Part5

2/codeql-pack.lock.yml

@@ -0,0 +1,30 @@
+---
+lockVersion: 1.0.0
+dependencies:
+  codeql/concepts:
+    version: 0.0.4
+  codeql/controlflow:
+    version: 2.0.14
+  codeql/dataflow:
+    version: 2.0.14
+  codeql/mad:
+    version: 1.0.30
+  codeql/python-all:
+    version: 4.0.14
+  codeql/regex:
+    version: 1.0.30
+  codeql/ssa:
+    version: 2.0.6
+  codeql/threat-models:
+    version: 1.0.30
+  codeql/tutorial:
+    version: 1.0.30
+  codeql/typetracking:
+    version: 2.0.14
+  codeql/util:
+    version: 2.0.17
+  codeql/xml:
+    version: 1.0.30
+  codeql/yaml:
+    version: 1.0.30
+compiled: false

2/codeql-pack.yml

@@ -0,0 +1,8 @@
+---
+library: false
+warnOnImplicitThis: false
+compileForOverlayEval: false
+name: getting-started/codeql-extra-queries-2-python
+version: 1.0.0
+dependencies:
+  codeql/python-all: ^4.0.14

3/codeql-pack.lock.yml

@@ -0,0 +1,30 @@
+---
+lockVersion: 1.0.0
+dependencies:
+  codeql/concepts:
+    version: 0.0.4
+  codeql/controlflow:
+    version: 2.0.14
+  codeql/dataflow:
+    version: 2.0.14
+  codeql/mad:
+    version: 1.0.30
+  codeql/python-all:
+    version: 4.0.14
+  codeql/regex:
+    version: 1.0.30
+  codeql/ssa:
+    version: 2.0.6
+  codeql/threat-models:
+    version: 1.0.30
+  codeql/tutorial:
+    version: 1.0.30
+  codeql/typetracking:
+    version: 2.0.14
+  codeql/util:
+    version: 2.0.17
+  codeql/xml:
+    version: 1.0.30
+  codeql/yaml:
+    version: 1.0.30
+compiled: false

3/codeql-pack.yml

@@ -0,0 +1,8 @@
+---
+library: false
+warnOnImplicitThis: false
+compileForOverlayEval: false
+name: getting-started/codeql-extra-queries-3-python
+version: 1.0.0
+dependencies:
+  codeql/python-all: ^4.0.14

4/codeql-pack.lock.yml

@@ -0,0 +1,30 @@
+---
+lockVersion: 1.0.0
+dependencies:
+  codeql/concepts:
+    version: 0.0.4
+  codeql/controlflow:
+    version: 2.0.14
+  codeql/dataflow:
+    version: 2.0.14
+  codeql/mad:
+    version: 1.0.30
+  codeql/python-all:
+    version: 4.0.14
+  codeql/regex:
+    version: 1.0.30
+  codeql/ssa:
+    version: 2.0.6
+  codeql/threat-models:
+    version: 1.0.30
+  codeql/tutorial:
+    version: 1.0.30
+  codeql/typetracking:
+    version: 2.0.14
+  codeql/util:
+    version: 2.0.17
+  codeql/xml:
+    version: 1.0.30
+  codeql/yaml:
+    version: 1.0.30
+compiled: false

4/codeql-pack.yml

@@ -0,0 +1,8 @@
+---
+library: false
+warnOnImplicitThis: false
+compileForOverlayEval: false
+name: getting-started/queries-python
+version: 1.0.0
+dependencies:
+  codeql/python-all: ^4.0.14

