mirror of
https://github.com/github/codeql.git
synced 2026-05-01 03:35:13 +02:00
Merge branch 'main' into experimental-cleanup
This commit is contained in:
Rasmus Wriedt Larsen
@@ -1,6 +1,5 @@
|
||||
| test.py:1:1:1:21 | ControlFlowNode for FunctionExpr | test.py:1:5:1:17 | GSSA Variable obfuscated_id |
|
||||
| test.py:1:1:1:21 | ControlFlowNode for FunctionExpr | test.py:1:5:1:17 | GSSA Variable obfuscated_id |
|
||||
| test.py:1:1:1:21 | ControlFlowNode for FunctionExpr | test.py:7:5:7:17 | ControlFlowNode for obfuscated_id |
|
||||
| test.py:1:5:1:17 | GSSA Variable obfuscated_id | test.py:7:5:7:17 | ControlFlowNode for obfuscated_id |
|
||||
| test.py:1:19:1:19 | ControlFlowNode for x | test.py:1:19:1:19 | SSA variable x |
|
||||
| test.py:1:19:1:19 | ControlFlowNode for x | test.py:1:19:1:19 | SSA variable x |
|
||||
@@ -14,18 +13,6 @@
|
||||
| test.py:1:19:1:19 | ControlFlowNode for x | test.py:2:7:2:7 | ControlFlowNode for x |
|
||||
| test.py:1:19:1:19 | ControlFlowNode for x | test.py:2:7:2:7 | ControlFlowNode for x |
|
||||
| test.py:1:19:1:19 | ControlFlowNode for x | test.py:2:7:2:7 | ControlFlowNode for x |
|
||||
| test.py:1:19:1:19 | ControlFlowNode for x | test.py:3:3:3:3 | SSA variable z |
|
||||
| test.py:1:19:1:19 | ControlFlowNode for x | test.py:3:3:3:3 | SSA variable z |
|
||||
| test.py:1:19:1:19 | ControlFlowNode for x | test.py:3:3:3:3 | SSA variable z |
|
||||
| test.py:1:19:1:19 | ControlFlowNode for x | test.py:3:3:3:3 | SSA variable z |
|
||||
| test.py:1:19:1:19 | ControlFlowNode for x | test.py:3:7:3:7 | ControlFlowNode for y |
|
||||
| test.py:1:19:1:19 | ControlFlowNode for x | test.py:3:7:3:7 | ControlFlowNode for y |
|
||||
| test.py:1:19:1:19 | ControlFlowNode for x | test.py:3:7:3:7 | ControlFlowNode for y |
|
||||
| test.py:1:19:1:19 | ControlFlowNode for x | test.py:3:7:3:7 | ControlFlowNode for y |
|
||||
| test.py:1:19:1:19 | ControlFlowNode for x | test.py:4:10:4:10 | ControlFlowNode for z |
|
||||
| test.py:1:19:1:19 | ControlFlowNode for x | test.py:4:10:4:10 | ControlFlowNode for z |
|
||||
| test.py:1:19:1:19 | ControlFlowNode for x | test.py:4:10:4:10 | ControlFlowNode for z |
|
||||
| test.py:1:19:1:19 | ControlFlowNode for x | test.py:4:10:4:10 | ControlFlowNode for z |
|
||||
| test.py:1:19:1:19 | SSA variable x | test.py:2:3:2:3 | SSA variable y |
|
||||
| test.py:1:19:1:19 | SSA variable x | test.py:2:3:2:3 | SSA variable y |
|
||||
| test.py:1:19:1:19 | SSA variable x | test.py:2:3:2:3 | SSA variable y |
|
||||
@@ -34,18 +21,6 @@
|
||||
| test.py:1:19:1:19 | SSA variable x | test.py:2:7:2:7 | ControlFlowNode for x |
|
||||
| test.py:1:19:1:19 | SSA variable x | test.py:2:7:2:7 | ControlFlowNode for x |
|
||||
| test.py:1:19:1:19 | SSA variable x | test.py:2:7:2:7 | ControlFlowNode for x |
|
||||
| test.py:1:19:1:19 | SSA variable x | test.py:3:3:3:3 | SSA variable z |
|
||||
| test.py:1:19:1:19 | SSA variable x | test.py:3:3:3:3 | SSA variable z |
|
||||
| test.py:1:19:1:19 | SSA variable x | test.py:3:3:3:3 | SSA variable z |
|
||||
| test.py:1:19:1:19 | SSA variable x | test.py:3:3:3:3 | SSA variable z |
|
||||
| test.py:1:19:1:19 | SSA variable x | test.py:3:7:3:7 | ControlFlowNode for y |
|
||||
| test.py:1:19:1:19 | SSA variable x | test.py:3:7:3:7 | ControlFlowNode for y |
|
||||
| test.py:1:19:1:19 | SSA variable x | test.py:3:7:3:7 | ControlFlowNode for y |
|
||||
| test.py:1:19:1:19 | SSA variable x | test.py:3:7:3:7 | ControlFlowNode for y |
|
||||
| test.py:1:19:1:19 | SSA variable x | test.py:4:10:4:10 | ControlFlowNode for z |
|
||||
| test.py:1:19:1:19 | SSA variable x | test.py:4:10:4:10 | ControlFlowNode for z |
|
||||
| test.py:1:19:1:19 | SSA variable x | test.py:4:10:4:10 | ControlFlowNode for z |
|
||||
| test.py:1:19:1:19 | SSA variable x | test.py:4:10:4:10 | ControlFlowNode for z |
|
||||
| test.py:2:3:2:3 | SSA variable y | test.py:3:3:3:3 | SSA variable z |
|
||||
| test.py:2:3:2:3 | SSA variable y | test.py:3:3:3:3 | SSA variable z |
|
||||
| test.py:2:3:2:3 | SSA variable y | test.py:3:3:3:3 | SSA variable z |
|
||||
@@ -54,26 +29,10 @@
|
||||
| test.py:2:3:2:3 | SSA variable y | test.py:3:7:3:7 | ControlFlowNode for y |
|
||||
| test.py:2:3:2:3 | SSA variable y | test.py:3:7:3:7 | ControlFlowNode for y |
|
||||
| test.py:2:3:2:3 | SSA variable y | test.py:3:7:3:7 | ControlFlowNode for y |
|
||||
| test.py:2:3:2:3 | SSA variable y | test.py:4:10:4:10 | ControlFlowNode for z |
|
||||
| test.py:2:3:2:3 | SSA variable y | test.py:4:10:4:10 | ControlFlowNode for z |
|
||||
| test.py:2:3:2:3 | SSA variable y | test.py:4:10:4:10 | ControlFlowNode for z |
|
||||
| test.py:2:3:2:3 | SSA variable y | test.py:4:10:4:10 | ControlFlowNode for z |
|
||||
| test.py:2:7:2:7 | ControlFlowNode for x | test.py:2:3:2:3 | SSA variable y |
|
||||
| test.py:2:7:2:7 | ControlFlowNode for x | test.py:2:3:2:3 | SSA variable y |
|
||||
| test.py:2:7:2:7 | ControlFlowNode for x | test.py:2:3:2:3 | SSA variable y |
|
||||
| test.py:2:7:2:7 | ControlFlowNode for x | test.py:2:3:2:3 | SSA variable y |
|
||||
| test.py:2:7:2:7 | ControlFlowNode for x | test.py:3:3:3:3 | SSA variable z |
|
||||
| test.py:2:7:2:7 | ControlFlowNode for x | test.py:3:3:3:3 | SSA variable z |
|
||||
| test.py:2:7:2:7 | ControlFlowNode for x | test.py:3:3:3:3 | SSA variable z |
|
||||
| test.py:2:7:2:7 | ControlFlowNode for x | test.py:3:3:3:3 | SSA variable z |
|
||||
| test.py:2:7:2:7 | ControlFlowNode for x | test.py:3:7:3:7 | ControlFlowNode for y |
|
||||
| test.py:2:7:2:7 | ControlFlowNode for x | test.py:3:7:3:7 | ControlFlowNode for y |
|
||||
| test.py:2:7:2:7 | ControlFlowNode for x | test.py:3:7:3:7 | ControlFlowNode for y |
|
||||
| test.py:2:7:2:7 | ControlFlowNode for x | test.py:3:7:3:7 | ControlFlowNode for y |
|
||||
| test.py:2:7:2:7 | ControlFlowNode for x | test.py:4:10:4:10 | ControlFlowNode for z |
|
||||
| test.py:2:7:2:7 | ControlFlowNode for x | test.py:4:10:4:10 | ControlFlowNode for z |
|
||||
| test.py:2:7:2:7 | ControlFlowNode for x | test.py:4:10:4:10 | ControlFlowNode for z |
|
||||
| test.py:2:7:2:7 | ControlFlowNode for x | test.py:4:10:4:10 | ControlFlowNode for z |
|
||||
| test.py:3:3:3:3 | SSA variable z | test.py:4:10:4:10 | ControlFlowNode for z |
|
||||
| test.py:3:3:3:3 | SSA variable z | test.py:4:10:4:10 | ControlFlowNode for z |
|
||||
| test.py:3:3:3:3 | SSA variable z | test.py:4:10:4:10 | ControlFlowNode for z |
|
||||
@@ -82,18 +41,12 @@
|
||||
| test.py:3:7:3:7 | ControlFlowNode for y | test.py:3:3:3:3 | SSA variable z |
|
||||
| test.py:3:7:3:7 | ControlFlowNode for y | test.py:3:3:3:3 | SSA variable z |
|
||||
| test.py:3:7:3:7 | ControlFlowNode for y | test.py:3:3:3:3 | SSA variable z |
|
||||
| test.py:3:7:3:7 | ControlFlowNode for y | test.py:4:10:4:10 | ControlFlowNode for z |
|
||||
| test.py:3:7:3:7 | ControlFlowNode for y | test.py:4:10:4:10 | ControlFlowNode for z |
|
||||
| test.py:3:7:3:7 | ControlFlowNode for y | test.py:4:10:4:10 | ControlFlowNode for z |
|
||||
| test.py:3:7:3:7 | ControlFlowNode for y | test.py:4:10:4:10 | ControlFlowNode for z |
|
||||
| test.py:4:10:4:10 | ControlFlowNode for z | test.py:7:5:7:20 | ControlFlowNode for obfuscated_id() |
|
||||
| test.py:4:10:4:10 | ControlFlowNode for z | test.py:7:5:7:20 | ControlFlowNode for obfuscated_id() |
|
||||
| test.py:6:1:6:1 | GSSA Variable a | test.py:7:19:7:19 | ControlFlowNode for a |
|
||||
| test.py:6:1:6:1 | GSSA Variable a | test.py:7:19:7:19 | ControlFlowNode for a |
|
||||
| test.py:6:5:6:6 | ControlFlowNode for IntegerLiteral | test.py:6:1:6:1 | GSSA Variable a |
|
||||
| test.py:6:5:6:6 | ControlFlowNode for IntegerLiteral | test.py:6:1:6:1 | GSSA Variable a |
|
||||
| test.py:6:5:6:6 | ControlFlowNode for IntegerLiteral | test.py:7:19:7:19 | ControlFlowNode for a |
|
||||
| test.py:6:5:6:6 | ControlFlowNode for IntegerLiteral | test.py:7:19:7:19 | ControlFlowNode for a |
|
||||
| test.py:7:5:7:20 | ControlFlowNode for obfuscated_id() | test.py:7:1:7:1 | GSSA Variable b |
|
||||
| test.py:7:19:7:19 | ControlFlowNode for a | test.py:1:19:1:19 | ControlFlowNode for x |
|
||||
| test.py:7:19:7:19 | ControlFlowNode for a | test.py:1:19:1:19 | ControlFlowNode for x |
|
||||
|
||||
@@ -0,0 +1,2 @@
|
||||
failures
|
||||
testFailures
|
||||
34
python/ql/test/experimental/dataflow/path-graph/PathNodes.ql
Normal file
34
python/ql/test/experimental/dataflow/path-graph/PathNodes.ql
Normal file
@@ -0,0 +1,34 @@
|
||||
/**
|
||||
* @kind path-problem
|
||||
*/
|
||||
|
||||
import python
|
||||
import semmle.python.dataflow.new.DataFlow
|
||||
import semmle.python.dataflow.new.TaintTracking
|
||||
import experimental.dataflow.testConfig
|
||||
import TestUtilities.InlineExpectationsTest
|
||||
|
||||
module TestTaintFlow = TaintTracking::Global<TestConfig>;
|
||||
|
||||
module PathNodeTest implements TestSig {
|
||||
string getARelevantTag() { result = "path-node" }
|
||||
|
||||
predicate hasActualResult(Location location, string element, string tag, string value) {
|
||||
exists(TestTaintFlow::PathNode pn |
|
||||
location = pn.getNode().getLocation() and
|
||||
tag = "path-node" and
|
||||
value = "" and
|
||||
element = pn.toString()
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
import MakeTest<PathNodeTest>
|
||||
// running the query to inspect the results can be quite nice!
|
||||
// just uncomment these lines!
