def test_INP40(self): process1 = Process("Process") process1.allowsClientSideScripting = True process1.sanitizesInput = False process1.validatesInput = False threat = threats["INP40"] self.assertTrue(threat.apply(process1))
def test_INP31(self): process1 = Process("Process") process1.validatesInput = False process1.sanitizesInput = False process1.usesParameterizedInput = False threat = threats["INP31"] self.assertTrue(threat.apply(process1))
def test_INP32(self): process1 = Process("Process") process1.validatesInput = False process1.sanitizesInput = False process1.encodesOutput = False threat = threats["INP32"] self.assertTrue(threat.apply(process1))
def test_INP35(self): process1 = Process("Process") process1.validatesInput = False process1.sanitizesInput = False ThreatObj = Threat( next(item for item in threats_json if item["SID"] == "INP35")) self.assertTrue(ThreatObj.apply(process1))
def test_INP23(self): process1 = Process("Process") process1.hasAccessControl = False process1.sanitizesInput = False process1.validatesInput = False threat = threats["INP23"] self.assertTrue(threat.apply(process1))
def test_INP40(self): process1 = Process("Process") process1.allowsClientSideScripting = True process1.sanitizesInput = False process1.validatesInput = False ThreatObj = Threat( next(item for item in threats_json if item["SID"] == "INP40")) self.assertTrue(ThreatObj.apply(process1))
def test_DE02(self): web = Server("Web Server") process1 = Process("Process1") web.validatesInput = False web.sanitizesInput = False process1.validatesInput = False process1.sanitizesInput = False threat = threats["DE02"] self.assertTrue(threat.apply(web)) self.assertTrue(threat.apply(process1))
def test_INP26(self): process1 = Process("Process") lambda1 = Lambda("lambda") process1.validatesInput = False process1.sanitizesInput = False lambda1.validatesInput = False lambda1.sanitizesInput = False threat = threats["INP26"] self.assertTrue(threat.apply(process1)) self.assertTrue(threat.apply(lambda1))
def test_DE02(self): web = Server("Web Server") process1 = Process("Process1") web.validatesInput = False web.sanitizesInput = False process1.validatesInput = False process1.sanitizesInput = False ThreatObj = Threat(next(item for item in threats_json if item["SID"] == "DE02")) self.assertTrue(ThreatObj.apply(web)) self.assertTrue(ThreatObj.apply(process1))
def test_LB01(self): process1 = Process("Process1") process1.implementsAPI = True process1.validatesInput = False process1.sanitizesInput = False lambda1 = Lambda("Lambda1") lambda1.implementsAPI = True lambda1.validatesInput = False lambda1.sanitizesInput = False threat = threats["LB01"] self.assertTrue(threat.apply(process1)) self.assertTrue(threat.apply(lambda1))
def test_INP01(self): lambda1 = Lambda("mylambda") process1 = Process("myprocess") lambda1.usesEnvironmentVariables = True lambda1.sanitizesInput = False lambda1.checksInputBounds = False process1.usesEnvironmentVariables = True process1.sanitizesInput = False process1.checksInputBounds = False threat = threats["INP01"] self.assertTrue(threat.apply(lambda1)) self.assertTrue(threat.apply(process1))
def test_INP29(self): web = Server("Web Server") process1 = Process("Process") web.validatesInput = False web.sanitizesInput = False web.encodesOutput = False process1.validatesInput = False process1.sanitizesInput = False process1.encodesOutput = False threat = threats["INP29"] self.assertTrue(threat.apply(process1)) self.assertTrue(threat.apply(web))
def test_LB01(self): process1 = Process("Process1") process1.implementsAPI = True process1.validatesInput = False process1.sanitizesInput = False lambda1 = Lambda("Lambda1") lambda1.implementsAPI = True lambda1.validatesInput = False lambda1.sanitizesInput = False ThreatObj = Threat(next(item for item in threats_json if item["SID"] == "LB01")) self.assertTrue(ThreatObj.apply(process1)) self.assertTrue(ThreatObj.apply(lambda1))
def test_INP01(self): lambda1 = Lambda('mylambda') process1 = Process('myprocess') lambda1.usesEnvironmentVariables = True lambda1.sanitizesInput = False lambda1.checksInputBounds = False process1.usesEnvironmentVariables = True process1.sanitizesInput = False process1.checksInputBounds = False ThreatObj = Threat(next(item for item in threats_json if item["SID"] == "INP01")) self.assertTrue(ThreatObj.apply(lambda1)) self.assertTrue(ThreatObj.apply(process1))
def test_INP08(self): process1 = Process("Process1") lambda1 = Lambda("Lambda1") web = Server("Web Server") process1.validatesInput = False process1.sanitizesInput = False lambda1.validatesInput = False lambda1.sanitizesInput = False web.validatesInput = False web.sanitizesInput = False threat = threats["INP08"] self.assertTrue(threat.apply(process1)) self.assertTrue(threat.apply(lambda1)) self.assertTrue(threat.apply(web))
def test_INP08(self): process1 = Process("Process1") lambda1 = Lambda("Lambda1") web = Server("Web Server") process1.validatesInput = False process1.sanitizesInput = False lambda1.validatesInput = False lambda1.sanitizesInput = False web.validatesInput = False web.sanitizesInput = False ThreatObj = Threat(next(item for item in threats_json if item["SID"] == "INP08")) self.assertTrue(ThreatObj.apply(process1)) self.assertTrue(ThreatObj.apply(lambda1)) self.assertTrue(ThreatObj.apply(web))