5/1.ql

@@ -0,0 +1,36 @@
+/**
+ * @name Gradio unsafe deserialization
+ * @description This query tracks data flow from inputs passed to a Gradio's Button component to any sink.
+ * @kind path-problem
+ * @problem.severity warning
+ * @id 5/1
+ */
+import python
+import semmle.python.ApiGraphs
+import semmle.python.Concepts
+import semmle.python.dataflow.new.RemoteFlowSources
+import semmle.python.dataflow.new.TaintTracking
+
+import MyFlow::PathGraph
+
+class GradioButton extends RemoteFlowSource::Range {
+    GradioButton() {
+        exists(API::CallNode n |
+        n = API::moduleImport("gradio").getMember("Button").getReturn()
+        .getMember("click").getACall() |
+        this = n.getParameter(0, "fn").getParameter(_).asSource())
+    }
+
+    override string getSourceType() { result = "Gradio untrusted input" }
+}
+
+private module MyConfig implements DataFlow::ConfigSig {
+    predicate isSource(DataFlow::Node source) { source instanceof GradioButton }
+
+    predicate isSink(DataFlow::Node sink) { exists(Decoding d | sink = d) }
+}
+module MyFlow = TaintTracking::Global<MyConfig>;
+
+from MyFlow::PathNode source, MyFlow::PathNode sink
+where MyFlow::flowPath(source, sink)
+select sink.getNode(), source, sink, "Data Flow from a Gradio source to decoding"

5/2.ql

@@ -0,0 +1,18 @@
+/**
+ * @name getAQlClass on Gradio Button input source
+ * @description This query reports on a code element's types.
+ * @id 5/2
+ * @severity error
+ * @kind problem
+ */
+import python
+import semmle.python.ApiGraphs
+import semmle.python.Concepts
+import semmle.python.dataflow.new.RemoteFlowSources
+
+
+
+from DataFlow::Node node
+where node = API::moduleImport("gradio").getMember("Button").getReturn()
+        .getMember("click").getACall().getParameter(0, "fn").getParameter(_).asSource()
+select node, node.getAQlClass()

5/3.ql

@@ -0,0 +1,43 @@
+/**
+ * @name Gradio Button partial path graph
+ * @description This query tracks data flow from inputs passed to a Gradio's Button component to any sink.
+ * @kind path-problem
+ * @problem.severity warning
+ * @id 5/3
+ */
+
+import python
+import semmle.python.ApiGraphs
+import semmle.python.Concepts
+import semmle.python.dataflow.new.RemoteFlowSources
+import semmle.python.dataflow.new.TaintTracking
+
+// import MyFlow::PathGraph
+import PartialFlow::PartialPathGraph
+
+class GradioButton extends RemoteFlowSource::Range {
+    GradioButton() {
+        exists(API::CallNode n |
+        n = API::moduleImport("gradio").getMember("Button").getReturn()
+        .getMember("click").getACall() |
+        this = n.getParameter(0, "fn").getParameter(_).asSource())
+    }
+
+    override string getSourceType() { result = "Gradio untrusted input" }
+}
+
+private module MyConfig implements DataFlow::ConfigSig {
+    predicate isSource(DataFlow::Node source) { source instanceof GradioButton }
+
+    predicate isSink(DataFlow::Node sink) { exists(Decoding d | d.mayExecuteInput() | sink = d.getAnInput()) }
+
+}
+
+
+module MyFlow = TaintTracking::Global<MyConfig>;
+int explorationLimit() { result = 10 }
+module PartialFlow = MyFlow::FlowExplorationFwd<explorationLimit/0>;
+
+from PartialFlow::PartialPathNode source, PartialFlow::PartialPathNode sink
+where PartialFlow::partialFlow(source, sink, _)
+select sink.getNode(), source, sink, "Partial Graph $@.", source.getNode(), "user-provided value."