|
||||
// import TestTaintFlow::PathGraph
|
||||
// from TestTaintFlow::PathNode source, TestTaintFlow::PathNode sink
|
||||
// where TestTaintFlow::flowPath(source, sink)
|
||||
// select sink.getNode(), source, sink,
|
||||
// sink.getNode().getEnclosingCallable().toString() + ": --> " +
|
||||
// sink.getNode().getLocation().getStartLine().toString()
|
||||
96
python/ql/test/experimental/dataflow/path-graph/test.py
Normal file
96
python/ql/test/experimental/dataflow/path-graph/test.py
Normal file
@@ -0,0 +1,96 @@
|
||||
def assign():
|
||||
x = SOURCE # $ path-node
|
||||
|
||||
y = x # $ path-node
|
||||
|
||||
SINK(y) # $ path-node
|
||||
|
||||
|
||||
def aug_assign():
|
||||
x = SOURCE # $ path-node
|
||||
z = ""
|
||||
|
||||
z += x # $ path-node
|
||||
|
||||
SINK(z) # $ path-node
|
||||
|
||||
|
||||
def dont_use_rhs(cond):
|
||||
# like noted in the original Ruby PR: https://github.com/github/codeql/pull/12566
|
||||
x = SOURCE # $ path-node
|
||||
|
||||
if cond:
|
||||
y = x
|
||||
|
||||
SINK(x) # $ path-node
|
||||
|
||||
|
||||
def flow_through_function():
|
||||
def identify(x): # $ path-node
|
||||
return x # $ path-node
|
||||
|
||||
x = SOURCE # $ path-node
|
||||
|
||||
y = identify(x) # $ path-node
|
||||
|
||||
SINK(y) # $ path-node
|
||||
|
||||
|
||||
def attribute():
|
||||
class X: pass
|
||||
x = X()
|
||||
x.attr = SOURCE # $ path-node
|
||||
|
||||
y = x # $ path-node
|
||||
|
||||
SINK(y.attr) # $ path-node
|
||||
|
||||
|
||||
def list_loop():
|
||||
x = SOURCE # $ path-node
|
||||
l = list()
|
||||
|
||||
l.append(x) # $ path-node
|
||||
|
||||
for y in l: # $ path-node
|
||||
|
||||
SINK(y) # $ path-node
|
||||
|
||||
|
||||
def list_index():
|
||||
x = SOURCE # $ path-node
|
||||
l = list()
|
||||
|
||||
l.append(x) # $ path-node
|
||||
|
||||
z = l[0] # $ path-node
|
||||
|
||||
SINK(z) # $ path-node
|
||||
|
||||
|
||||
def test_tuple():
|
||||
x = SOURCE # $ path-node
|
||||
|
||||
y = ((x, 1), 2) # $ path-node
|
||||
|
||||
(z, _), _ = y # $ path-node
|
||||
|
||||
SINK(z) # $ path-node
|
||||
|
||||
|
||||
def test_with():
|
||||
x = SOURCE # $ path-node
|
||||
|
||||
with x as y: # $ path-node
|
||||
|
||||
SINK(y) # $ path-node
|
||||
|
||||
|
||||
def test_match():
|
||||
x = SOURCE # $ path-node
|
||||
|
||||
match x:
|
||||
|
||||
case y: # $ path-node
|
||||
|
||||
SINK(y) # $ path-node
|
||||
@@ -1,41 +1,55 @@
|
||||
edges
|
||||
| summaries.py:32:11:32:26 | ControlFlowNode for identity() | summaries.py:33:6:33:12 | ControlFlowNode for tainted |
|
||||
| summaries.py:32:1:32:7 | GSSA Variable tainted | summaries.py:33:6:33:12 | ControlFlowNode for tainted |
|
||||
| summaries.py:32:11:32:26 | ControlFlowNode for identity() | summaries.py:32:1:32:7 | GSSA Variable tainted |
|
||||
| summaries.py:32:20:32:25 | ControlFlowNode for SOURCE | summaries.py:32:11:32:26 | ControlFlowNode for identity() |
|
||||
| summaries.py:36:18:36:54 | ControlFlowNode for apply_lambda() | summaries.py:37:6:37:19 | ControlFlowNode for tainted_lambda |
|
||||
| summaries.py:36:1:36:14 | GSSA Variable tainted_lambda | summaries.py:37:6:37:19 | ControlFlowNode for tainted_lambda |
|
||||
| summaries.py:36:18:36:54 | ControlFlowNode for apply_lambda() | summaries.py:36:1:36:14 | GSSA Variable tainted_lambda |
|
||||
| summaries.py:36:48:36:53 | ControlFlowNode for SOURCE | summaries.py:36:18:36:54 | ControlFlowNode for apply_lambda() |
|
||||
| summaries.py:44:16:44:33 | ControlFlowNode for reversed() | summaries.py:45:6:45:20 | ControlFlowNode for Subscript |
|
||||
| summaries.py:44:16:44:33 | ControlFlowNode for reversed() [List element] | summaries.py:45:6:45:17 | ControlFlowNode for tainted_list [List element] |
|
||||
| summaries.py:44:1:44:12 | GSSA Variable tainted_list | summaries.py:45:6:45:20 | ControlFlowNode for Subscript |
|
||||
| summaries.py:44:1:44:12 | GSSA Variable tainted_list [List element] | summaries.py:45:6:45:17 | ControlFlowNode for tainted_list [List element] |
|
||||
| summaries.py:44:16:44:33 | ControlFlowNode for reversed() | summaries.py:44:1:44:12 | GSSA Variable tainted_list |
|
||||
| summaries.py:44:16:44:33 | ControlFlowNode for reversed() [List element] | summaries.py:44:1:44:12 | GSSA Variable tainted_list [List element] |
|
||||
| summaries.py:44:25:44:32 | ControlFlowNode for List | summaries.py:44:16:44:33 | ControlFlowNode for reversed() |
|
||||
| summaries.py:44:25:44:32 | ControlFlowNode for List [List element] | summaries.py:44:16:44:33 | ControlFlowNode for reversed() [List element] |
|
||||
| summaries.py:44:26:44:31 | ControlFlowNode for SOURCE | summaries.py:44:25:44:32 | ControlFlowNode for List |
|
||||
| summaries.py:44:26:44:31 | ControlFlowNode for SOURCE | summaries.py:44:25:44:32 | ControlFlowNode for List [List element] |
|
||||
| summaries.py:45:6:45:17 | ControlFlowNode for tainted_list [List element] | summaries.py:45:6:45:20 | ControlFlowNode for Subscript |
|
||||
| summaries.py:51:18:51:46 | ControlFlowNode for list_map() [List element] | summaries.py:52:6:52:19 | ControlFlowNode for tainted_mapped [List element] |
|
||||
| summaries.py:51:1:51:14 | GSSA Variable tainted_mapped [List element] | summaries.py:52:6:52:19 | ControlFlowNode for tainted_mapped [List element] |
|
||||
| summaries.py:51:18:51:46 | ControlFlowNode for list_map() [List element] | summaries.py:51:1:51:14 | GSSA Variable tainted_mapped [List element] |
|
||||
| summaries.py:51:38:51:45 | ControlFlowNode for List [List element] | summaries.py:51:18:51:46 | ControlFlowNode for list_map() [List element] |
|
||||
| summaries.py:51:39:51:44 | ControlFlowNode for SOURCE | summaries.py:51:38:51:45 | ControlFlowNode for List [List element] |
|
||||
| summaries.py:52:6:52:19 | ControlFlowNode for tainted_mapped [List element] | summaries.py:52:6:52:22 | ControlFlowNode for Subscript |
|
||||
| summaries.py:57:27:57:63 | ControlFlowNode for list_map() [List element] | summaries.py:58:6:58:28 | ControlFlowNode for tainted_mapped_explicit [List element] |
|
||||
| summaries.py:57:1:57:23 | GSSA Variable tainted_mapped_explicit [List element] | summaries.py:58:6:58:28 | ControlFlowNode for tainted_mapped_explicit [List element] |
|
||||
| summaries.py:57:27:57:63 | ControlFlowNode for list_map() [List element] | summaries.py:57:1:57:23 | GSSA Variable tainted_mapped_explicit [List element] |
|
||||
| summaries.py:57:55:57:62 | ControlFlowNode for List [List element] | summaries.py:57:27:57:63 | ControlFlowNode for list_map() [List element] |
|
||||
| summaries.py:57:56:57:61 | ControlFlowNode for SOURCE | summaries.py:57:55:57:62 | ControlFlowNode for List [List element] |
|
||||
| summaries.py:58:6:58:28 | ControlFlowNode for tainted_mapped_explicit [List element] | summaries.py:58:6:58:31 | ControlFlowNode for Subscript |
|
||||
| summaries.py:60:26:60:53 | ControlFlowNode for list_map() [List element] | summaries.py:61:6:61:27 | ControlFlowNode for tainted_mapped_summary [List element] |
|
||||
| summaries.py:60:1:60:22 | GSSA Variable tainted_mapped_summary [List element] | summaries.py:61:6:61:27 | ControlFlowNode for tainted_mapped_summary [List element] |
|
||||
| summaries.py:60:26:60:53 | ControlFlowNode for list_map() [List element] | summaries.py:60:1:60:22 | GSSA Variable tainted_mapped_summary [List element] |
|
||||
| summaries.py:60:45:60:52 | ControlFlowNode for List [List element] | summaries.py:60:26:60:53 | ControlFlowNode for list_map() [List element] |
|
||||
| summaries.py:60:46:60:51 | ControlFlowNode for SOURCE | summaries.py:60:45:60:52 | ControlFlowNode for List [List element] |
|
||||
| summaries.py:61:6:61:27 | ControlFlowNode for tainted_mapped_summary [List element] | summaries.py:61:6:61:30 | ControlFlowNode for Subscript |
|
||||
| summaries.py:63:16:63:41 | ControlFlowNode for append_to_list() [List element] | summaries.py:64:6:64:17 | ControlFlowNode for tainted_list [List element] |
|
||||
| summaries.py:63:1:63:12 | GSSA Variable tainted_list [List element] | summaries.py:64:6:64:17 | ControlFlowNode for tainted_list [List element] |
|
||||
| summaries.py:63:16:63:41 | ControlFlowNode for append_to_list() [List element] | summaries.py:63:1:63:12 | GSSA Variable tainted_list [List element] |
|
||||
| summaries.py:63:35:63:40 | ControlFlowNode for SOURCE | summaries.py:63:16:63:41 | ControlFlowNode for append_to_list() [List element] |
|
||||
| summaries.py:64:6:64:17 | ControlFlowNode for tainted_list [List element] | summaries.py:64:6:64:20 | ControlFlowNode for Subscript |
|
||||
| summaries.py:67:22:67:39 | ControlFlowNode for json_loads() [List element] | summaries.py:68:6:68:23 | ControlFlowNode for tainted_resultlist [List element] |
|
||||
| summaries.py:67:1:67:18 | GSSA Variable tainted_resultlist | summaries.py:68:6:68:26 | ControlFlowNode for Subscript |
|
||||
| summaries.py:67:1:67:18 | GSSA Variable tainted_resultlist [List element] | summaries.py:68:6:68:23 | ControlFlowNode for tainted_resultlist [List element] |
|
||||
| summaries.py:67:22:67:39 | ControlFlowNode for json_loads() [List element] | summaries.py:67:1:67:18 | GSSA Variable tainted_resultlist [List element] |
|
||||
| summaries.py:67:33:67:38 | ControlFlowNode for SOURCE | summaries.py:67:1:67:18 | GSSA Variable tainted_resultlist |
|
||||
| summaries.py:67:33:67:38 | ControlFlowNode for SOURCE | summaries.py:67:22:67:39 | ControlFlowNode for json_loads() [List element] |
|
||||
| summaries.py:67:33:67:38 | ControlFlowNode for SOURCE | summaries.py:68:6:68:26 | ControlFlowNode for Subscript |
|
||||
| summaries.py:68:6:68:23 | ControlFlowNode for tainted_resultlist [List element] | summaries.py:68:6:68:26 | ControlFlowNode for Subscript |
|
||||
nodes
|
||||
| summaries.py:32:1:32:7 | GSSA Variable tainted | semmle.label | GSSA Variable tainted |
|
||||
| summaries.py:32:11:32:26 | ControlFlowNode for identity() | semmle.label | ControlFlowNode for identity() |
|
||||
| summaries.py:32:20:32:25 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
|
||||
| summaries.py:33:6:33:12 | ControlFlowNode for tainted | semmle.label | ControlFlowNode for tainted |
|
||||
| summaries.py:36:1:36:14 | GSSA Variable tainted_lambda | semmle.label | GSSA Variable tainted_lambda |
|
||||
| summaries.py:36:18:36:54 | ControlFlowNode for apply_lambda() | semmle.label | ControlFlowNode for apply_lambda() |
|
||||
| summaries.py:36:48:36:53 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
|
||||
| summaries.py:37:6:37:19 | ControlFlowNode for tainted_lambda | semmle.label | ControlFlowNode for tainted_lambda |
|
||||
| summaries.py:44:1:44:12 | GSSA Variable tainted_list | semmle.label | GSSA Variable tainted_list |
|
||||
| summaries.py:44:1:44:12 | GSSA Variable tainted_list [List element] | semmle.label | GSSA Variable tainted_list [List element] |
|
||||
| summaries.py:44:16:44:33 | ControlFlowNode for reversed() | semmle.label | ControlFlowNode for reversed() |
|
||||
| summaries.py:44:16:44:33 | ControlFlowNode for reversed() [List element] | semmle.label | ControlFlowNode for reversed() [List element] |
|
||||
| summaries.py:44:25:44:32 | ControlFlowNode for List | semmle.label | ControlFlowNode for List |
|
||||
@@ -43,25 +57,31 @@ nodes
|
||||
| summaries.py:44:26:44:31 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
|
||||
| summaries.py:45:6:45:17 | ControlFlowNode for tainted_list [List element] | semmle.label | ControlFlowNode for tainted_list [List element] |
|
||||
| summaries.py:45:6:45:20 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| summaries.py:51:1:51:14 | GSSA Variable tainted_mapped [List element] | semmle.label | GSSA Variable tainted_mapped [List element] |
|
||||
| summaries.py:51:18:51:46 | ControlFlowNode for list_map() [List element] | semmle.label | ControlFlowNode for list_map() [List element] |
|
||||
| summaries.py:51:38:51:45 | ControlFlowNode for List [List element] | semmle.label | ControlFlowNode for List [List element] |
|
||||
| summaries.py:51:39:51:44 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
|
||||
| summaries.py:52:6:52:19 | ControlFlowNode for tainted_mapped [List element] | semmle.label | ControlFlowNode for tainted_mapped [List element] |
|
||||
| summaries.py:52:6:52:22 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| summaries.py:57:1:57:23 | GSSA Variable tainted_mapped_explicit [List element] | semmle.label | GSSA Variable tainted_mapped_explicit [List element] |
|
||||
| summaries.py:57:27:57:63 | ControlFlowNode for list_map() [List element] | semmle.label | ControlFlowNode for list_map() [List element] |
|
||||
| summaries.py:57:55:57:62 | ControlFlowNode for List [List element] | semmle.label | ControlFlowNode for List [List element] |
|
||||
| summaries.py:57:56:57:61 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
|
||||
| summaries.py:58:6:58:28 | ControlFlowNode for tainted_mapped_explicit [List element] | semmle.label | ControlFlowNode for tainted_mapped_explicit [List element] |
|
||||
| summaries.py:58:6:58:31 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| summaries.py:60:1:60:22 | GSSA Variable tainted_mapped_summary [List element] | semmle.label | GSSA Variable tainted_mapped_summary [List element] |
|
||||
| summaries.py:60:26:60:53 | ControlFlowNode for list_map() [List element] | semmle.label | ControlFlowNode for list_map() [List element] |
|
||||
| summaries.py:60:45:60:52 | ControlFlowNode for List [List element] | semmle.label | ControlFlowNode for List [List element] |
|
||||
| summaries.py:60:46:60:51 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
|
||||
| summaries.py:61:6:61:27 | ControlFlowNode for tainted_mapped_summary [List element] | semmle.label | ControlFlowNode for tainted_mapped_summary [List element] |
|
||||
| summaries.py:61:6:61:30 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| summaries.py:63:1:63:12 | GSSA Variable tainted_list [List element] | semmle.label | GSSA Variable tainted_list [List element] |
|
||||
| summaries.py:63:16:63:41 | ControlFlowNode for append_to_list() [List element] | semmle.label | ControlFlowNode for append_to_list() [List element] |
|
||||
| summaries.py:63:35:63:40 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
|
||||
| summaries.py:64:6:64:17 | ControlFlowNode for tainted_list [List element] | semmle.label | ControlFlowNode for tainted_list [List element] |
|
||||
| summaries.py:64:6:64:20 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| summaries.py:67:1:67:18 | GSSA Variable tainted_resultlist | semmle.label | GSSA Variable tainted_resultlist |
|
||||
