari@users.noreply.github.com>
Date: Wed, 5 Feb 2025 13:46:55 -0800
Subject: [PATCH 1/2] Create codeql_issue_testruleset2.py

---
 codeql_issue_testruleset2.py | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)
 create mode 100644 codeql_issue_testruleset2.py

diff --git a/codeql_issue_testruleset2.py b/codeql_issue_testruleset2.py
new file mode 100644
index 0000000..9d76984
--- /dev/null
+++ b/codeql_issue_testruleset2.py
@@ -0,0 +1,22 @@
+import os
+from flask import request, Flask
+import re
+
+
+# Clear-text logging of sensitive information
+# did not trigger an alert in codeQL somehow...
+print(f"[INFO] Environment: {os.environ}")
+
+# attempt to trigger a warning in codeQL 
+# Regular expression injection
+@app.route("/direct")
+def direct():
+    unsafe_pattern = request.args["pattern"]
+    re.search(unsafe_pattern, "")
+
+
+@app.route("/compile")
+def compile():
+    unsafe_pattern = request.args["pattern"]
+    compiled_pattern = re.compile(unsafe_pattern)
+    compiled_pattern.search("")

From 2c5d8f3d400395c510248c3def639f448fa33d0d Mon Sep 17 00:00:00 2001
From: Ana Scolari <127357173+apsscolari@users.noreply.github.com>
Date: Thu, 13 Feb 2025 16:36:33 -0800
Subject: [PATCH 2/2] Update regex.py

---
 regex.py | 7 -------
 1 file changed, 7 deletions(-)

diff --git a/regex.py b/regex.py
index 3befaba..909ed9d 100644
--- a/regex.py
+++ b/regex.py
@@ -6,10 +6,3 @@
 def direct():
     unsafe_pattern = request.args["pattern"]
     re.search(unsafe_pattern, "")
-
-
-@app.route("/compile")
-def compile():
-    unsafe_pattern = request.args["pattern"]
-    compiled_pattern = re.compile(unsafe_pattern)
-    compiled_pattern.search("")