5/4.ql

@@ -0,0 +1,54 @@
+/**
+ * @name Gradio Button partial path graph
+ * @description This query tracks data flow from Gradio's Button component to any sink.
+ * @kind path-problem
+ * @problem.severity warning
+ * @id 5/4
+ */
+
+import python
+import semmle.python.ApiGraphs
+import semmle.python.Concepts
+import semmle.python.dataflow.new.RemoteFlowSources
+import semmle.python.dataflow.new.TaintTracking
+
+// import MyFlow::PathGraph
+import PartialFlow::PartialPathGraph
+
+class GradioButton extends RemoteFlowSource::Range {
+    GradioButton() {
+        exists(API::CallNode n |
+        n = API::moduleImport("gradio").getMember("Button").getReturn()
+        .getMember("click").getACall() |
+        this = n.getParameter(0, "fn").getParameter(_).asSource())
+    }
+
+    override string getSourceType() { result = "Gradio untrusted input" }
+}
+
+predicate nameAttrRead(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) {
+    // Connects an attribute read of an object's `name` attribute to the object itself
+    exists(DataFlow::AttrRead attr |
+      attr.accesses(nodeFrom, "name")
+      and nodeTo = attr
+    )
+}
+
+private module MyConfig implements DataFlow::ConfigSig {
+    predicate isSource(DataFlow::Node source) { source instanceof GradioButton }
+
+    predicate isSink(DataFlow::Node sink) { exists(Decoding d | d.mayExecuteInput() | sink = d.getAnInput()) }
+
+    predicate isAdditionalFlowStep(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) {
+    nameAttrRead(nodeFrom, nodeTo)
+    }
+}
+
+
+module MyFlow = TaintTracking::Global<MyConfig>;
+int explorationLimit() { result = 10 }
+module PartialFlow = MyFlow::FlowExplorationFwd<explorationLimit/0>;
+
+from PartialFlow::PartialPathNode source, PartialFlow::PartialPathNode sink
+where PartialFlow::partialFlow(source, sink, _)
+select sink.getNode(), source, sink, "Partial Graph $@.", source.getNode(), "user-provided value."

5/5.ql

@@ -0,0 +1,65 @@
+/**
+ * @name Gradio File Input Flow
+ * @description This query tracks data flow from Gradio's Button component to a Decoding sink.
+ * @kind path-problem
+ * @problem.severity warning
+ * @id 5/5
+ */
+
+import python
+import semmle.python.ApiGraphs
+import semmle.python.Concepts
+import semmle.python.dataflow.new.RemoteFlowSources
+import semmle.python.dataflow.new.TaintTracking
+
+import MyFlow::PathGraph
+
+class GradioButton extends RemoteFlowSource::Range {
+    GradioButton() {
+        exists(API::CallNode n |
+        n = API::moduleImport("gradio").getMember("Button").getReturn()
+        .getMember("click").getACall() |
+        this = n.getParameter(0, "fn").getParameter(_).asSource())
+    }
+
+    override string getSourceType() { result = "Gradio untrusted input" }
+}
+predicate nameAttrRead(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) {
+    // Connects an attribute read of an object's `name` attribute to the object itself
+    exists(DataFlow::AttrRead attr |
+      attr.accesses(nodeFrom, "name")
+      and nodeTo = attr
+    )
+}
+
+predicate osOpenStep(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) {
+    // Connects the argument to `open()` to the result of `open()`
+    // And argument to `os.open()` to the result of `os.open()`
+    exists(API::CallNode call |
+        call = API::moduleImport("os").getMember("open").getACall() and
+        nodeFrom = call.getArg(0) and
+        nodeTo = call)
+    or
+    exists(API::CallNode call |
+        call = API::builtin("open").getACall() and
+        nodeFrom = call.getArg(0) and
+        nodeTo = call)
+}
+
+private module MyConfig implements DataFlow::ConfigSig {
+    predicate isSource(DataFlow::Node source) { source instanceof GradioButton }
+
+    predicate isSink(DataFlow::Node sink) {
+        exists(Decoding d | d.mayExecuteInput() | sink = d.getAnInput()) }
+
+    predicate isAdditionalFlowStep(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) {
+        nameAttrRead(nodeFrom, nodeTo)
+        or
+        osOpenStep(nodeFrom, nodeTo)
+        }
+}
+module MyFlow = TaintTracking::Global<MyConfig>;
+
+from MyFlow::PathNode source, MyFlow::PathNode sink
+where MyFlow::flowPath(source, sink)
+select sink.getNode(), source, sink, "Data Flow from a Gradio source to decoding"