| summaries.py:67:1:67:18 | GSSA Variable tainted_resultlist [List element] | semmle.label | GSSA Variable tainted_resultlist [List element] |
|
||||
| summaries.py:67:22:67:39 | ControlFlowNode for json_loads() [List element] | semmle.label | ControlFlowNode for json_loads() [List element] |
|
||||
| summaries.py:67:33:67:38 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
|
||||
| summaries.py:68:6:68:23 | ControlFlowNode for tainted_resultlist [List element] | semmle.label | ControlFlowNode for tainted_resultlist [List element] |
|
||||
|
||||
@@ -1,5 +1,6 @@
|
||||
edges
|
||||
| TarSlipImprov.py:15:7:15:39 | ControlFlowNode for Attribute() | TarSlipImprov.py:17:5:17:10 | GSSA Variable member |
|
||||
| TarSlipImprov.py:15:1:15:3 | GSSA Variable tar | TarSlipImprov.py:17:5:17:10 | GSSA Variable member |
|
||||
| TarSlipImprov.py:15:7:15:39 | ControlFlowNode for Attribute() | TarSlipImprov.py:15:1:15:3 | GSSA Variable tar |
|
||||
| TarSlipImprov.py:17:5:17:10 | GSSA Variable member | TarSlipImprov.py:20:19:20:24 | ControlFlowNode for member |
|
||||
| TarSlipImprov.py:20:5:20:10 | [post] ControlFlowNode for result | TarSlipImprov.py:22:35:22:40 | ControlFlowNode for result |
|
||||
| TarSlipImprov.py:20:19:20:24 | ControlFlowNode for member | TarSlipImprov.py:20:5:20:10 | [post] ControlFlowNode for result |
|
||||
@@ -7,50 +8,77 @@ edges
|
||||
| TarSlipImprov.py:28:9:28:14 | SSA variable member | TarSlipImprov.py:35:23:35:28 | ControlFlowNode for member |
|
||||
| TarSlipImprov.py:35:9:35:14 | [post] ControlFlowNode for result | TarSlipImprov.py:36:12:36:17 | ControlFlowNode for result |
|
||||
| TarSlipImprov.py:35:23:35:28 | ControlFlowNode for member | TarSlipImprov.py:35:9:35:14 | [post] ControlFlowNode for result |
|
||||
| TarSlipImprov.py:38:7:38:39 | ControlFlowNode for Attribute() | TarSlipImprov.py:39:65:39:67 | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:38:1:38:3 | GSSA Variable tar | TarSlipImprov.py:39:65:39:67 | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:38:7:38:39 | ControlFlowNode for Attribute() | TarSlipImprov.py:38:1:38:3 | GSSA Variable tar |
|
||||
| TarSlipImprov.py:39:65:39:67 | ControlFlowNode for tar | TarSlipImprov.py:26:21:26:27 | ControlFlowNode for tarfile |
|
||||
| TarSlipImprov.py:39:65:39:67 | ControlFlowNode for tar | TarSlipImprov.py:39:49:39:68 | ControlFlowNode for members_filter1() |
|
||||
| TarSlipImprov.py:43:6:43:38 | ControlFlowNode for Attribute() | TarSlipImprov.py:44:9:44:13 | GSSA Variable entry |
|
||||
| TarSlipImprov.py:43:6:43:38 | ControlFlowNode for Attribute() | TarSlipImprov.py:43:43:43:45 | GSSA Variable tar |
|
||||
| TarSlipImprov.py:43:43:43:45 | GSSA Variable tar | TarSlipImprov.py:44:9:44:13 | GSSA Variable entry |
|
||||
| TarSlipImprov.py:44:9:44:13 | GSSA Variable entry | TarSlipImprov.py:47:21:47:25 | ControlFlowNode for entry |
|
||||
| TarSlipImprov.py:54:6:54:38 | ControlFlowNode for Attribute() | TarSlipImprov.py:56:9:56:13 | GSSA Variable entry |
|
||||
| TarSlipImprov.py:54:6:54:38 | ControlFlowNode for Attribute() | TarSlipImprov.py:54:43:54:45 | GSSA Variable tar |
|
||||
| TarSlipImprov.py:54:43:54:45 | GSSA Variable tar | TarSlipImprov.py:56:9:56:13 | GSSA Variable entry |
|
||||
| TarSlipImprov.py:56:9:56:13 | GSSA Variable entry | TarSlipImprov.py:58:21:58:25 | ControlFlowNode for entry |
|
||||
| TarSlipImprov.py:88:6:88:43 | ControlFlowNode for Attribute() | TarSlipImprov.py:91:5:91:7 | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:111:7:111:39 | ControlFlowNode for Attribute() | TarSlipImprov.py:115:9:115:11 | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:123:6:123:29 | ControlFlowNode for Attribute() | TarSlipImprov.py:124:9:124:13 | GSSA Variable entry |
|
||||
| TarSlipImprov.py:88:6:88:43 | ControlFlowNode for Attribute() | TarSlipImprov.py:88:48:88:50 | GSSA Variable tar |
|
||||
| TarSlipImprov.py:88:48:88:50 | GSSA Variable tar | TarSlipImprov.py:91:5:91:7 | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:111:1:111:3 | GSSA Variable tar | TarSlipImprov.py:115:9:115:11 | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:111:7:111:39 | ControlFlowNode for Attribute() | TarSlipImprov.py:111:1:111:3 | GSSA Variable tar |
|
||||
| TarSlipImprov.py:123:6:123:29 | ControlFlowNode for Attribute() | TarSlipImprov.py:123:34:123:36 | GSSA Variable tar |
|
||||
| TarSlipImprov.py:123:34:123:36 | GSSA Variable tar | TarSlipImprov.py:124:9:124:13 | GSSA Variable entry |
|
||||
| TarSlipImprov.py:124:9:124:13 | GSSA Variable entry | TarSlipImprov.py:125:36:125:40 | ControlFlowNode for entry |
|
||||
| TarSlipImprov.py:129:6:129:26 | ControlFlowNode for Attribute() | TarSlipImprov.py:130:5:130:7 | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:133:7:133:39 | ControlFlowNode for Attribute() | TarSlipImprov.py:134:1:134:3 | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:141:6:141:29 | ControlFlowNode for Attribute() | TarSlipImprov.py:142:9:142:13 | GSSA Variable entry |
|
||||
| TarSlipImprov.py:129:6:129:26 | ControlFlowNode for Attribute() | TarSlipImprov.py:129:31:129:33 | GSSA Variable tar |
|
||||
| TarSlipImprov.py:129:31:129:33 | GSSA Variable tar | TarSlipImprov.py:130:5:130:7 | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:133:1:133:3 | GSSA Variable tar | TarSlipImprov.py:134:1:134:3 | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:133:7:133:39 | ControlFlowNode for Attribute() | TarSlipImprov.py:133:1:133:3 | GSSA Variable tar |
|
||||
| TarSlipImprov.py:141:6:141:29 | ControlFlowNode for Attribute() | TarSlipImprov.py:141:34:141:36 | GSSA Variable tar |
|
||||
| TarSlipImprov.py:141:34:141:36 | GSSA Variable tar | TarSlipImprov.py:142:9:142:13 | GSSA Variable entry |
|
||||
| TarSlipImprov.py:142:9:142:13 | GSSA Variable entry | TarSlipImprov.py:143:36:143:40 | ControlFlowNode for entry |
|
||||
| TarSlipImprov.py:159:26:159:51 | ControlFlowNode for Attribute() | TarSlipImprov.py:169:9:169:12 | ControlFlowNode for tarc |
|
||||
| TarSlipImprov.py:176:6:176:31 | ControlFlowNode for Attribute() | TarSlipImprov.py:177:9:177:13 | GSSA Variable entry |
|
||||
| TarSlipImprov.py:159:9:159:14 | SSA variable tar_cm | TarSlipImprov.py:162:20:162:23 | SSA variable tarc |
|
||||
| TarSlipImprov.py:159:26:159:51 | ControlFlowNode for Attribute() | TarSlipImprov.py:159:9:159:14 | SSA variable tar_cm |
|
||||
| TarSlipImprov.py:162:20:162:23 | SSA variable tarc | TarSlipImprov.py:169:9:169:12 | ControlFlowNode for tarc |
|
||||
| TarSlipImprov.py:176:6:176:31 | ControlFlowNode for Attribute() | TarSlipImprov.py:176:36:176:38 | GSSA Variable tar |
|
||||
| TarSlipImprov.py:176:36:176:38 | GSSA Variable tar | TarSlipImprov.py:177:9:177:13 | GSSA Variable entry |
|
||||
| TarSlipImprov.py:177:9:177:13 | GSSA Variable entry | TarSlipImprov.py:178:36:178:40 | ControlFlowNode for entry |
|
||||
| TarSlipImprov.py:182:6:182:31 | ControlFlowNode for Attribute() | TarSlipImprov.py:183:9:183:13 | GSSA Variable entry |
|
||||
| TarSlipImprov.py:182:6:182:31 | ControlFlowNode for Attribute() | TarSlipImprov.py:182:36:182:38 | GSSA Variable tar |
|
||||
| TarSlipImprov.py:182:36:182:38 | GSSA Variable tar | TarSlipImprov.py:183:9:183:13 | GSSA Variable entry |
|
||||
| TarSlipImprov.py:183:9:183:13 | GSSA Variable entry | TarSlipImprov.py:184:21:184:25 | ControlFlowNode for entry |
|
||||
| TarSlipImprov.py:188:7:188:27 | ControlFlowNode for Attribute() | TarSlipImprov.py:189:1:189:3 | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:193:6:193:31 | ControlFlowNode for Attribute() | TarSlipImprov.py:194:49:194:51 | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:210:6:210:43 | ControlFlowNode for Attribute() | TarSlipImprov.py:211:5:211:7 | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:231:6:231:38 | ControlFlowNode for Attribute() | TarSlipImprov.py:233:9:233:9 | GSSA Variable f |
|
||||
| TarSlipImprov.py:188:1:188:3 | GSSA Variable tar | TarSlipImprov.py:189:1:189:3 | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:188:7:188:27 | ControlFlowNode for Attribute() | TarSlipImprov.py:188:1:188:3 | GSSA Variable tar |
|
||||
| TarSlipImprov.py:193:6:193:31 | ControlFlowNode for Attribute() | TarSlipImprov.py:193:36:193:38 | GSSA Variable tar |
|
||||
| TarSlipImprov.py:193:36:193:38 | GSSA Variable tar | TarSlipImprov.py:194:49:194:51 | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:210:6:210:43 | ControlFlowNode for Attribute() | TarSlipImprov.py:210:48:210:50 | GSSA Variable tar |
|
||||
| TarSlipImprov.py:210:48:210:50 | GSSA Variable tar | TarSlipImprov.py:211:5:211:7 | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:231:6:231:38 | ControlFlowNode for Attribute() | TarSlipImprov.py:231:43:231:52 | GSSA Variable corpus_tar |
|
||||
| TarSlipImprov.py:231:43:231:52 | GSSA Variable corpus_tar | TarSlipImprov.py:233:9:233:9 | GSSA Variable f |
|
||||
| TarSlipImprov.py:233:9:233:9 | GSSA Variable f | TarSlipImprov.py:235:28:235:28 | ControlFlowNode for f |
|
||||
| TarSlipImprov.py:235:13:235:19 | [post] ControlFlowNode for members | TarSlipImprov.py:236:44:236:50 | ControlFlowNode for members |
|
||||
| TarSlipImprov.py:235:28:235:28 | ControlFlowNode for f | TarSlipImprov.py:235:13:235:19 | [post] ControlFlowNode for members |
|
||||
| TarSlipImprov.py:258:6:258:26 | ControlFlowNode for Attribute() | TarSlipImprov.py:259:9:259:13 | GSSA Variable entry |
|
||||
| TarSlipImprov.py:258:6:258:26 | ControlFlowNode for Attribute() | TarSlipImprov.py:258:31:258:33 | GSSA Variable tar |
|
||||
| TarSlipImprov.py:258:31:258:33 | GSSA Variable tar | TarSlipImprov.py:259:9:259:13 | GSSA Variable entry |
|
||||
| TarSlipImprov.py:259:9:259:13 | GSSA Variable entry | TarSlipImprov.py:261:25:261:29 | ControlFlowNode for entry |
|
||||
| TarSlipImprov.py:264:6:264:38 | ControlFlowNode for Attribute() | TarSlipImprov.py:265:9:265:13 | GSSA Variable entry |
|
||||
| TarSlipImprov.py:264:6:264:38 | ControlFlowNode for Attribute() | TarSlipImprov.py:264:43:264:45 | GSSA Variable tar |
|
||||
| TarSlipImprov.py:264:43:264:45 | GSSA Variable tar | TarSlipImprov.py:265:9:265:13 | GSSA Variable entry |
|
||||
| TarSlipImprov.py:265:9:265:13 | GSSA Variable entry | TarSlipImprov.py:268:21:268:25 | ControlFlowNode for entry |
|
||||
| TarSlipImprov.py:271:6:271:39 | ControlFlowNode for Attribute() | TarSlipImprov.py:272:9:272:13 | GSSA Variable entry |
|
||||
| TarSlipImprov.py:271:6:271:39 | ControlFlowNode for Attribute() | TarSlipImprov.py:271:44:271:46 | GSSA Variable tar |
|
||||
| TarSlipImprov.py:271:44:271:46 | GSSA Variable tar | TarSlipImprov.py:272:9:272:13 | GSSA Variable entry |
|
||||
| TarSlipImprov.py:272:9:272:13 | GSSA Variable entry | TarSlipImprov.py:274:25:274:29 | ControlFlowNode for entry |
|
||||
| TarSlipImprov.py:276:6:276:38 | ControlFlowNode for Attribute() | TarSlipImprov.py:277:9:277:13 | GSSA Variable entry |
|
||||
| TarSlipImprov.py:276:6:276:38 | ControlFlowNode for Attribute() | TarSlipImprov.py:276:43:276:45 | GSSA Variable tar |
|
||||
| TarSlipImprov.py:276:43:276:45 | GSSA Variable tar | TarSlipImprov.py:277:9:277:13 | GSSA Variable entry |
|
||||
| TarSlipImprov.py:277:9:277:13 | GSSA Variable entry | TarSlipImprov.py:280:21:280:25 | ControlFlowNode for entry |
|
||||
| TarSlipImprov.py:283:6:283:51 | ControlFlowNode for Attribute() | TarSlipImprov.py:284:5:284:7 | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:287:7:287:28 | ControlFlowNode for Attribute() | TarSlipImprov.py:288:49:288:51 | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:292:7:292:39 | ControlFlowNode for Attribute() | TarSlipImprov.py:293:1:293:3 | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:300:6:300:51 | ControlFlowNode for Attribute() | TarSlipImprov.py:301:49:301:51 | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:304:7:304:39 | ControlFlowNode for Attribute() | TarSlipImprov.py:306:5:306:10 | GSSA Variable member |
|
||||
| TarSlipImprov.py:283:6:283:51 | ControlFlowNode for Attribute() | TarSlipImprov.py:283:56:283:58 | GSSA Variable tar |
|
||||
| TarSlipImprov.py:283:56:283:58 | GSSA Variable tar | TarSlipImprov.py:284:5:284:7 | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:287:1:287:3 | GSSA Variable tar | TarSlipImprov.py:288:49:288:51 | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:287:7:287:28 | ControlFlowNode for Attribute() | TarSlipImprov.py:287:1:287:3 | GSSA Variable tar |
|
||||
| TarSlipImprov.py:292:1:292:3 | GSSA Variable tar | TarSlipImprov.py:293:1:293:3 | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:292:7:292:39 | ControlFlowNode for Attribute() | TarSlipImprov.py:292:1:292:3 | GSSA Variable tar |
|
||||
| TarSlipImprov.py:300:6:300:51 | ControlFlowNode for Attribute() | TarSlipImprov.py:300:56:300:58 | GSSA Variable tar |
|
||||
| TarSlipImprov.py:300:56:300:58 | GSSA Variable tar | TarSlipImprov.py:301:49:301:51 | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:304:1:304:3 | GSSA Variable tar | TarSlipImprov.py:306:5:306:10 | GSSA Variable member |
|
||||
| TarSlipImprov.py:304:7:304:39 | ControlFlowNode for Attribute() | TarSlipImprov.py:304:1:304:3 | GSSA Variable tar |
|
||||
| TarSlipImprov.py:306:5:306:10 | GSSA Variable member | TarSlipImprov.py:309:19:309:24 | ControlFlowNode for member |
|
||||
| TarSlipImprov.py:309:5:309:10 | [post] ControlFlowNode for result | TarSlipImprov.py:310:49:310:54 | ControlFlowNode for result |
|
||||
| TarSlipImprov.py:309:19:309:24 | ControlFlowNode for member | TarSlipImprov.py:309:5:309:10 | [post] ControlFlowNode for result |
|
||||
nodes
|
||||
| TarSlipImprov.py:15:1:15:3 | GSSA Variable tar | semmle.label | GSSA Variable tar |
|
||||
| TarSlipImprov.py:15:7:15:39 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:17:5:17:10 | GSSA Variable member | semmle.label | GSSA Variable member |
|
||||
| TarSlipImprov.py:20:5:20:10 | [post] ControlFlowNode for result | semmle.label | [post] ControlFlowNode for result |
|
||||
@@ -61,69 +89,95 @@ nodes
|
||||
| TarSlipImprov.py:35:9:35:14 | [post] ControlFlowNode for result | semmle.label | [post] ControlFlowNode for result |
|
||||
| TarSlipImprov.py:35:23:35:28 | ControlFlowNode for member | semmle.label | ControlFlowNode for member |
|
||||
| TarSlipImprov.py:36:12:36:17 | ControlFlowNode for result | semmle.label | ControlFlowNode for result |
|
||||
| TarSlipImprov.py:38:1:38:3 | GSSA Variable tar | semmle.label | GSSA Variable tar |
|
||||
| TarSlipImprov.py:38:7:38:39 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:39:49:39:68 | ControlFlowNode for members_filter1() | semmle.label | ControlFlowNode for members_filter1() |
