mirror of
https://github.com/zulip/zulip.git
synced 2025-11-04 05:53:43 +00:00
461d5b1a3e
This commit adds three `.pysa` model files: `false_positives.pysa` for ruling out false positive flows with `Sanitize` annotations, `req_lib.pysa` for educating pysa about Zulip's `REQ()` pattern for extracting user input, and `redirects.pysa` for capturing the risk of open redirects within Zulip code. Additionally, this commit introduces `mark_sanitized`, an identity function which can be used to selectively clear taint in cases where `Sanitize` models will not work. This commit also puts `mark_sanitized` to work removing known false postive flows.
5 lines
285 B
Plaintext
5 lines
285 B
Plaintext
# One of the ways user-controlled data enters the application is through the
|
|
# request variables framework. This model teaches Pysa that every instance of
|
|
# 'REQ()' in a view function is a source of UserControlled taint.
|
|
class zerver.lib.request._REQ(TaintSource[UserControlled]): ...
|