Remove experimental version + qhelp fixes

github · Nov 21, 2024 · 66e173c · 66e173c
1 parent 9ef3cd1
commit 66e173c
Show file tree

Hide file tree

Showing 21 changed files with 2 additions and 660 deletions.
diff --git a/python/ql/src/Security/CWE-074/TemplateInjection.qhelp b/python/ql/src/Security/CWE-074/TemplateInjection.qhelp
@@ -16,10 +16,10 @@
         <sample src="examples/JinjaBad.py" />
 
         <p>The following is an example of a string that could be used to cause remote code execution when interpreted as a template:</p>
-        <sample src="examples/template_exploit" />
+        <sample src="examples/template_exploit.txt" />
 
         <p>In the following case, user input is not used to construct the template; rather is only used for as the parameters to render the template, which is safe.</p>
-        <sample scr="examples/JinjaGoodParam" />
+        <sample src="examples/JinjaGoodParam.py" />
 
         <p>In the following case, a <code>SandboxedEnvironment</code> is used, preventing remote code execution.</p>
         <sample src="examples/JinjaGoodSandbox.py" />

diff --git a/python/ql/src/experimental/Security/CWE-074/JinjaBad.py b/python/ql/src/experimental/Security/CWE-074/JinjaBad.py
diff --git a/python/ql/src/experimental/Security/CWE-074/JinjaGood.py b/python/ql/src/experimental/Security/CWE-074/JinjaGood.py
diff --git a/python/ql/src/experimental/Security/CWE-074/TemplateConstructionConcept.qll b/python/ql/src/experimental/Security/CWE-074/TemplateConstructionConcept.qll
diff --git a/python/ql/src/experimental/Security/CWE-074/TemplateInjection.qhelp b/python/ql/src/experimental/Security/CWE-074/TemplateInjection.qhelp
diff --git a/python/ql/src/experimental/Security/CWE-074/TemplateInjection.ql b/python/ql/src/experimental/Security/CWE-074/TemplateInjection.ql
diff --git a/python/ql/src/experimental/Security/CWE-074/TemplateInjectionCustomizations.qll b/python/ql/src/experimental/Security/CWE-074/TemplateInjectionCustomizations.qll
diff --git a/python/ql/src/experimental/Security/CWE-074/TemplateInjectionQuery.qll b/python/ql/src/experimental/Security/CWE-074/TemplateInjectionQuery.qll
diff --git a/python/ql/test/experimental/query-tests/Security/CWE-074-TemplateInjection/AirspeedSsti.py b/python/ql/test/experimental/query-tests/Security/CWE-074-TemplateInjection/AirspeedSsti.py
diff --git a/python/ql/test/experimental/query-tests/Security/CWE-074-TemplateInjection/BottleSsti.py b/python/ql/test/experimental/query-tests/Security/CWE-074-TemplateInjection/BottleSsti.py
diff --git a/python/ql/test/experimental/query-tests/Security/CWE-074-TemplateInjection/Chameleon.py b/python/ql/test/experimental/query-tests/Security/CWE-074-TemplateInjection/Chameleon.py