|
||||
| TarSlipImprov.py:39:65:39:67 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:43:6:43:38 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:43:43:43:45 | GSSA Variable tar | semmle.label | GSSA Variable tar |
|
||||
| TarSlipImprov.py:44:9:44:13 | GSSA Variable entry | semmle.label | GSSA Variable entry |
|
||||
| TarSlipImprov.py:47:21:47:25 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry |
|
||||
| TarSlipImprov.py:54:6:54:38 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:54:43:54:45 | GSSA Variable tar | semmle.label | GSSA Variable tar |
|
||||
| TarSlipImprov.py:56:9:56:13 | GSSA Variable entry | semmle.label | GSSA Variable entry |
|
||||
| TarSlipImprov.py:58:21:58:25 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry |
|
||||
| TarSlipImprov.py:88:6:88:43 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:88:48:88:50 | GSSA Variable tar | semmle.label | GSSA Variable tar |
|
||||
| TarSlipImprov.py:91:5:91:7 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:111:1:111:3 | GSSA Variable tar | semmle.label | GSSA Variable tar |
|
||||
| TarSlipImprov.py:111:7:111:39 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:115:9:115:11 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:123:6:123:29 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:123:34:123:36 | GSSA Variable tar | semmle.label | GSSA Variable tar |
|
||||
| TarSlipImprov.py:124:9:124:13 | GSSA Variable entry | semmle.label | GSSA Variable entry |
|
||||
| TarSlipImprov.py:125:36:125:40 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry |
|
||||
| TarSlipImprov.py:129:6:129:26 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:129:31:129:33 | GSSA Variable tar | semmle.label | GSSA Variable tar |
|
||||
| TarSlipImprov.py:130:5:130:7 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:133:1:133:3 | GSSA Variable tar | semmle.label | GSSA Variable tar |
|
||||
| TarSlipImprov.py:133:7:133:39 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:134:1:134:3 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:141:6:141:29 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:141:34:141:36 | GSSA Variable tar | semmle.label | GSSA Variable tar |
|
||||
| TarSlipImprov.py:142:9:142:13 | GSSA Variable entry | semmle.label | GSSA Variable entry |
|
||||
| TarSlipImprov.py:143:36:143:40 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry |
|
||||
| TarSlipImprov.py:159:9:159:14 | SSA variable tar_cm | semmle.label | SSA variable tar_cm |
|
||||
| TarSlipImprov.py:159:26:159:51 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:162:20:162:23 | SSA variable tarc | semmle.label | SSA variable tarc |
|
||||
| TarSlipImprov.py:169:9:169:12 | ControlFlowNode for tarc | semmle.label | ControlFlowNode for tarc |
|
||||
| TarSlipImprov.py:176:6:176:31 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:176:36:176:38 | GSSA Variable tar | semmle.label | GSSA Variable tar |
|
||||
| TarSlipImprov.py:177:9:177:13 | GSSA Variable entry | semmle.label | GSSA Variable entry |
|
||||
| TarSlipImprov.py:178:36:178:40 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry |
|
||||
| TarSlipImprov.py:182:6:182:31 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:182:36:182:38 | GSSA Variable tar | semmle.label | GSSA Variable tar |
|
||||
| TarSlipImprov.py:183:9:183:13 | GSSA Variable entry | semmle.label | GSSA Variable entry |
|
||||
| TarSlipImprov.py:184:21:184:25 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry |
|
||||
| TarSlipImprov.py:188:1:188:3 | GSSA Variable tar | semmle.label | GSSA Variable tar |
|
||||
| TarSlipImprov.py:188:7:188:27 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:189:1:189:3 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:193:6:193:31 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:193:36:193:38 | GSSA Variable tar | semmle.label | GSSA Variable tar |
|
||||
| TarSlipImprov.py:194:49:194:51 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:210:6:210:43 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:210:48:210:50 | GSSA Variable tar | semmle.label | GSSA Variable tar |
|
||||
| TarSlipImprov.py:211:5:211:7 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:231:6:231:38 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:231:43:231:52 | GSSA Variable corpus_tar | semmle.label | GSSA Variable corpus_tar |
|
||||
| TarSlipImprov.py:233:9:233:9 | GSSA Variable f | semmle.label | GSSA Variable f |
|
||||
| TarSlipImprov.py:235:13:235:19 | [post] ControlFlowNode for members | semmle.label | [post] ControlFlowNode for members |
|
||||
| TarSlipImprov.py:235:28:235:28 | ControlFlowNode for f | semmle.label | ControlFlowNode for f |
|
||||
| TarSlipImprov.py:236:44:236:50 | ControlFlowNode for members | semmle.label | ControlFlowNode for members |
|
||||
| TarSlipImprov.py:254:1:254:31 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:258:6:258:26 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:258:31:258:33 | GSSA Variable tar | semmle.label | GSSA Variable tar |
|
||||
| TarSlipImprov.py:259:9:259:13 | GSSA Variable entry | semmle.label | GSSA Variable entry |
|
||||
| TarSlipImprov.py:261:25:261:29 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry |
|
||||
| TarSlipImprov.py:264:6:264:38 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:264:43:264:45 | GSSA Variable tar | semmle.label | GSSA Variable tar |
|
||||
| TarSlipImprov.py:265:9:265:13 | GSSA Variable entry | semmle.label | GSSA Variable entry |
|
||||
| TarSlipImprov.py:268:21:268:25 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry |
|
||||
| TarSlipImprov.py:271:6:271:39 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:271:44:271:46 | GSSA Variable tar | semmle.label | GSSA Variable tar |
|
||||
| TarSlipImprov.py:272:9:272:13 | GSSA Variable entry | semmle.label | GSSA Variable entry |
|
||||
| TarSlipImprov.py:274:25:274:29 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry |
|
||||
| TarSlipImprov.py:276:6:276:38 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:276:43:276:45 | GSSA Variable tar | semmle.label | GSSA Variable tar |
|
||||
| TarSlipImprov.py:277:9:277:13 | GSSA Variable entry | semmle.label | GSSA Variable entry |
|
||||
| TarSlipImprov.py:280:21:280:25 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry |
|
||||
| TarSlipImprov.py:283:6:283:51 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:283:56:283:58 | GSSA Variable tar | semmle.label | GSSA Variable tar |
|
||||
| TarSlipImprov.py:284:5:284:7 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:287:1:287:3 | GSSA Variable tar | semmle.label | GSSA Variable tar |
|
||||
| TarSlipImprov.py:287:7:287:28 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:288:49:288:51 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:292:1:292:3 | GSSA Variable tar | semmle.label | GSSA Variable tar |
|
||||
| TarSlipImprov.py:292:7:292:39 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:293:1:293:3 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:300:6:300:51 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:300:56:300:58 | GSSA Variable tar | semmle.label | GSSA Variable tar |
|
||||
| TarSlipImprov.py:301:49:301:51 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| TarSlipImprov.py:304:1:304:3 | GSSA Variable tar | semmle.label | GSSA Variable tar |
|
||||
| TarSlipImprov.py:304:7:304:39 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TarSlipImprov.py:306:5:306:10 | GSSA Variable member | semmle.label | GSSA Variable member |
|
||||
| TarSlipImprov.py:309:5:309:10 | [post] ControlFlowNode for result | semmle.label | [post] ControlFlowNode for result |
|
||||
|
||||
@@ -1,27 +1,37 @@
|
||||
edges
|
||||
| zipslip_bad.py:8:10:8:31 | ControlFlowNode for Attribute() | zipslip_bad.py:10:13:10:17 | SSA variable entry |
|
||||
| zipslip_bad.py:8:10:8:31 | ControlFlowNode for Attribute() | zipslip_bad.py:8:36:8:39 | SSA variable zipf |
|
||||
| zipslip_bad.py:8:36:8:39 | SSA variable zipf | zipslip_bad.py:10:13:10:17 | SSA variable entry |
|
||||
| zipslip_bad.py:10:13:10:17 | SSA variable entry | zipslip_bad.py:11:25:11:29 | ControlFlowNode for entry |
|
||||
| zipslip_bad.py:14:10:14:28 | ControlFlowNode for Attribute() | zipslip_bad.py:16:13:16:17 | SSA variable entry |
|
||||
| zipslip_bad.py:14:10:14:28 | ControlFlowNode for Attribute() | zipslip_bad.py:14:33:14:36 | SSA variable zipf |
|
||||
| zipslip_bad.py:14:33:14:36 | SSA variable zipf | zipslip_bad.py:16:13:16:17 | SSA variable entry |
|
||||
| zipslip_bad.py:16:13:16:17 | SSA variable entry | zipslip_bad.py:17:26:17:30 | ControlFlowNode for entry |
|
||||
| zipslip_bad.py:20:10:20:27 | ControlFlowNode for Attribute() | zipslip_bad.py:22:13:22:17 | SSA variable entry |
|
||||
| zipslip_bad.py:20:10:20:27 | ControlFlowNode for Attribute() | zipslip_bad.py:20:32:20:35 | SSA variable zipf |
|
||||
| zipslip_bad.py:20:32:20:35 | SSA variable zipf | zipslip_bad.py:22:13:22:17 | SSA variable entry |
|
||||
| zipslip_bad.py:22:13:22:17 | SSA variable entry | zipslip_bad.py:23:29:23:33 | ControlFlowNode for entry |
|
||||
| zipslip_bad.py:27:10:27:22 | ControlFlowNode for Attribute() | zipslip_bad.py:29:13:29:13 | SSA variable x |
|
||||
| zipslip_bad.py:27:10:27:22 | ControlFlowNode for Attribute() | zipslip_bad.py:27:27:27:34 | SSA variable filelist |
|
||||
| zipslip_bad.py:27:27:27:34 | SSA variable filelist | zipslip_bad.py:29:13:29:13 | SSA variable x |
|
||||
| zipslip_bad.py:29:13:29:13 | SSA variable x | zipslip_bad.py:30:25:30:25 | ControlFlowNode for x |
|
||||
| zipslip_bad.py:34:16:34:28 | ControlFlowNode for Attribute() | zipslip_bad.py:35:9:35:9 | SSA variable x |
|
||||
| zipslip_bad.py:34:5:34:12 | SSA variable filelist | zipslip_bad.py:35:9:35:9 | SSA variable x |
|
||||
| zipslip_bad.py:34:16:34:28 | ControlFlowNode for Attribute() | zipslip_bad.py:34:5:34:12 | SSA variable filelist |
|
||||
| zipslip_bad.py:35:9:35:9 | SSA variable x | zipslip_bad.py:37:32:37:32 | ControlFlowNode for x |
|
||||
nodes
|
||||
| zipslip_bad.py:8:10:8:31 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| zipslip_bad.py:8:36:8:39 | SSA variable zipf | semmle.label | SSA variable zipf |
|
||||
| zipslip_bad.py:10:13:10:17 | SSA variable entry | semmle.label | SSA variable entry |
|
||||
| zipslip_bad.py:11:25:11:29 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry |
|
||||
| zipslip_bad.py:14:10:14:28 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| zipslip_bad.py:14:33:14:36 | SSA variable zipf | semmle.label | SSA variable zipf |
|
||||
| zipslip_bad.py:16:13:16:17 | SSA variable entry | semmle.label | SSA variable entry |
|
||||
| zipslip_bad.py:17:26:17:30 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry |
|
||||
| zipslip_bad.py:20:10:20:27 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| zipslip_bad.py:20:32:20:35 | SSA variable zipf | semmle.label | SSA variable zipf |
|
||||
| zipslip_bad.py:22:13:22:17 | SSA variable entry | semmle.label | SSA variable entry |
|
||||
| zipslip_bad.py:23:29:23:33 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry |
|
||||
| zipslip_bad.py:27:10:27:22 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| zipslip_bad.py:27:27:27:34 | SSA variable filelist | semmle.label | SSA variable filelist |
|
||||
| zipslip_bad.py:29:13:29:13 | SSA variable x | semmle.label | SSA variable x |
|
||||
| zipslip_bad.py:30:25:30:25 | ControlFlowNode for x | semmle.label | ControlFlowNode for x |
|
||||
| zipslip_bad.py:34:5:34:12 | SSA variable filelist | semmle.label | SSA variable filelist |
|
||||
| zipslip_bad.py:34:16:34:28 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| zipslip_bad.py:35:9:35:9 | SSA variable x | semmle.label | SSA variable x |
|
||||
| zipslip_bad.py:37:32:37:32 | ControlFlowNode for x | semmle.label | ControlFlowNode for x |
|
||||
|
||||
@@ -1,76 +1,90 @@
|
||||
edges
|
||||
| UnsafeUnpack.py:5:26:5:32 | ControlFlowNode for ImportMember | UnsafeUnpack.py:5:26:5:32 | GSSA Variable request |
|
||||
| UnsafeUnpack.py:5:26:5:32 | GSSA Variable request | UnsafeUnpack.py:11:18:11:24 | ControlFlowNode for request |
|
||||
| UnsafeUnpack.py:11:7:11:14 | SSA variable filename | UnsafeUnpack.py:13:13:13:20 | SSA variable response |
|
||||
| UnsafeUnpack.py:11:18:11:24 | ControlFlowNode for request | UnsafeUnpack.py:11:7:11:14 | SSA variable filename |
|
||||
| UnsafeUnpack.py:11:18:11:24 | ControlFlowNode for request | UnsafeUnpack.py:11:18:11:29 | ControlFlowNode for Attribute |
|
||||
| UnsafeUnpack.py:11:18:11:29 | ControlFlowNode for Attribute | UnsafeUnpack.py:11:18:11:49 | ControlFlowNode for Attribute() |
|
||||
| UnsafeUnpack.py:11:18:11:29 | ControlFlowNode for Attribute | UnsafeUnpack.py:17:27:17:38 | ControlFlowNode for Attribute |
|
||||
| UnsafeUnpack.py:11:18:11:49 | ControlFlowNode for Attribute() | UnsafeUnpack.py:17:27:17:38 | ControlFlowNode for Attribute |
|
||||
| UnsafeUnpack.py:17:27:17:38 | ControlFlowNode for Attribute | UnsafeUnpack.py:19:35:19:41 | ControlFlowNode for tarpath |
|
||||
| UnsafeUnpack.py:11:18:11:49 | ControlFlowNode for Attribute() | UnsafeUnpack.py:11:7:11:14 | SSA variable filename |
|
||||
| UnsafeUnpack.py:13:13:13:20 | SSA variable response | UnsafeUnpack.py:19:35:19:41 | ControlFlowNode for tarpath |
|
||||
| UnsafeUnpack.py:33:50:33:65 | ControlFlowNode for local_ziped_path | UnsafeUnpack.py:34:23:34:38 | ControlFlowNode for local_ziped_path |
|
||||
| UnsafeUnpack.py:47:20:47:34 | ControlFlowNode for compressed_file | UnsafeUnpack.py:48:23:48:37 | ControlFlowNode for compressed_file |
|
||||
| UnsafeUnpack.py:51:19:51:36 | ControlFlowNode for Attribute() | UnsafeUnpack.py:52:23:52:37 | ControlFlowNode for compressed_file |
|
||||
| UnsafeUnpack.py:65:19:65:31 | ControlFlowNode for Attribute | UnsafeUnpack.py:66:23:66:37 | ControlFlowNode for compressed_file |
|
||||
| UnsafeUnpack.py:79:16:79:28 | ControlFlowNode for Attribute | UnsafeUnpack.py:85:15:85:26 | ControlFlowNode for Attribute |
|
||||
| UnsafeUnpack.py:79:16:79:28 | ControlFlowNode for Attribute | UnsafeUnpack.py:174:15:174:26 | ControlFlowNode for Attribute |
|
||||
| UnsafeUnpack.py:85:15:85:26 | ControlFlowNode for Attribute | UnsafeUnpack.py:87:23:87:29 | ControlFlowNode for tarpath |
|
||||
| UnsafeUnpack.py:51:1:51:15 | GSSA Variable compressed_file | UnsafeUnpack.py:52:23:52:37 | ControlFlowNode for compressed_file |
|
||||
| UnsafeUnpack.py:51:19:51:36 | ControlFlowNode for Attribute() | UnsafeUnpack.py:51:1:51:15 | GSSA Variable compressed_file |
