I was running a set of queries on the CTFd repository, and got suspiciously few results for endpoints. After some experimenting I found out that they subclass Flask, which the current query for FlaskApp::instance() does not seem to track.
Minimal example:
Query:
import python
import semmle.python.frameworks.Flask
import semmle.python.ApiGraphs
from API::Node node
where Flask::FlaskApp::instance() = node
select node
Python:
from flask import Flask
class Sub(Flask):
def __init__(self, *args, **kwargs):
Flask.__init__(self, *args, **kwargs)
app = Sub(__name__)
@app.route("/")
def hello():
return "world"CodeQL is not able to identify Sub as a Flask app, which means the route setup for hello cannot be detected as well.
Adding .getASubclass*() to FlaskApp::instance() would probably fix this. If this can be overridden without changes to the library I am open to suggestions, my knowledge of the QL modules is not that great as of now.
I was running a set of queries on the CTFd repository, and got suspiciously few results for endpoints. After some experimenting I found out that they subclass
Flask, which the current query forFlaskApp::instance()does not seem to track.Minimal example:
Query:
Python:
CodeQL is not able to identify
Subas a Flask app, which means the route setup forhellocannot be detected as well.Adding
.getASubclass*()to FlaskApp::instance() would probably fix this. If this can be overridden without changes to the library I am open to suggestions, my knowledge of the QL modules is not that great as of now.