def test_INP12(self):
process1 = Process("Process1")
lambda1 = Lambda("Lambda1")
process1.checksInputBounds = False
process1.validatesInput = False
lambda1.checksInputBounds = False
lambda1.validatesInput = False
ThreatObj = Threat(
next(item for item in threats_json if item["SID"] == "INP12"))
self.assertTrue(ThreatObj.apply(process1))
self.assertTrue(ThreatObj.apply(lambda1))
def test_API02(self):
process1 = Process("Process1")
lambda1 = Lambda("Lambda1")
process1.implementsAPI = True
process1.validatesInput = False
lambda1.implementsAPI = True
lambda1.validatesInput = False
ThreatObj = Threat(
next(item for item in threats_json if item["SID"] == "API02"))
self.assertTrue(ThreatObj.apply(process1))
self.assertTrue(ThreatObj.apply(lambda1))
def test_DE02(self):
web = Server("Web Server")
process1 = Process("Process1")
web.validatesInput = False
web.sanitizesInput = False
process1.validatesInput = False
process1.sanitizesInput = False
ThreatObj = Threat(
next(item for item in threats_json if item["SID"] == "DE02"))
self.assertTrue(ThreatObj.apply(web))
self.assertTrue(ThreatObj.apply(process1))
def test_INP26(self):
process1 = Process("Process")
lambda1 = Lambda("lambda")
process1.validatesInput = False
process1.sanitizesInput = False
lambda1.validatesInput = False
lambda1.sanitizesInput = False
ThreatObj = Threat(
next(item for item in threats_json if item["SID"] == "INP26"))
self.assertTrue(ThreatObj.apply(process1))
self.assertTrue(ThreatObj.apply(lambda1))
def test_INP14(self):
process1 = Process("Process1")
lambda1 = Lambda("Lambda1")
web = Server("Web Server")
process1.validatesInput = False
lambda1.validatesInput = False
web.validatesInput = False
threat = threats["INP14"]
self.assertTrue(threat.apply(process1))
self.assertTrue(threat.apply(lambda1))
self.assertTrue(threat.apply(web))
def test_INP14(self):
process1 = Process("Process1")
lambda1 = Lambda("Lambda1")
web = Server("Web Server")
process1.validatesInput = False
lambda1.validatesInput = False
web.validatesInput = False
ThreatObj = Threat(next(item for item in threats_json if item["SID"] == "INP14"))
self.assertTrue(ThreatObj.apply(process1))
self.assertTrue(ThreatObj.apply(lambda1))
self.assertTrue(ThreatObj.apply(web))
def test_LB01(self):
process1 = Process("Process1")
process1.implementsAPI = True
process1.validatesInput = False
process1.sanitizesInput = False
lambda1 = Lambda("Lambda1")
lambda1.implementsAPI = True
lambda1.validatesInput = False
lambda1.sanitizesInput = False
threat = threats["LB01"]
self.assertTrue(threat.apply(process1))
self.assertTrue(threat.apply(lambda1))
def test_INP29(self):
web = Server("Web Server")
process1 = Process("Process")
web.validatesInput = False
web.sanitizesInput = False
web.encodesOutput = False
process1.validatesInput = False
process1.sanitizesInput = False
process1.encodesOutput = False
threat = threats["INP29"]
self.assertTrue(threat.apply(process1))
self.assertTrue(threat.apply(web))
def test_AC03(self):
process1 = Process("Process1")
lambda1 = Lambda("Lambda1")
process1.usesEnvironmentVariables = True
process1.implementsAuthenticationScheme = False
process1.validatesInput = False
process1.authorizesSource = False
lambda1.usesEnvironmentVariables = True
lambda1.implementsAuthenticationScheme = False
lambda1.validatesInput = False
lambda1.authorizesSource = False
threat = threats["AC03"]
self.assertTrue(threat.apply(process1))
self.assertTrue(threat.apply(lambda1))
def test_AC03(self):
process1 = Process("Process1")
lambda1 = Lambda("Lambda1")
process1.usesEnvironmentVariables = True
process1.implementsAuthenticationScheme = False
process1.validatesInput = False
process1.authorizesSource = False
lambda1.usesEnvironmentVariables = True
lambda1.implementsAuthenticationScheme = False
lambda1.validatesInput = False
lambda1.authorizesSource = False
ThreatObj = Threat(next(item for item in threats_json if item["SID"] == "AC03"))
self.assertTrue(ThreatObj.apply(process1))
self.assertTrue(ThreatObj.apply(lambda1))
def test_INP41(self):
process1 = Process("Process")
process1.validatesInput = False
process1.sanitizesInput = False
threat = threats["INP41"]
self.assertTrue(threat.apply(process1))