|
||||
| UnsafeUnpack.py:65:1:65:15 | GSSA Variable compressed_file | UnsafeUnpack.py:66:23:66:37 | ControlFlowNode for compressed_file |
|
||||
| UnsafeUnpack.py:65:19:65:31 | ControlFlowNode for Attribute | UnsafeUnpack.py:65:1:65:15 | GSSA Variable compressed_file |
|
||||
| UnsafeUnpack.py:79:1:79:12 | GSSA Variable url_filename | UnsafeUnpack.py:81:1:81:8 | GSSA Variable response |
|
||||
| UnsafeUnpack.py:79:1:79:12 | GSSA Variable url_filename | UnsafeUnpack.py:171:1:171:8 | GSSA Variable response |
|
||||
| UnsafeUnpack.py:79:16:79:28 | ControlFlowNode for Attribute | UnsafeUnpack.py:79:1:79:12 | GSSA Variable url_filename |
|
||||
| UnsafeUnpack.py:81:1:81:8 | GSSA Variable response | UnsafeUnpack.py:87:23:87:29 | ControlFlowNode for tarpath |
|
||||
| UnsafeUnpack.py:103:23:103:27 | SSA variable chunk | UnsafeUnpack.py:105:35:105:42 | ControlFlowNode for savepath |
|
||||
| UnsafeUnpack.py:103:32:103:44 | ControlFlowNode for Attribute | UnsafeUnpack.py:103:32:103:54 | ControlFlowNode for Subscript |
|
||||
| UnsafeUnpack.py:103:32:103:54 | ControlFlowNode for Subscript | UnsafeUnpack.py:103:23:103:27 | SSA variable chunk |
|
||||
| UnsafeUnpack.py:103:32:103:44 | ControlFlowNode for Attribute | UnsafeUnpack.py:103:23:103:27 | SSA variable chunk |
|
||||
| UnsafeUnpack.py:108:13:108:18 | SSA variable myfile | UnsafeUnpack.py:112:35:112:43 | ControlFlowNode for file_path |
|
||||
| UnsafeUnpack.py:108:22:108:34 | ControlFlowNode for Attribute | UnsafeUnpack.py:108:13:108:18 | SSA variable myfile |
|
||||
| UnsafeUnpack.py:108:22:108:34 | ControlFlowNode for Attribute | UnsafeUnpack.py:108:22:108:48 | ControlFlowNode for Attribute() |
|
||||
| UnsafeUnpack.py:108:22:108:34 | ControlFlowNode for Attribute | UnsafeUnpack.py:112:35:112:43 | ControlFlowNode for file_path |
|
||||
| UnsafeUnpack.py:108:22:108:48 | ControlFlowNode for Attribute() | UnsafeUnpack.py:112:35:112:43 | ControlFlowNode for file_path |
|
||||
| UnsafeUnpack.py:116:17:116:21 | SSA variable ufile | UnsafeUnpack.py:118:38:118:47 | ControlFlowNode for Attribute |
|
||||
| UnsafeUnpack.py:108:22:108:48 | ControlFlowNode for Attribute() | UnsafeUnpack.py:108:13:108:18 | SSA variable myfile |
|
||||
| UnsafeUnpack.py:116:17:116:21 | SSA variable ufile | UnsafeUnpack.py:118:19:118:26 | SSA variable filename |
|
||||
| UnsafeUnpack.py:116:27:116:39 | ControlFlowNode for Attribute | UnsafeUnpack.py:116:17:116:21 | SSA variable ufile |
|
||||
| UnsafeUnpack.py:118:38:118:47 | ControlFlowNode for Attribute | UnsafeUnpack.py:120:41:120:58 | ControlFlowNode for uploaded_file_path |
|
||||
| UnsafeUnpack.py:140:23:140:35 | ControlFlowNode for Attribute | UnsafeUnpack.py:142:49:142:51 | ControlFlowNode for tar |
|
||||
| UnsafeUnpack.py:158:23:158:27 | SSA variable chunk | UnsafeUnpack.py:163:23:163:28 | SSA variable member |
|
||||
| UnsafeUnpack.py:158:32:158:44 | ControlFlowNode for Attribute | UnsafeUnpack.py:158:32:158:54 | ControlFlowNode for Subscript |
|
||||
| UnsafeUnpack.py:158:32:158:54 | ControlFlowNode for Subscript | UnsafeUnpack.py:158:23:158:27 | SSA variable chunk |
|
||||
| UnsafeUnpack.py:118:19:118:26 | SSA variable filename | UnsafeUnpack.py:119:19:119:36 | SSA variable uploaded_file_path |
|
||||
| UnsafeUnpack.py:119:19:119:36 | SSA variable uploaded_file_path | UnsafeUnpack.py:120:41:120:58 | ControlFlowNode for uploaded_file_path |
|
||||
| UnsafeUnpack.py:140:1:140:19 | GSSA Variable unsafe_filename_tar | UnsafeUnpack.py:141:56:141:58 | GSSA Variable tar |
|
||||
| UnsafeUnpack.py:140:23:140:35 | ControlFlowNode for Attribute | UnsafeUnpack.py:140:1:140:19 | GSSA Variable unsafe_filename_tar |
|
||||
| UnsafeUnpack.py:141:56:141:58 | GSSA Variable tar | UnsafeUnpack.py:142:49:142:51 | ControlFlowNode for tar |
|
||||
| UnsafeUnpack.py:158:23:158:27 | SSA variable chunk | UnsafeUnpack.py:161:19:161:21 | SSA variable tar |
|
||||
| UnsafeUnpack.py:158:32:158:44 | ControlFlowNode for Attribute | UnsafeUnpack.py:158:23:158:27 | SSA variable chunk |
|
||||
| UnsafeUnpack.py:161:19:161:21 | SSA variable tar | UnsafeUnpack.py:163:23:163:28 | SSA variable member |
|
||||
| UnsafeUnpack.py:163:23:163:28 | SSA variable member | UnsafeUnpack.py:166:37:166:42 | ControlFlowNode for member |
|
||||
| UnsafeUnpack.py:166:23:166:28 | [post] ControlFlowNode for result | UnsafeUnpack.py:167:67:167:72 | ControlFlowNode for result |
|
||||
| UnsafeUnpack.py:166:37:166:42 | ControlFlowNode for member | UnsafeUnpack.py:166:23:166:28 | [post] ControlFlowNode for result |
|
||||
| UnsafeUnpack.py:174:15:174:26 | ControlFlowNode for Attribute | UnsafeUnpack.py:176:1:176:34 | ControlFlowNode for Attribute() |
|
||||
| UnsafeUnpack.py:171:1:171:8 | GSSA Variable response | UnsafeUnpack.py:176:1:176:34 | ControlFlowNode for Attribute() |
|
||||
| UnsafeUnpack.py:194:53:194:55 | ControlFlowNode for tmp | UnsafeUnpack.py:201:29:201:36 | ControlFlowNode for Attribute |
|
||||
nodes
|
||||
| UnsafeUnpack.py:5:26:5:32 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| UnsafeUnpack.py:5:26:5:32 | GSSA Variable request | semmle.label | GSSA Variable request |
|
||||
| UnsafeUnpack.py:11:7:11:14 | SSA variable filename | semmle.label | SSA variable filename |
|
||||
| UnsafeUnpack.py:11:18:11:24 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| UnsafeUnpack.py:11:18:11:29 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| UnsafeUnpack.py:11:18:11:49 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| UnsafeUnpack.py:17:27:17:38 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| UnsafeUnpack.py:13:13:13:20 | SSA variable response | semmle.label | SSA variable response |
|
||||
| UnsafeUnpack.py:19:35:19:41 | ControlFlowNode for tarpath | semmle.label | ControlFlowNode for tarpath |
|
||||
| UnsafeUnpack.py:33:50:33:65 | ControlFlowNode for local_ziped_path | semmle.label | ControlFlowNode for local_ziped_path |
|
||||
| UnsafeUnpack.py:34:23:34:38 | ControlFlowNode for local_ziped_path | semmle.label | ControlFlowNode for local_ziped_path |
|
||||
| UnsafeUnpack.py:47:20:47:34 | ControlFlowNode for compressed_file | semmle.label | ControlFlowNode for compressed_file |
|
||||
| UnsafeUnpack.py:48:23:48:37 | ControlFlowNode for compressed_file | semmle.label | ControlFlowNode for compressed_file |
|
||||
| UnsafeUnpack.py:51:1:51:15 | GSSA Variable compressed_file | semmle.label | GSSA Variable compressed_file |
|
||||
| UnsafeUnpack.py:51:19:51:36 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| UnsafeUnpack.py:52:23:52:37 | ControlFlowNode for compressed_file | semmle.label | ControlFlowNode for compressed_file |
|
||||
| UnsafeUnpack.py:65:1:65:15 | GSSA Variable compressed_file | semmle.label | GSSA Variable compressed_file |
|
||||
| UnsafeUnpack.py:65:19:65:31 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| UnsafeUnpack.py:66:23:66:37 | ControlFlowNode for compressed_file | semmle.label | ControlFlowNode for compressed_file |
|
||||
| UnsafeUnpack.py:79:1:79:12 | GSSA Variable url_filename | semmle.label | GSSA Variable url_filename |
|
||||
| UnsafeUnpack.py:79:16:79:28 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| UnsafeUnpack.py:85:15:85:26 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| UnsafeUnpack.py:81:1:81:8 | GSSA Variable response | semmle.label | GSSA Variable response |
|
||||
| UnsafeUnpack.py:87:23:87:29 | ControlFlowNode for tarpath | semmle.label | ControlFlowNode for tarpath |
|
||||
| UnsafeUnpack.py:103:23:103:27 | SSA variable chunk | semmle.label | SSA variable chunk |
|
||||
| UnsafeUnpack.py:103:32:103:44 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| UnsafeUnpack.py:103:32:103:54 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| UnsafeUnpack.py:105:35:105:42 | ControlFlowNode for savepath | semmle.label | ControlFlowNode for savepath |
|
||||
| UnsafeUnpack.py:108:13:108:18 | SSA variable myfile | semmle.label | SSA variable myfile |
|
||||
| UnsafeUnpack.py:108:22:108:34 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| UnsafeUnpack.py:108:22:108:48 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| UnsafeUnpack.py:112:35:112:43 | ControlFlowNode for file_path | semmle.label | ControlFlowNode for file_path |
|
||||
| UnsafeUnpack.py:116:17:116:21 | SSA variable ufile | semmle.label | SSA variable ufile |
|
||||
| UnsafeUnpack.py:116:27:116:39 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| UnsafeUnpack.py:118:38:118:47 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| UnsafeUnpack.py:118:19:118:26 | SSA variable filename | semmle.label | SSA variable filename |
|
||||
| UnsafeUnpack.py:119:19:119:36 | SSA variable uploaded_file_path | semmle.label | SSA variable uploaded_file_path |
|
||||
| UnsafeUnpack.py:120:41:120:58 | ControlFlowNode for uploaded_file_path | semmle.label | ControlFlowNode for uploaded_file_path |
|
||||
| UnsafeUnpack.py:140:1:140:19 | GSSA Variable unsafe_filename_tar | semmle.label | GSSA Variable unsafe_filename_tar |
|
||||
| UnsafeUnpack.py:140:23:140:35 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| UnsafeUnpack.py:141:56:141:58 | GSSA Variable tar | semmle.label | GSSA Variable tar |
|
||||
| UnsafeUnpack.py:142:49:142:51 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
|
||||
| UnsafeUnpack.py:158:23:158:27 | SSA variable chunk | semmle.label | SSA variable chunk |
|
||||
| UnsafeUnpack.py:158:32:158:44 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| UnsafeUnpack.py:158:32:158:54 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| UnsafeUnpack.py:161:19:161:21 | SSA variable tar | semmle.label | SSA variable tar |
|
||||
| UnsafeUnpack.py:163:23:163:28 | SSA variable member | semmle.label | SSA variable member |
|
||||
| UnsafeUnpack.py:166:23:166:28 | [post] ControlFlowNode for result | semmle.label | [post] ControlFlowNode for result |
|
||||
| UnsafeUnpack.py:166:37:166:42 | ControlFlowNode for member | semmle.label | ControlFlowNode for member |
|
||||
| UnsafeUnpack.py:167:67:167:72 | ControlFlowNode for result | semmle.label | ControlFlowNode for result |
|
||||
| UnsafeUnpack.py:174:15:174:26 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| UnsafeUnpack.py:171:1:171:8 | GSSA Variable response | semmle.label | GSSA Variable response |
|
||||
| UnsafeUnpack.py:176:1:176:34 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| UnsafeUnpack.py:194:53:194:55 | ControlFlowNode for tmp | semmle.label | ControlFlowNode for tmp |
|
||||
| UnsafeUnpack.py:201:29:201:36 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
|
||||
@@ -3,50 +3,37 @@ edges
|
||||
| flask_mail.py:1:19:1:25 | GSSA Variable request | flask_mail.py:13:22:13:28 | ControlFlowNode for request |
|
||||
| flask_mail.py:1:19:1:25 | GSSA Variable request | flask_mail.py:18:14:18:20 | ControlFlowNode for request |
|
||||
| flask_mail.py:1:19:1:25 | GSSA Variable request | flask_mail.py:31:24:31:30 | ControlFlowNode for request |
|
||||
| flask_mail.py:13:22:13:28 | ControlFlowNode for request | flask_mail.py:13:22:13:33 | ControlFlowNode for Attribute |
|
||||
| flask_mail.py:13:22:13:28 | ControlFlowNode for request | flask_mail.py:18:14:18:25 | ControlFlowNode for Attribute |
|
||||
| flask_mail.py:13:22:13:33 | ControlFlowNode for Attribute | flask_mail.py:13:22:13:41 | ControlFlowNode for Subscript |
|
||||
| flask_mail.py:18:14:18:20 | ControlFlowNode for request | flask_mail.py:18:14:18:25 | ControlFlowNode for Attribute |
|
||||
| flask_mail.py:18:14:18:25 | ControlFlowNode for Attribute | flask_mail.py:18:14:18:33 | ControlFlowNode for Subscript |
|
||||
| flask_mail.py:31:24:31:30 | ControlFlowNode for request | flask_mail.py:31:24:31:35 | ControlFlowNode for Attribute |
|
||||
| flask_mail.py:31:24:31:35 | ControlFlowNode for Attribute | flask_mail.py:31:24:31:43 | ControlFlowNode for Subscript |
|
||||
| flask_mail.py:13:22:13:28 | ControlFlowNode for request | flask_mail.py:13:22:13:41 | ControlFlowNode for Subscript |
|
||||
| flask_mail.py:13:22:13:28 | ControlFlowNode for request | flask_mail.py:18:14:18:33 | ControlFlowNode for Subscript |
|
||||
| flask_mail.py:18:14:18:20 | ControlFlowNode for request | flask_mail.py:18:14:18:33 | ControlFlowNode for Subscript |
|
||||
| flask_mail.py:31:24:31:30 | ControlFlowNode for request | flask_mail.py:31:24:31:43 | ControlFlowNode for Subscript |
|
||||
| sendgrid_mail.py:1:19:1:25 | ControlFlowNode for ImportMember | sendgrid_mail.py:1:19:1:25 | GSSA Variable request |
|
||||
| sendgrid_mail.py:1:19:1:25 | GSSA Variable request | sendgrid_mail.py:14:22:14:28 | ControlFlowNode for request |
|
||||
| sendgrid_mail.py:1:19:1:25 | GSSA Variable request | sendgrid_mail.py:26:34:26:40 | ControlFlowNode for request |
|
||||
| sendgrid_mail.py:1:19:1:25 | GSSA Variable request | sendgrid_mail.py:37:41:37:47 | ControlFlowNode for request |
|
||||
| sendgrid_mail.py:14:22:14:28 | ControlFlowNode for request | sendgrid_mail.py:14:22:14:33 | ControlFlowNode for Attribute |
|
||||
| sendgrid_mail.py:14:22:14:33 | ControlFlowNode for Attribute | sendgrid_mail.py:14:22:14:49 | ControlFlowNode for Subscript |
|
||||
| sendgrid_mail.py:26:34:26:40 | ControlFlowNode for request | sendgrid_mail.py:26:34:26:45 | ControlFlowNode for Attribute |
|
||||
| sendgrid_mail.py:26:34:26:45 | ControlFlowNode for Attribute | sendgrid_mail.py:26:34:26:61 | ControlFlowNode for Subscript |
|
||||
| sendgrid_mail.py:26:34:26:61 | ControlFlowNode for Subscript | sendgrid_mail.py:26:22:26:62 | ControlFlowNode for HtmlContent() |
|
||||
| sendgrid_mail.py:37:41:37:47 | ControlFlowNode for request | sendgrid_mail.py:37:41:37:52 | ControlFlowNode for Attribute |
|
||||
| sendgrid_mail.py:37:41:37:52 | ControlFlowNode for Attribute | sendgrid_mail.py:37:41:37:68 | ControlFlowNode for Subscript |
|
||||
| sendgrid_mail.py:14:22:14:28 | ControlFlowNode for request | sendgrid_mail.py:14:22:14:49 | ControlFlowNode for Subscript |
|
||||
| sendgrid_mail.py:26:34:26:40 | ControlFlowNode for request | sendgrid_mail.py:26:22:26:62 | ControlFlowNode for HtmlContent() |
|
||||
