Skip to content

Commit 9f4107d

Browse files
committed
Python: Model posixpath, ntpath, and genericpath modules
1 parent 7c3b68b commit 9f4107d

File tree

3 files changed

+21
-1
lines changed

3 files changed

+21
-1
lines changed
Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,2 @@
1+
lgtm,codescanning
2+
* Added modeling of the `posixpath`, `ntpath`, and `genericpath` modules for path operations (although these are not supposed to be used), resulting in new sinks for the _Uncontrolled data used in path expression_ (`py/path-injection`) query.

python/ql/lib/semmle/python/frameworks/Stdlib.qll

Lines changed: 11 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -254,7 +254,17 @@ private module StdlibPrivate {
254254
/** Provides models for the `os` module. */
255255
module os {
256256
/** Gets a reference to the `os.path` module. */
257-
API::Node path() { result = os().getMember("path") }
257+
API::Node path() {
258+
result = os().getMember("path")
259+
or
260+
// although the following modules should not be used directly, they certainly can.
261+
// Each one doesn't expose the full `os.path` API, so this is an overapproximation
262+
// that made implementation easy. See
263+
// - https://github.com/python/cpython/blob/b567b9d74bd9e476a3027335873bb0508d6e450f/Lib/posixpath.py#L31-L38
264+
// - https://github.com/python/cpython/blob/b567b9d74bd9e476a3027335873bb0508d6e450f/Lib/ntpath.py#L26-L32
265+
// - https://github.com/python/cpython/blob/b567b9d74bd9e476a3027335873bb0508d6e450f/Lib/genericpath.py#L9-L11
266+
result = API::moduleImport(["posixpath", "ntpath", "genericpath"])
267+
}
258268

259269
/** Provides models for the `os.path` module */
260270
module path {

python/ql/test/library-tests/frameworks/stdlib/FileSystemAccess.py

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -34,3 +34,11 @@ def through_function(open_file):
3434
path.isdir("filepath") # $ getAPathArgument="filepath"
3535
path.islink("filepath") # $ getAPathArgument="filepath"
3636
path.ismount("filepath") # $ getAPathArgument="filepath"
37+
38+
import posixpath
39+
import ntpath
40+
import genericpath
41+
42+
posixpath.exists("filepath") # $ getAPathArgument="filepath"
43+
ntpath.exists("filepath") # $ getAPathArgument="filepath"
44+
genericpath.exists("filepath") # $ getAPathArgument="filepath"

0 commit comments

Comments
 (0)