"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "stubs/taint/taint.config" between
pyre-check-0.0.54.tar.gz and pyre-check-0.0.55.tar.gz

About: Pyre is a performant type checker for Python (ships with Pysa, a security focused static analysis tool).

taint.config  (pyre-check-0.0.54):taint.config  (pyre-check-0.0.55)
skipping to change at line 79 skipping to change at line 79
"sinks": [ "sinks": [
{ {
"name": "Demo", "name": "Demo",
"comment": "demo sink" "comment": "demo sink"
}, },
{ {
"name": "Test", "name": "Test",
"comment": "test sink" "comment": "test sink"
}, },
{ {
"name": "FileSystem", "name": "FileSystem_ReadWrite",
"comment": "use to annotate where data flows into file system" "comment": "use to annotate where data flows into file system APIs that ma
y allow read/write to an arbitrary file"
},
{
"name": "FileSystem_Other",
"comment": "use to annotate file systems APIs that do not allow direct rea
d/write (e.g removing a file or renaming a file)"
}, },
{ {
"name": "GetAttr", "name": "GetAttr",
"comment": "used to annotate `getattr` function" "comment": "used to annotate `getattr` function"
}, },
{ {
"name": "Logging", "name": "Logging",
"comment": "use to annotate where data is logged" "comment": "use to annotate where data is logged"
}, },
{ {
skipping to change at line 333 skipping to change at line 337
"code": 5010, "code": 5010,
"sources": [ "sources": [
"UserControlled" "UserControlled"
], ],
"sinks": [ "sinks": [
"GetAttr" "GetAttr"
], ],
"message_format": "Attacker may control at least one argument to getattr(, )." "message_format": "Attacker may control at least one argument to getattr(, )."
}, },
{ {
"name": "User data to filesystem operation", "name": "User data to filesystem operation (read/write)",
"code": 5011, "code": 5011,
"sources": [ "sources": [
"UserControlled" "UserControlled"
], ],
"sinks": [ "sinks": [
"FileSystem" "FileSystem_ReadWrite"
], ],
"message_format": "Data from [{$sources}] source(s) may reach [{$sinks}] s ink(s)" "message_format": "Data from [{$sources}] source(s) may reach [{$sinks}] s ink(s)"
}, },
{ {
"name": "Potential Server-side request forgery (SSRF)", "name": "Potential Server-side request forgery (SSRF)",
"code": 5012, "code": 5012,
"sources": [ "sources": [
"UserControlled" "UserControlled"
], ],
"sinks": [ "sinks": [
skipping to change at line 402 skipping to change at line 406
"sources": [ "sources": [
"UserControlled", "UserControlled",
"UserData" "UserData"
], ],
"sinks": [ "sinks": [
"Logging" "Logging"
], ],
"message_format": "Data from [{$sources}] source(s) may reach [{$sinks}] s ink(s)" "message_format": "Data from [{$sources}] source(s) may reach [{$sinks}] s ink(s)"
}, },
{ {
"name": "User-controlled data flows into filesystem API (other)",
"code": 6060,
"sources": [
"UserControlled"
],
"sinks": [
"FileSystem_Other"
],
"message_format": "Data from [{$sources}] source(s) may reach [{$sinks}] s
ink(s)"
},
{
"name": "Potential Server Side Template Injection", "name": "Potential Server Side Template Injection",
"code": 6073, "code": 6073,
"sources": [ "sources": [
"UserControlled" "UserControlled"
], ],
"sinks": [ "sinks": [
"ServerSideTemplateInjection" "ServerSideTemplateInjection"
], ],
"message_format": "User controlled data may eventually flow into a Server Side Template Injection sink" "message_format": "User controlled data may eventually flow into a Server Side Template Injection sink"
} }
 End of changes. 4 change blocks. 
4 lines changed or deleted 22 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)