| sendgrid_mail.py:37:41:37:47 | ControlFlowNode for request | sendgrid_mail.py:37:41:37:68 | ControlFlowNode for Subscript |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:3:19:3:25 | ControlFlowNode for ImportMember | sendgrid_via_mail_send_post_request_body_bad.py:3:19:3:25 | GSSA Variable request |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:3:19:3:25 | GSSA Variable request | sendgrid_via_mail_send_post_request_body_bad.py:16:51:16:57 | ControlFlowNode for request |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:3:19:3:25 | GSSA Variable request | sendgrid_via_mail_send_post_request_body_bad.py:27:50:27:56 | ControlFlowNode for request |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:3:19:3:25 | GSSA Variable request | sendgrid_via_mail_send_post_request_body_bad.py:41:50:41:56 | ControlFlowNode for request |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:16:51:16:57 | ControlFlowNode for request | sendgrid_via_mail_send_post_request_body_bad.py:16:51:16:62 | ControlFlowNode for Attribute |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:16:51:16:57 | ControlFlowNode for request | sendgrid_via_mail_send_post_request_body_bad.py:27:50:27:61 | ControlFlowNode for Attribute |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:16:51:16:57 | ControlFlowNode for request | sendgrid_via_mail_send_post_request_body_bad.py:41:50:41:61 | ControlFlowNode for Attribute |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:16:51:16:62 | ControlFlowNode for Attribute | sendgrid_via_mail_send_post_request_body_bad.py:16:51:16:78 | ControlFlowNode for Subscript |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:16:51:16:78 | ControlFlowNode for Subscript | sendgrid_via_mail_send_post_request_body_bad.py:16:26:16:79 | ControlFlowNode for Attribute() |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:27:50:27:56 | ControlFlowNode for request | sendgrid_via_mail_send_post_request_body_bad.py:27:50:27:61 | ControlFlowNode for Attribute |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:27:50:27:56 | ControlFlowNode for request | sendgrid_via_mail_send_post_request_body_bad.py:41:50:41:61 | ControlFlowNode for Attribute |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:27:50:27:61 | ControlFlowNode for Attribute | sendgrid_via_mail_send_post_request_body_bad.py:27:50:27:76 | ControlFlowNode for Subscript |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:27:50:27:76 | ControlFlowNode for Subscript | sendgrid_via_mail_send_post_request_body_bad.py:27:25:27:77 | ControlFlowNode for Attribute() |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:41:50:41:56 | ControlFlowNode for request | sendgrid_via_mail_send_post_request_body_bad.py:41:50:41:61 | ControlFlowNode for Attribute |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:41:50:41:61 | ControlFlowNode for Attribute | sendgrid_via_mail_send_post_request_body_bad.py:41:50:41:78 | ControlFlowNode for Subscript |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:41:50:41:78 | ControlFlowNode for Subscript | sendgrid_via_mail_send_post_request_body_bad.py:41:25:41:79 | ControlFlowNode for Attribute() |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:16:51:16:57 | ControlFlowNode for request | sendgrid_via_mail_send_post_request_body_bad.py:16:26:16:79 | ControlFlowNode for Attribute() |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:16:51:16:57 | ControlFlowNode for request | sendgrid_via_mail_send_post_request_body_bad.py:27:25:27:77 | ControlFlowNode for Attribute() |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:16:51:16:57 | ControlFlowNode for request | sendgrid_via_mail_send_post_request_body_bad.py:41:25:41:79 | ControlFlowNode for Attribute() |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:27:50:27:56 | ControlFlowNode for request | sendgrid_via_mail_send_post_request_body_bad.py:27:25:27:77 | ControlFlowNode for Attribute() |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:27:50:27:56 | ControlFlowNode for request | sendgrid_via_mail_send_post_request_body_bad.py:41:25:41:79 | ControlFlowNode for Attribute() |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:41:50:41:56 | ControlFlowNode for request | sendgrid_via_mail_send_post_request_body_bad.py:41:25:41:79 | ControlFlowNode for Attribute() |
|
||||
| smtplib_bad_subparts.py:2:26:2:32 | ControlFlowNode for ImportMember | smtplib_bad_subparts.py:2:26:2:32 | GSSA Variable request |
|
||||
| smtplib_bad_subparts.py:2:26:2:32 | GSSA Variable request | smtplib_bad_subparts.py:17:12:17:18 | ControlFlowNode for request |
|
||||
| smtplib_bad_subparts.py:17:12:17:18 | ControlFlowNode for request | smtplib_bad_subparts.py:17:12:17:23 | ControlFlowNode for Attribute |
|
||||
| smtplib_bad_subparts.py:17:12:17:23 | ControlFlowNode for Attribute | smtplib_bad_subparts.py:17:12:17:33 | ControlFlowNode for Subscript |
|
||||
| smtplib_bad_subparts.py:17:12:17:33 | ControlFlowNode for Subscript | smtplib_bad_subparts.py:24:22:24:25 | ControlFlowNode for html |
|
||||
| smtplib_bad_subparts.py:17:5:17:8 | SSA variable name | smtplib_bad_subparts.py:20:5:20:8 | SSA variable html |
|
||||
| smtplib_bad_subparts.py:17:12:17:18 | ControlFlowNode for request | smtplib_bad_subparts.py:17:5:17:8 | SSA variable name |
|
||||
| smtplib_bad_subparts.py:20:5:20:8 | SSA variable html | smtplib_bad_subparts.py:24:22:24:25 | ControlFlowNode for html |
|
||||
| smtplib_bad_via_attach.py:2:26:2:32 | ControlFlowNode for ImportMember | smtplib_bad_via_attach.py:2:26:2:32 | GSSA Variable request |
|
||||
| smtplib_bad_via_attach.py:2:26:2:32 | GSSA Variable request | smtplib_bad_via_attach.py:20:12:20:18 | ControlFlowNode for request |
|
||||
| smtplib_bad_via_attach.py:20:12:20:18 | ControlFlowNode for request | smtplib_bad_via_attach.py:20:12:20:23 | ControlFlowNode for Attribute |
|
||||
| smtplib_bad_via_attach.py:20:12:20:23 | ControlFlowNode for Attribute | smtplib_bad_via_attach.py:20:12:20:31 | ControlFlowNode for Subscript |
|
||||
| smtplib_bad_via_attach.py:20:12:20:31 | ControlFlowNode for Subscript | smtplib_bad_via_attach.py:27:22:27:25 | ControlFlowNode for html |
|
||||
| smtplib_bad_via_attach.py:20:5:20:8 | SSA variable name | smtplib_bad_via_attach.py:23:5:23:8 | SSA variable html |
|
||||
| smtplib_bad_via_attach.py:20:12:20:18 | ControlFlowNode for request | smtplib_bad_via_attach.py:20:5:20:8 | SSA variable name |
|
||||
| smtplib_bad_via_attach.py:23:5:23:8 | SSA variable html | smtplib_bad_via_attach.py:27:22:27:25 | ControlFlowNode for html |
|
||||
nodes
|
||||
| django_mail.py:14:48:14:82 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| django_mail.py:23:30:23:64 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
@@ -54,51 +41,38 @@ nodes
|
||||
| flask_mail.py:1:19:1:25 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| flask_mail.py:1:19:1:25 | GSSA Variable request | semmle.label | GSSA Variable request |
|
||||
| flask_mail.py:13:22:13:28 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| flask_mail.py:13:22:13:33 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| flask_mail.py:13:22:13:41 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| flask_mail.py:18:14:18:20 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| flask_mail.py:18:14:18:25 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| flask_mail.py:18:14:18:33 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| flask_mail.py:31:24:31:30 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| flask_mail.py:31:24:31:35 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| flask_mail.py:31:24:31:43 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| sendgrid_mail.py:1:19:1:25 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| sendgrid_mail.py:1:19:1:25 | GSSA Variable request | semmle.label | GSSA Variable request |
|
||||
| sendgrid_mail.py:14:22:14:28 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| sendgrid_mail.py:14:22:14:33 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| sendgrid_mail.py:14:22:14:49 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| sendgrid_mail.py:26:22:26:62 | ControlFlowNode for HtmlContent() | semmle.label | ControlFlowNode for HtmlContent() |
|
||||
| sendgrid_mail.py:26:34:26:40 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| sendgrid_mail.py:26:34:26:45 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| sendgrid_mail.py:26:34:26:61 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| sendgrid_mail.py:37:41:37:47 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| sendgrid_mail.py:37:41:37:52 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| sendgrid_mail.py:37:41:37:68 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:3:19:3:25 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:3:19:3:25 | GSSA Variable request | semmle.label | GSSA Variable request |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:16:26:16:79 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:16:51:16:57 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:16:51:16:62 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:16:51:16:78 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:27:25:27:77 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:27:50:27:56 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:27:50:27:61 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:27:50:27:76 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:41:25:41:79 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:41:50:41:56 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:41:50:41:61 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| sendgrid_via_mail_send_post_request_body_bad.py:41:50:41:78 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| smtplib_bad_subparts.py:2:26:2:32 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| smtplib_bad_subparts.py:2:26:2:32 | GSSA Variable request | semmle.label | GSSA Variable request |
|
||||
| smtplib_bad_subparts.py:17:5:17:8 | SSA variable name | semmle.label | SSA variable name |
|
||||
| smtplib_bad_subparts.py:17:12:17:18 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| smtplib_bad_subparts.py:17:12:17:23 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| smtplib_bad_subparts.py:17:12:17:33 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| smtplib_bad_subparts.py:20:5:20:8 | SSA variable html | semmle.label | SSA variable html |
|
||||
| smtplib_bad_subparts.py:24:22:24:25 | ControlFlowNode for html | semmle.label | ControlFlowNode for html |
|
||||
| smtplib_bad_via_attach.py:2:26:2:32 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| smtplib_bad_via_attach.py:2:26:2:32 | GSSA Variable request | semmle.label | GSSA Variable request |
|
||||
| smtplib_bad_via_attach.py:20:5:20:8 | SSA variable name | semmle.label | SSA variable name |
|
||||
| smtplib_bad_via_attach.py:20:12:20:18 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| smtplib_bad_via_attach.py:20:12:20:23 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| smtplib_bad_via_attach.py:20:12:20:31 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| smtplib_bad_via_attach.py:23:5:23:8 | SSA variable html | semmle.label | SSA variable html |
|
||||
| smtplib_bad_via_attach.py:27:22:27:25 | ControlFlowNode for html | semmle.label | ControlFlowNode for html |
|
||||
subpaths
|
||||
#select
|
||||
|
||||
@@ -1,45 +1,41 @@
|
||||
edges
|
||||
| django_bad.py:5:18:5:58 | ControlFlowNode for Attribute() | django_bad.py:7:40:7:49 | ControlFlowNode for rfs_header |
|
||||
| django_bad.py:12:18:12:58 | ControlFlowNode for Attribute() | django_bad.py:14:30:14:39 | ControlFlowNode for rfs_header |
|
||||
| django_bad.py:5:5:5:14 | SSA variable rfs_header | django_bad.py:7:40:7:49 | ControlFlowNode for rfs_header |
|
||||
| django_bad.py:5:18:5:58 | ControlFlowNode for Attribute() | django_bad.py:5:5:5:14 | SSA variable rfs_header |
|
||||
| django_bad.py:12:5:12:14 | SSA variable rfs_header | django_bad.py:14:30:14:39 | ControlFlowNode for rfs_header |
|
||||
| django_bad.py:12:18:12:58 | ControlFlowNode for Attribute() | django_bad.py:12:5:12:14 | SSA variable rfs_header |
|
||||
| flask_bad.py:1:29:1:35 | ControlFlowNode for ImportMember | flask_bad.py:1:29:1:35 | GSSA Variable request |
|
||||
| flask_bad.py:1:29:1:35 | GSSA Variable request | flask_bad.py:9:18:9:24 | ControlFlowNode for request |
|
||||
| flask_bad.py:1:29:1:35 | GSSA Variable request | flask_bad.py:19:18:19:24 | ControlFlowNode for request |
|
||||
| flask_bad.py:1:29:1:35 | GSSA Variable request | flask_bad.py:27:18:27:24 | ControlFlowNode for request |
|
||||
| flask_bad.py:1:29:1:35 | GSSA Variable request | flask_bad.py:35:18:35:24 | ControlFlowNode for request |
|
||||
| flask_bad.py:9:18:9:24 | ControlFlowNode for request | flask_bad.py:9:18:9:29 | ControlFlowNode for Attribute |
|
||||
| flask_bad.py:9:18:9:29 | ControlFlowNode for Attribute | flask_bad.py:9:18:9:43 | ControlFlowNode for Subscript |
|
||||
| flask_bad.py:9:18:9:43 | ControlFlowNode for Subscript | flask_bad.py:12:31:12:40 | ControlFlowNode for rfs_header |
|
||||
| flask_bad.py:19:18:19:24 | ControlFlowNode for request | flask_bad.py:19:18:19:29 | ControlFlowNode for Attribute |
|
||||
| flask_bad.py:19:18:19:29 | ControlFlowNode for Attribute | flask_bad.py:19:18:19:43 | ControlFlowNode for Subscript |
|
||||
| flask_bad.py:19:18:19:43 | ControlFlowNode for Subscript | flask_bad.py:21:38:21:47 | ControlFlowNode for rfs_header |
|
||||
| flask_bad.py:27:18:27:24 | ControlFlowNode for request | flask_bad.py:27:18:27:29 | ControlFlowNode for Attribute |
|
||||
| flask_bad.py:27:18:27:29 | ControlFlowNode for Attribute | flask_bad.py:27:18:27:43 | ControlFlowNode for Subscript |
|
||||
| flask_bad.py:27:18:27:43 | ControlFlowNode for Subscript | flask_bad.py:29:34:29:43 | ControlFlowNode for rfs_header |
|
||||
| flask_bad.py:35:18:35:24 | ControlFlowNode for request | flask_bad.py:35:18:35:29 | ControlFlowNode for Attribute |
|
||||
| flask_bad.py:35:18:35:29 | ControlFlowNode for Attribute | flask_bad.py:35:18:35:43 | ControlFlowNode for Subscript |
|
||||
| flask_bad.py:35:18:35:43 | ControlFlowNode for Subscript | flask_bad.py:38:24:38:33 | ControlFlowNode for rfs_header |
|
||||
| flask_bad.py:9:5:9:14 | SSA variable rfs_header | flask_bad.py:12:31:12:40 | ControlFlowNode for rfs_header |
|
||||
| flask_bad.py:9:18:9:24 | ControlFlowNode for request | flask_bad.py:9:5:9:14 | SSA variable rfs_header |
|
||||
| flask_bad.py:19:5:19:14 | SSA variable rfs_header | flask_bad.py:21:38:21:47 | ControlFlowNode for rfs_header |
|
||||
| flask_bad.py:19:18:19:24 | ControlFlowNode for request | flask_bad.py:19:5:19:14 | SSA variable rfs_header |
|
||||
| flask_bad.py:27:5:27:14 | SSA variable rfs_header | flask_bad.py:29:34:29:43 | ControlFlowNode for rfs_header |
|
||||
| flask_bad.py:27:18:27:24 | ControlFlowNode for request | flask_bad.py:27:5:27:14 | SSA variable rfs_header |
|
||||
