Skip to content

Commit a033b71

Browse files
committed
Python: Align QLdocs of XML modeling
1 parent de0e67f commit a033b71

File tree

1 file changed

+18
-54
lines changed
  • python/ql/src/experimental/semmle/python/frameworks

1 file changed

+18
-54
lines changed

python/ql/src/experimental/semmle/python/frameworks/Xml.qll

Lines changed: 18 additions & 54 deletions
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,7 @@ private import semmle.python.ApiGraphs
1010

1111
private module XmlEtree {
1212
/**
13-
* Gets a call to `xml.etree.ElementTree.XMLParser`.
13+
* A call to `xml.etree.ElementTree.XMLParser`.
1414
*/
1515
private class XMLEtreeParser extends DataFlow::CallCfgNode, XML::XMLParser::Range {
1616
XMLEtreeParser() {
@@ -30,22 +30,13 @@ private module XmlEtree {
3030
}
3131

3232
/**
33-
* Gets a call to:
34-
* * `xml.etree.ElementTree.fromstring`
35-
* * `xml.etree.ElementTree.fromstringlist`
36-
* * `xml.etree.ElementTree.XML`
37-
* * `xml.etree.ElementTree.parse`
38-
*
39-
* Given the following example:
40-
*
41-
* ```py
42-
* parser = lxml.etree.XMLParser()
43-
* xml.etree.ElementTree.fromstring(xml_content, parser=parser).text
44-
* ```
45-
*
46-
* * `this` would be `xml.etree.ElementTree.fromstring(xml_content, parser=parser)`.
47-
* * `getAnInput()`'s result would be `xml_content`.
48-
* * `vulnerable(kind)`'s `kind` would be `XXE`.
33+
* A call to either of:
34+
* - `xml.etree.ElementTree.fromstring`
35+
* - `xml.etree.ElementTree.fromstringlist`
36+
* - `xml.etree.ElementTree.XML`
37+
* - `xml.etree.ElementTree.XMLID`
38+
* - `xml.etree.ElementTree.parse`
39+
* - `xml.etree.ElementTree.iterparse`
4940
*/
5041
private class XMLEtreeParsing extends DataFlow::CallCfgNode, XML::XMLParsing::Range {
5142
XMLEtreeParsing() {
@@ -186,16 +177,7 @@ private module SaxBasedParsing {
186177
}
187178

188179
/**
189-
* A XML parsing call with a sax parser.
190-
*
191-
* ```py
192-
* BadHandler = MainHandler()
193-
* parser = xml.sax.make_parser()
194-
* parser.setContentHandler(BadHandler)
195-
* parser.setFeature(xml.sax.handler.feature_external_ges, False)
196-
* parser.parse(StringIO(xml_content))
197-
* parsed_xml = BadHandler._result
198-
* ```
180+
* A call to the `parse` method on a SAX XML parser.
199181
*/
200182
private class XMLSaxInstanceParsing extends DataFlow::MethodCallNode, XML::XMLParsing::Range {
201183
XMLSaxInstanceParsing() {
@@ -346,22 +328,14 @@ private module Lxml {
346328
}
347329

348330
/**
349-
* Gets a call to:
350-
* * `lxml.etree.fromstring`
351-
* * `xml.etree.fromstringlist`
352-
* * `xml.etree.XML`
353-
* * `xml.etree.parse`
354-
*
355-
* Given the following example:
331+
* A call to either of:
332+
* - `lxml.etree.fromstring`
333+
* - `lxml.etree.fromstringlist`
334+
* - `lxml.etree.XML`
335+
* - `lxml.etree.parse`
336+
* - `lxml.etree.parseid`
356337
*
357-
* ```py
358-
* parser = lxml.etree.XMLParser()
359-
* lxml.etree.fromstring(xml_content, parser=parser).text
360-
* ```
361-
*
362-
* * `this` would be `lxml.etree.fromstring(xml_content, parser=parser)`.
363-
* * `getAnInput()`'s result would be `xml_content`.
364-
* * `vulnerable(kind)`'s `kind` would be `XXE`.
338+
* See https://lxml.de/apidoc/lxml.etree.html?highlight=parseids#lxml.etree.fromstring
365339
*/
366340
private class LXMLParsing extends DataFlow::CallCfgNode, XML::XMLParsing::Range {
367341
LXMLParsing() {
@@ -395,7 +369,7 @@ private module Lxml {
395369
}
396370

397371
/**
398-
* A call to the `feed` method of an `lxml.etree` parser.
372+
* A call to the `feed` method of an `lxml` parser.
399373
*/
400374
private class LXMLEtreeParserFeedCall extends DataFlow::MethodCallNode, XML::XMLParsing::Range {
401375
LXMLEtreeParserFeedCall() {
@@ -424,17 +398,7 @@ private module Lxml {
424398

425399
private module Xmltodict {
426400
/**
427-
* Gets a call to `xmltodict.parse`.
428-
*
429-
* Given the following example:
430-
*
431-
* ```py
432-
* xmltodict.parse(xml_content, disable_entities=False)
433-
* ```
434-
*
435-
* * `this` would be `xmltodict.parse(xml_content, disable_entities=False)`.
436-
* * `getAnInput()`'s result would be `xml_content`.
437-
* * `vulnerable(kind)`'s `kind` would be `Billion Laughs` and `Quadratic Blowup`.
401+
* A call to `xmltodict.parse`.
438402
*/
439403
private class XMLtoDictParsing extends DataFlow::CallCfgNode, XML::XMLParsing::Range {
440404
XMLtoDictParsing() { this = API::moduleImport("xmltodict").getMember("parse").getACall() }

0 commit comments

Comments
 (0)