zulip/stubs/taint/false_positives.pysa

59 lines
2.3 KiB
Plaintext

# This function ensures that a redirect is only within the specified domain.
# Assuming that the domain isn't attacker controllable, the result is safe to
# redirect to
def zerver.views.auth.get_safe_redirect_to(url, redirect_host) -> Sanitize: ...
# This function was previously the source of an open redirect, but has now been
# reviewed and patched, so the output should now be safe to redirect to,
# regardless of the value of the specified 'path'.
def zerver.lib.thumbnail.generate_thumbnail_url(
path,
size=...,
) -> Sanitize: ...
# This function returns a version of name that only contains word and space
# characters, or ., -, _ characters. This should be safe to put into URLs and
# filesystem operations.
def zerver.lib.upload.sanitize_name(value) -> Sanitize: ...
# This function accepts three integers and then concatenates them into a path
# segment. The result should be safe for use in filesystem and other operations.
def zerver.lib.avatar_hash.user_avatar_base_path_from_ids(user_profile_id, version, realm_id) -> Sanitize: ...
# This function creates a list of 'UserMessageLite' objects, which contain only
# integral IDs and flags. These should safe for use with SQL and other
# operations.
def zerver.actions.message_send.create_user_messages(
message,
um_eligible_user_ids,
long_term_idle_user_ids,
stream_push_user_ids,
stream_email_user_ids,
mentioned_user_ids,
mark_as_read
) -> Sanitize: ...
# This function is an identity function used for removing taint from variables
# when there is no convenient way to do it by annotating existing functions.
def zerver.lib.pysa.mark_sanitized(arg) -> Sanitize: ...
############################
# Overbroad approximations #
############################
# Note that the below functions are overbroad approximations of Sanitizers and
# could lead to false negatives. They should be replaced with more specific
# feature-based filtering when that is available through SAPP.
# This function generates a URL pointing to a valid Django endpoint, with
# arguments properly URL encoded. The resulting URL can usually be used as a
# part of a redirect or HTTP request without fear of open redirect or SSRF
# vulnerabilities respectively.
def django.urls.base.reverse(
viewname,
urlconf=...,
args=...,
kwargs=...,
current_app=...
) -> Sanitize: ...