| flask_bad.py:35:5:35:14 | SSA variable rfs_header | flask_bad.py:38:24:38:33 | ControlFlowNode for rfs_header |
|
||||
| flask_bad.py:35:18:35:24 | ControlFlowNode for request | flask_bad.py:35:5:35:14 | SSA variable rfs_header |
|
||||
nodes
|
||||
| django_bad.py:5:5:5:14 | SSA variable rfs_header | semmle.label | SSA variable rfs_header |
|
||||
| django_bad.py:5:18:5:58 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| django_bad.py:7:40:7:49 | ControlFlowNode for rfs_header | semmle.label | ControlFlowNode for rfs_header |
|
||||
| django_bad.py:12:5:12:14 | SSA variable rfs_header | semmle.label | SSA variable rfs_header |
|
||||
| django_bad.py:12:18:12:58 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| django_bad.py:14:30:14:39 | ControlFlowNode for rfs_header | semmle.label | ControlFlowNode for rfs_header |
|
||||
| flask_bad.py:1:29:1:35 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| flask_bad.py:1:29:1:35 | GSSA Variable request | semmle.label | GSSA Variable request |
|
||||
| flask_bad.py:9:5:9:14 | SSA variable rfs_header | semmle.label | SSA variable rfs_header |
|
||||
| flask_bad.py:9:18:9:24 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| flask_bad.py:9:18:9:29 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| flask_bad.py:9:18:9:43 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| flask_bad.py:12:31:12:40 | ControlFlowNode for rfs_header | semmle.label | ControlFlowNode for rfs_header |
|
||||
| flask_bad.py:19:5:19:14 | SSA variable rfs_header | semmle.label | SSA variable rfs_header |
|
||||
| flask_bad.py:19:18:19:24 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| flask_bad.py:19:18:19:29 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| flask_bad.py:19:18:19:43 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| flask_bad.py:21:38:21:47 | ControlFlowNode for rfs_header | semmle.label | ControlFlowNode for rfs_header |
|
||||
| flask_bad.py:27:5:27:14 | SSA variable rfs_header | semmle.label | SSA variable rfs_header |
|
||||
| flask_bad.py:27:18:27:24 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| flask_bad.py:27:18:27:29 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| flask_bad.py:27:18:27:43 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| flask_bad.py:29:34:29:43 | ControlFlowNode for rfs_header | semmle.label | ControlFlowNode for rfs_header |
|
||||
| flask_bad.py:35:5:35:14 | SSA variable rfs_header | semmle.label | SSA variable rfs_header |
|
||||
| flask_bad.py:35:18:35:24 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| flask_bad.py:35:18:35:29 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| flask_bad.py:35:18:35:43 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| flask_bad.py:38:24:38:33 | ControlFlowNode for rfs_header | semmle.label | ControlFlowNode for rfs_header |
|
||||
subpaths
|
||||
#select
|
||||
|
||||
@@ -2,21 +2,25 @@ edges
|
||||
| csv_bad.py:9:19:9:25 | ControlFlowNode for ImportMember | csv_bad.py:9:19:9:25 | GSSA Variable request |
|
||||
| csv_bad.py:9:19:9:25 | GSSA Variable request | csv_bad.py:16:16:16:22 | ControlFlowNode for request |
|
||||
| csv_bad.py:9:19:9:25 | GSSA Variable request | csv_bad.py:24:16:24:22 | ControlFlowNode for request |
|
||||
| csv_bad.py:16:5:16:12 | SSA variable csv_data | csv_bad.py:18:24:18:31 | ControlFlowNode for csv_data |
|
||||
| csv_bad.py:16:5:16:12 | SSA variable csv_data | csv_bad.py:19:25:19:32 | ControlFlowNode for csv_data |
|
||||
| csv_bad.py:16:16:16:22 | ControlFlowNode for request | csv_bad.py:16:16:16:27 | ControlFlowNode for Attribute |
|
||||
| csv_bad.py:16:16:16:27 | ControlFlowNode for Attribute | csv_bad.py:16:16:16:38 | ControlFlowNode for Attribute() |
|
||||
| csv_bad.py:16:16:16:38 | ControlFlowNode for Attribute() | csv_bad.py:18:24:18:31 | ControlFlowNode for csv_data |
|
||||
| csv_bad.py:16:16:16:38 | ControlFlowNode for Attribute() | csv_bad.py:19:25:19:32 | ControlFlowNode for csv_data |
|
||||
| csv_bad.py:16:16:16:38 | ControlFlowNode for Attribute() | csv_bad.py:16:5:16:12 | SSA variable csv_data |
|
||||
| csv_bad.py:24:5:24:12 | SSA variable csv_data | csv_bad.py:25:46:25:53 | ControlFlowNode for csv_data |
|
||||
| csv_bad.py:24:16:24:22 | ControlFlowNode for request | csv_bad.py:24:16:24:27 | ControlFlowNode for Attribute |
|
||||
| csv_bad.py:24:16:24:27 | ControlFlowNode for Attribute | csv_bad.py:24:16:24:38 | ControlFlowNode for Attribute() |
|
||||
| csv_bad.py:24:16:24:38 | ControlFlowNode for Attribute() | csv_bad.py:25:46:25:53 | ControlFlowNode for csv_data |
|
||||
| csv_bad.py:24:16:24:38 | ControlFlowNode for Attribute() | csv_bad.py:24:5:24:12 | SSA variable csv_data |
|
||||
nodes
|
||||
| csv_bad.py:9:19:9:25 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| csv_bad.py:9:19:9:25 | GSSA Variable request | semmle.label | GSSA Variable request |
|
||||
| csv_bad.py:16:5:16:12 | SSA variable csv_data | semmle.label | SSA variable csv_data |
|
||||
| csv_bad.py:16:16:16:22 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| csv_bad.py:16:16:16:27 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| csv_bad.py:16:16:16:38 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| csv_bad.py:18:24:18:31 | ControlFlowNode for csv_data | semmle.label | ControlFlowNode for csv_data |
|
||||
| csv_bad.py:19:25:19:32 | ControlFlowNode for csv_data | semmle.label | ControlFlowNode for csv_data |
|
||||
| csv_bad.py:24:5:24:12 | SSA variable csv_data | semmle.label | SSA variable csv_data |
|
||||
| csv_bad.py:24:16:24:22 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| csv_bad.py:24:16:24:27 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| csv_bad.py:24:16:24:38 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
|
||||
@@ -2,22 +2,26 @@ edges
|
||||
| samples.py:2:26:2:32 | ControlFlowNode for ImportMember | samples.py:2:26:2:32 | GSSA Variable request |
|
||||
| samples.py:2:26:2:32 | GSSA Variable request | samples.py:9:25:9:31 | ControlFlowNode for request |
|
||||
| samples.py:2:26:2:32 | GSSA Variable request | samples.py:16:25:16:31 | ControlFlowNode for request |
|
||||
| samples.py:9:18:9:47 | ControlFlowNode for escape() | samples.py:10:59:10:68 | ControlFlowNode for user_input |
|
||||
| samples.py:9:5:9:14 | SSA variable user_input | samples.py:10:59:10:68 | ControlFlowNode for user_input |
|
||||
| samples.py:9:18:9:47 | ControlFlowNode for escape() | samples.py:9:5:9:14 | SSA variable user_input |
|
||||
| samples.py:9:25:9:31 | ControlFlowNode for request | samples.py:9:25:9:36 | ControlFlowNode for Attribute |
|
||||
| samples.py:9:25:9:36 | ControlFlowNode for Attribute | samples.py:9:25:9:46 | ControlFlowNode for Attribute() |
|
||||
| samples.py:9:25:9:46 | ControlFlowNode for Attribute() | samples.py:9:18:9:47 | ControlFlowNode for escape() |
|
||||
| samples.py:16:18:16:47 | ControlFlowNode for escape() | samples.py:20:62:20:71 | ControlFlowNode for user_input |
|
||||
| samples.py:16:5:16:14 | SSA variable user_input | samples.py:20:62:20:71 | ControlFlowNode for user_input |
|
||||
| samples.py:16:18:16:47 | ControlFlowNode for escape() | samples.py:16:5:16:14 | SSA variable user_input |
|
||||
| samples.py:16:25:16:31 | ControlFlowNode for request | samples.py:16:25:16:36 | ControlFlowNode for Attribute |
|
||||
| samples.py:16:25:16:36 | ControlFlowNode for Attribute | samples.py:16:25:16:46 | ControlFlowNode for Attribute() |
|
||||
| samples.py:16:25:16:46 | ControlFlowNode for Attribute() | samples.py:16:18:16:47 | ControlFlowNode for escape() |
|
||||
nodes
|
||||
| samples.py:2:26:2:32 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| samples.py:2:26:2:32 | GSSA Variable request | semmle.label | GSSA Variable request |
|
||||
| samples.py:9:5:9:14 | SSA variable user_input | semmle.label | SSA variable user_input |
|
||||
| samples.py:9:18:9:47 | ControlFlowNode for escape() | semmle.label | ControlFlowNode for escape() |
|
||||
| samples.py:9:25:9:31 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| samples.py:9:25:9:36 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| samples.py:9:25:9:46 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| samples.py:10:59:10:68 | ControlFlowNode for user_input | semmle.label | ControlFlowNode for user_input |
|
||||
| samples.py:16:5:16:14 | SSA variable user_input | semmle.label | SSA variable user_input |
|
||||
| samples.py:16:18:16:47 | ControlFlowNode for escape() | semmle.label | ControlFlowNode for escape() |
|
||||
| samples.py:16:25:16:31 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| samples.py:16:25:16:36 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
|
||||
@@ -1,7 +1,9 @@
|
||||
edges
|
||||
| TimingAttackAgainstHash.py:26:17:26:41 | ControlFlowNode for Attribute() | TimingAttackAgainstHash.py:27:24:27:32 | ControlFlowNode for signature |
|
||||
| TimingAttackAgainstHash.py:26:5:26:13 | SSA variable signature | TimingAttackAgainstHash.py:27:24:27:32 | ControlFlowNode for signature |
|
||||
| TimingAttackAgainstHash.py:26:17:26:41 | ControlFlowNode for Attribute() | TimingAttackAgainstHash.py:26:5:26:13 | SSA variable signature |
|
||||
| TimingAttackAgainstHash.py:30:12:30:47 | ControlFlowNode for Attribute() | TimingAttackAgainstHash.py:37:19:37:48 | ControlFlowNode for sign() |
|
||||
nodes
|
||||
| TimingAttackAgainstHash.py:26:5:26:13 | SSA variable signature | semmle.label | SSA variable signature |
|
||||
| TimingAttackAgainstHash.py:26:17:26:41 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| TimingAttackAgainstHash.py:27:24:27:32 | ControlFlowNode for signature | semmle.label | ControlFlowNode for signature |
|
||||
| TimingAttackAgainstHash.py:30:12:30:47 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
|
||||
@@ -4,27 +4,23 @@ edges
|
||||
| TimingAttackAgainstSensitiveInfo.py:7:19:7:25 | GSSA Variable request | TimingAttackAgainstSensitiveInfo.py:15:20:15:26 | ControlFlowNode for request |
|
||||
| TimingAttackAgainstSensitiveInfo.py:7:19:7:25 | GSSA Variable request | TimingAttackAgainstSensitiveInfo.py:20:8:20:14 | ControlFlowNode for request |
|
||||
| TimingAttackAgainstSensitiveInfo.py:7:19:7:25 | GSSA Variable request | TimingAttackAgainstSensitiveInfo.py:21:20:21:26 | ControlFlowNode for request |
|
||||
| TimingAttackAgainstSensitiveInfo.py:14:8:14:14 | ControlFlowNode for request | TimingAttackAgainstSensitiveInfo.py:15:20:15:31 | ControlFlowNode for Attribute |
|
||||
| TimingAttackAgainstSensitiveInfo.py:15:20:15:26 | ControlFlowNode for request | TimingAttackAgainstSensitiveInfo.py:15:20:15:31 | ControlFlowNode for Attribute |
|
||||
| TimingAttackAgainstSensitiveInfo.py:15:20:15:31 | ControlFlowNode for Attribute | TimingAttackAgainstSensitiveInfo.py:15:20:15:38 | ControlFlowNode for Subscript |
|
||||
| TimingAttackAgainstSensitiveInfo.py:15:20:15:38 | ControlFlowNode for Subscript | TimingAttackAgainstSensitiveInfo.py:16:16:16:23 | ControlFlowNode for password |
|
||||
| TimingAttackAgainstSensitiveInfo.py:20:8:20:14 | ControlFlowNode for request | TimingAttackAgainstSensitiveInfo.py:21:20:21:31 | ControlFlowNode for Attribute |
|
||||
| TimingAttackAgainstSensitiveInfo.py:21:20:21:26 | ControlFlowNode for request | TimingAttackAgainstSensitiveInfo.py:21:20:21:31 | ControlFlowNode for Attribute |
|
||||
| TimingAttackAgainstSensitiveInfo.py:21:20:21:31 | ControlFlowNode for Attribute | TimingAttackAgainstSensitiveInfo.py:21:20:21:38 | ControlFlowNode for Subscript |
|
||||
| TimingAttackAgainstSensitiveInfo.py:21:20:21:38 | ControlFlowNode for Subscript | TimingAttackAgainstSensitiveInfo.py:22:38:22:45 | ControlFlowNode for password |
|
||||
| TimingAttackAgainstSensitiveInfo.py:14:8:14:14 | ControlFlowNode for request | TimingAttackAgainstSensitiveInfo.py:15:9:15:16 | SSA variable password |
|
||||
| TimingAttackAgainstSensitiveInfo.py:15:9:15:16 | SSA variable password | TimingAttackAgainstSensitiveInfo.py:16:16:16:23 | ControlFlowNode for password |
|
||||
| TimingAttackAgainstSensitiveInfo.py:15:20:15:26 | ControlFlowNode for request | TimingAttackAgainstSensitiveInfo.py:15:9:15:16 | SSA variable password |
|
||||
| TimingAttackAgainstSensitiveInfo.py:20:8:20:14 | ControlFlowNode for request | TimingAttackAgainstSensitiveInfo.py:21:9:21:16 | SSA variable password |
|
||||
| TimingAttackAgainstSensitiveInfo.py:21:9:21:16 | SSA variable password | TimingAttackAgainstSensitiveInfo.py:22:38:22:45 | ControlFlowNode for password |
|
||||
| TimingAttackAgainstSensitiveInfo.py:21:20:21:26 | ControlFlowNode for request | TimingAttackAgainstSensitiveInfo.py:21:9:21:16 | SSA variable password |
|
||||
nodes
|
||||
| TimingAttackAgainstSensitiveInfo.py:7:19:7:25 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| TimingAttackAgainstSensitiveInfo.py:7:19:7:25 | GSSA Variable request | semmle.label | GSSA Variable request |
|
||||
| TimingAttackAgainstSensitiveInfo.py:14:8:14:14 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| TimingAttackAgainstSensitiveInfo.py:15:9:15:16 | SSA variable password | semmle.label | SSA variable password |
|
||||
| TimingAttackAgainstSensitiveInfo.py:15:20:15:26 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| TimingAttackAgainstSensitiveInfo.py:15:20:15:31 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| TimingAttackAgainstSensitiveInfo.py:15:20:15:38 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| TimingAttackAgainstSensitiveInfo.py:16:16:16:23 | ControlFlowNode for password | semmle.label | ControlFlowNode for password |
|
||||
| TimingAttackAgainstSensitiveInfo.py:16:16:16:23 | ControlFlowNode for password | semmle.label | ControlFlowNode for password |
|
||||
| TimingAttackAgainstSensitiveInfo.py:20:8:20:14 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| TimingAttackAgainstSensitiveInfo.py:21:9:21:16 | SSA variable password | semmle.label | SSA variable password |
|
||||
| TimingAttackAgainstSensitiveInfo.py:21:20:21:26 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| TimingAttackAgainstSensitiveInfo.py:21:20:21:31 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| TimingAttackAgainstSensitiveInfo.py:21:20:21:38 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| TimingAttackAgainstSensitiveInfo.py:22:38:22:45 | ControlFlowNode for password | semmle.label | ControlFlowNode for password |
|
||||
subpaths
|
||||
#select
|
||||
|
||||
@@ -0,0 +1,44 @@
|
||||
edges
|
||||
| app_unsafe.py:4:1:4:9 | GSSA Variable aConstant | app_unsafe.py:5:28:5:36 | ControlFlowNode for aConstant |
|
||||
| app_unsafe.py:4:1:4:9 | GSSA Variable aConstant | app_unsafe.py:6:18:6:26 | ControlFlowNode for aConstant |
|
||||
| app_unsafe.py:4:1:4:9 | GSSA Variable aConstant | app_unsafe.py:7:30:7:38 | ControlFlowNode for aConstant |
|
||||
| app_unsafe.py:4:1:4:9 | GSSA Variable aConstant | app_unsafe.py:8:36:8:44 | ControlFlowNode for aConstant |
|
||||
| app_unsafe.py:4:13:4:23 | ControlFlowNode for Str | app_unsafe.py:4:1:4:9 | GSSA Variable aConstant |
|
||||
| config.py:7:1:7:9 | GSSA Variable aConstant | config.py:12:18:12:26 | ControlFlowNode for aConstant |
|
||||
| config.py:7:1:7:9 | GSSA Variable aConstant | config.py:12:18:12:26 | ControlFlowNode for aConstant |
|
||||
| config.py:7:1:7:9 | GSSA Variable aConstant | config.py:17:38:17:46 | ControlFlowNode for aConstant |
|
||||
| config.py:7:1:7:9 | GSSA Variable aConstant | config.py:18:43:18:51 | ControlFlowNode for aConstant |
|
||||
| config.py:7:13:7:23 | ControlFlowNode for Str | config.py:7:1:7:9 | GSSA Variable aConstant |
|
||||
| config.py:12:18:12:26 | ControlFlowNode for aConstant | config.py:17:38:17:46 | ControlFlowNode for aConstant |
|
||||
| config.py:12:18:12:26 | ControlFlowNode for aConstant | config.py:18:43:18:51 | ControlFlowNode for aConstant |
|
||||
| config.py:17:38:17:46 | ControlFlowNode for aConstant | config.py:17:18:17:47 | ControlFlowNode for Attribute() |
|
||||
| config.py:17:38:17:46 | ControlFlowNode for aConstant | config.py:18:43:18:51 | ControlFlowNode for aConstant |
|
||||
| config.py:18:43:18:51 | ControlFlowNode for aConstant | config.py:18:18:18:52 | ControlFlowNode for Attribute() |
|
||||
nodes
|
||||
| app_safe.py:5:28:5:37 | ControlFlowNode for Str | semmle.label | ControlFlowNode for Str |
|
||||
| app_unsafe.py:4:1:4:9 | GSSA Variable aConstant | semmle.label | GSSA Variable aConstant |
|
||||
| app_unsafe.py:4:13:4:23 | ControlFlowNode for Str | semmle.label | ControlFlowNode for Str |
|
||||
| app_unsafe.py:5:28:5:36 | ControlFlowNode for aConstant | semmle.label | ControlFlowNode for aConstant |
|
||||
| app_unsafe.py:6:18:6:26 | ControlFlowNode for aConstant | semmle.label | ControlFlowNode for aConstant |
|
||||
| app_unsafe.py:7:30:7:38 | ControlFlowNode for aConstant | semmle.label | ControlFlowNode for aConstant |
|
||||
| app_unsafe.py:8:36:8:44 | ControlFlowNode for aConstant | semmle.label | ControlFlowNode for aConstant |
|
||||
| config2.py:5:14:5:24 | ControlFlowNode for Str | semmle.label | ControlFlowNode for Str |
|
||||
| config.py:7:1:7:9 | GSSA Variable aConstant | semmle.label | GSSA Variable aConstant |
|
||||
| config.py:7:13:7:23 | ControlFlowNode for Str | semmle.label | ControlFlowNode for Str |
|
||||
| config.py:12:18:12:26 | ControlFlowNode for aConstant | semmle.label | ControlFlowNode for aConstant |
|
||||
| config.py:12:18:12:26 | ControlFlowNode for aConstant | semmle.label | ControlFlowNode for aConstant |
|
||||
| config.py:17:18:17:47 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| config.py:17:38:17:46 | ControlFlowNode for aConstant | semmle.label | ControlFlowNode for aConstant |
|
||||
| config.py:18:18:18:52 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| config.py:18:43:18:51 | ControlFlowNode for aConstant | semmle.label | ControlFlowNode for aConstant |
|
||||
subpaths
|
||||
#select
|
||||
| app_safe.py:5:28:5:37 | ControlFlowNode for Str | app_safe.py:5:28:5:37 | ControlFlowNode for Str | app_safe.py:5:28:5:37 | ControlFlowNode for Str | The SECRET_KEY config variable is assigned by $@. | app_safe.py:5:28:5:37 | ControlFlowNode for Str | this constant String |
|
||||
| app_unsafe.py:5:28:5:36 | ControlFlowNode for aConstant | app_unsafe.py:4:13:4:23 | ControlFlowNode for Str | app_unsafe.py:5:28:5:36 | ControlFlowNode for aConstant | The SECRET_KEY config variable is assigned by $@. | app_unsafe.py:4:13:4:23 | ControlFlowNode for Str | this constant String |
|
||||
| app_unsafe.py:6:18:6:26 | ControlFlowNode for aConstant | app_unsafe.py:4:13:4:23 | ControlFlowNode for Str | app_unsafe.py:6:18:6:26 | ControlFlowNode for aConstant | The SECRET_KEY config variable is assigned by $@. | app_unsafe.py:4:13:4:23 | ControlFlowNode for Str | this constant String |
|
||||
| app_unsafe.py:7:30:7:38 | ControlFlowNode for aConstant | app_unsafe.py:4:13:4:23 | ControlFlowNode for Str | app_unsafe.py:7:30:7:38 | ControlFlowNode for aConstant | The SECRET_KEY config variable is assigned by $@. | app_unsafe.py:4:13:4:23 | ControlFlowNode for Str | this constant String |
|
||||
| app_unsafe.py:8:36:8:44 | ControlFlowNode for aConstant | app_unsafe.py:4:13:4:23 | ControlFlowNode for Str | app_unsafe.py:8:36:8:44 | ControlFlowNode for aConstant | The SECRET_KEY config variable is assigned by $@. | app_unsafe.py:4:13:4:23 | ControlFlowNode for Str | this constant String |
|
||||
| config2.py:5:14:5:24 | ControlFlowNode for Str | config2.py:5:14:5:24 | ControlFlowNode for Str | config2.py:5:14:5:24 | ControlFlowNode for Str | The SECRET_KEY config variable is assigned by $@. | config2.py:5:14:5:24 | ControlFlowNode for Str | this constant String |
|
||||
| config.py:12:18:12:26 | ControlFlowNode for aConstant | config.py:7:13:7:23 | ControlFlowNode for Str | config.py:12:18:12:26 | ControlFlowNode for aConstant | The SECRET_KEY config variable is assigned by $@. | config.py:7:13:7:23 | ControlFlowNode for Str | this constant String |
|
||||
| config.py:17:18:17:47 | ControlFlowNode for Attribute() | config.py:7:13:7:23 | ControlFlowNode for Str | config.py:17:18:17:47 | ControlFlowNode for Attribute() | The SECRET_KEY config variable is assigned by $@. | config.py:7:13:7:23 | ControlFlowNode for Str | this constant String |
|
||||
| config.py:18:18:18:52 | ControlFlowNode for Attribute() | config.py:7:13:7:23 | ControlFlowNode for Str | config.py:18:18:18:52 | ControlFlowNode for Attribute() | The SECRET_KEY config variable is assigned by $@. | config.py:7:13:7:23 | ControlFlowNode for Str | this constant String |
|
||||
@@ -0,0 +1 @@
|
||||
experimental/Security/CWE-287-ConstantSecretKey/WebAppConstantSecretKey.ql
|
||||
@@ -0,0 +1,22 @@
|
||||
from flask import Flask, session
|
||||
from flask_session import Session
|
||||
|
||||
app = Flask(__name__)
|
||||
app.config['SECRET_KEY'] = 'CHANGEME'
|
||||
|
||||
Session(app)
|
||||
|
||||
|
||||
@app.route('/')
|
||||
def index():
|
||||
if 'logged_in' not in session:
|
||||
session['logged_in'] = False
|
||||
|
||||
if session['logged_in']:
|
||||
return '<h1>You are logged in!</h1>'
|
||||
else:
|
||||
return '<h1>Access Denied</h1>', 403
|
||||
|
||||
|
||||
if __name__ == '__main__':
|
||||
app.run()
|
||||
@@ -0,0 +1,21 @@
|
||||
from flask import Flask, session
|
||||
from secrets import token_hex
|
||||
|
||||
app = Flask(__name__)
|
||||
|
||||
SECRET_KEY = token_hex(16)
|
||||
|
||||
|
||||
@app.route('/')
|
||||
def index():
|
||||
if 'logged_in' not in session:
|
||||
session['logged_in'] = False
|
||||
|
||||
if session['logged_in']:
|
||||
return '<h1>You are logged in!</h1>'
|
||||
else:
|
||||
return '<h1>Access Denied</h1>', 403
|
||||
|
||||
|
||||
if __name__ == '__main__':
|
||||
app.run()
|
||||
@@ -0,0 +1,24 @@
|
||||
from flask import Flask, session
|
||||
|
||||
app = Flask(__name__)
|
||||
aConstant = 'CHANGEME1'
|
||||
app.config['SECRET_KEY'] = aConstant
|
||||
app.secret_key = aConstant
|
||||
app.config.update(SECRET_KEY=aConstant)
|
||||
app.config.from_mapping(SECRET_KEY=aConstant)
|
||||
app.config.from_pyfile("config.py")
|
||||
app.config.from_object('config.Config')
|
||||
|
||||
|
||||
@app.route('/')
|
||||
def DEB_EX():
|
||||
if 'logged_in' not in session:
|
||||
session['logged_in'] = False
|
||||
if session['logged_in']:
|
||||
return app.secret_key
|
||||
else:
|
||||
return app.secret_key, 403
|
||||
|
||||
|
||||
if __name__ == '__main__':
|
||||
app.run()
|
||||
@@ -0,0 +1,19 @@
|
||||
"""Flask App configuration."""
|
||||
from os import environ
|
||||
import os
|
||||
import random
|
||||
|
||||
FLASK_DEBUG = True
|
||||
aConstant = 'CHANGEME2'
|
||||
|
||||
|
||||
class Config:
|
||||
SECRET_KEY = environ.get("envKey")
|
||||
SECRET_KEY = aConstant
|
||||
SECRET_KEY = os.getenv('envKey')
|
||||
SECRET_KEY = os.environ.get('envKey')
|
||||
SECRET_KEY = os.environ.get('envKey', random.randint)
|
||||
SECRET_KEY = os.getenv('envKey', random.randint)
|
||||
SECRET_KEY = os.getenv('envKey', aConstant)
|
||||
SECRET_KEY = os.environ.get('envKey', aConstant)
|
||||
SECRET_KEY = os.environ['envKey']
|
||||
@@ -0,0 +1,5 @@
|
||||
"""Flask App configuration."""
|
||||
|
||||
# General Config
|
||||
FLASK_DEBUG = True
|
||||
SECRET_KEY = "CHANGEME5"
|
||||
@@ -3,70 +3,86 @@ edges
|
||||
| test.py:3:1:3:3 | GSSA Variable BSC | test.py:35:19:35:21 | ControlFlowNode for BSC |
|
||||
| test.py:3:1:3:3 | GSSA Variable BSC | test.py:66:19:66:21 | ControlFlowNode for BSC |
|
||||
| test.py:3:7:3:51 | ControlFlowNode for Attribute() | test.py:3:1:3:3 | GSSA Variable BSC |
|
||||
| test.py:7:5:7:15 | SSA variable blob_client | test.py:8:5:8:15 | ControlFlowNode for blob_client |
|
||||
| test.py:7:19:7:21 | ControlFlowNode for BSC | test.py:7:19:7:42 | ControlFlowNode for Attribute() |
|
||||
| test.py:7:19:7:42 | ControlFlowNode for Attribute() | test.py:8:5:8:15 | ControlFlowNode for blob_client |
|
||||
| test.py:7:19:7:42 | ControlFlowNode for Attribute() | test.py:7:5:7:15 | SSA variable blob_client |
|
||||
| test.py:8:5:8:15 | ControlFlowNode for blob_client | test.py:9:5:9:15 | ControlFlowNode for blob_client |
|
||||
| test.py:9:5:9:15 | ControlFlowNode for blob_client | test.py:9:5:9:15 | [post] ControlFlowNode for blob_client |
|
||||
| test.py:9:5:9:15 | [post] ControlFlowNode for blob_client | test.py:11:9:11:19 | ControlFlowNode for blob_client |
|
||||
| test.py:15:27:15:71 | ControlFlowNode for Attribute() | test.py:16:5:16:23 | ControlFlowNode for blob_service_client |
|
||||
| test.py:15:5:15:23 | SSA variable blob_service_client | test.py:16:5:16:23 | ControlFlowNode for blob_service_client |
|
||||
| test.py:15:27:15:71 | ControlFlowNode for Attribute() | test.py:15:5:15:23 | SSA variable blob_service_client |
|
||||
| test.py:16:5:16:23 | ControlFlowNode for blob_service_client | test.py:17:5:17:23 | ControlFlowNode for blob_service_client |
|
||||
| test.py:17:5:17:23 | ControlFlowNode for blob_service_client | test.py:17:5:17:23 | [post] ControlFlowNode for blob_service_client |
|
||||
| test.py:17:5:17:23 | [post] ControlFlowNode for blob_service_client | test.py:19:19:19:37 | ControlFlowNode for blob_service_client |
|
||||
| test.py:19:5:19:15 | SSA variable blob_client | test.py:21:9:21:19 | ControlFlowNode for blob_client |
|
||||
| test.py:19:19:19:37 | ControlFlowNode for blob_service_client | test.py:19:19:19:58 | ControlFlowNode for Attribute() |
|
||||
| test.py:19:19:19:58 | ControlFlowNode for Attribute() | test.py:21:9:21:19 | ControlFlowNode for blob_client |
|
||||
| test.py:25:24:25:66 | ControlFlowNode for Attribute() | test.py:26:5:26:20 | ControlFlowNode for container_client |
|
||||
| test.py:19:19:19:58 | ControlFlowNode for Attribute() | test.py:19:5:19:15 | SSA variable blob_client |
|
||||
| test.py:25:5:25:20 | SSA variable container_client | test.py:26:5:26:20 | ControlFlowNode for container_client |
|
||||
| test.py:25:24:25:66 | ControlFlowNode for Attribute() | test.py:25:5:25:20 | SSA variable container_client |
|
||||
| test.py:26:5:26:20 | ControlFlowNode for container_client | test.py:27:5:27:20 | ControlFlowNode for container_client |
|
||||
| test.py:27:5:27:20 | ControlFlowNode for container_client | test.py:27:5:27:20 | [post] ControlFlowNode for container_client |
|
||||
| test.py:27:5:27:20 | [post] ControlFlowNode for container_client | test.py:29:19:29:34 | ControlFlowNode for container_client |
|
||||
| test.py:29:5:29:15 | SSA variable blob_client | test.py:31:9:31:19 | ControlFlowNode for blob_client |
|
||||
| test.py:29:19:29:34 | ControlFlowNode for container_client | test.py:29:19:29:55 | ControlFlowNode for Attribute() |
|
||||
| test.py:29:19:29:55 | ControlFlowNode for Attribute() | test.py:31:9:31:19 | ControlFlowNode for blob_client |
|
||||
| test.py:29:19:29:55 | ControlFlowNode for Attribute() | test.py:29:5:29:15 | SSA variable blob_client |
|
||||
| test.py:35:5:35:15 | SSA variable blob_client | test.py:36:5:36:15 | ControlFlowNode for blob_client |
|
||||
| test.py:35:19:35:21 | ControlFlowNode for BSC | test.py:35:19:35:42 | ControlFlowNode for Attribute() |
|
||||
| test.py:35:19:35:42 | ControlFlowNode for Attribute() | test.py:36:5:36:15 | ControlFlowNode for blob_client |
|
||||
| test.py:35:19:35:42 | ControlFlowNode for Attribute() | test.py:35:5:35:15 | SSA variable blob_client |
|
||||
| test.py:36:5:36:15 | ControlFlowNode for blob_client | test.py:37:5:37:15 | ControlFlowNode for blob_client |
|
||||
| test.py:37:5:37:15 | ControlFlowNode for blob_client | test.py:37:5:37:15 | [post] ControlFlowNode for blob_client |
|
||||
| test.py:37:5:37:15 | [post] ControlFlowNode for blob_client | test.py:43:9:43:19 | ControlFlowNode for blob_client |
|
||||
| test.py:66:5:66:15 | SSA variable blob_client | test.py:67:5:67:15 | ControlFlowNode for blob_client |
|
||||
| test.py:66:19:66:21 | ControlFlowNode for BSC | test.py:66:19:66:42 | ControlFlowNode for Attribute() |
|
||||
| test.py:66:19:66:42 | ControlFlowNode for Attribute() | test.py:67:5:67:15 | ControlFlowNode for blob_client |
|
||||
| test.py:66:19:66:42 | ControlFlowNode for Attribute() | test.py:66:5:66:15 | SSA variable blob_client |
|
||||
| test.py:67:5:67:15 | ControlFlowNode for blob_client | test.py:68:5:68:15 | ControlFlowNode for blob_client |
|
||||
| test.py:68:5:68:15 | ControlFlowNode for blob_client | test.py:68:5:68:15 | [post] ControlFlowNode for blob_client |
|
||||
| test.py:68:5:68:15 | [post] ControlFlowNode for blob_client | test.py:69:12:69:22 | ControlFlowNode for blob_client |
|
||||
| test.py:69:12:69:22 | ControlFlowNode for blob_client | test.py:73:10:73:33 | ControlFlowNode for get_unsafe_blob_client() |
|
||||
| test.py:73:10:73:33 | ControlFlowNode for get_unsafe_blob_client() | test.py:75:9:75:10 | ControlFlowNode for bc |
|
||||
| test.py:73:5:73:6 | SSA variable bc | test.py:75:9:75:10 | ControlFlowNode for bc |
|
||||
| test.py:73:10:73:33 | ControlFlowNode for get_unsafe_blob_client() | test.py:73:5:73:6 | SSA variable bc |
|
||||
nodes
|
||||
| test.py:3:1:3:3 | GSSA Variable BSC | semmle.label | GSSA Variable BSC |
|
||||
| test.py:3:7:3:51 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| test.py:7:5:7:15 | SSA variable blob_client | semmle.label | SSA variable blob_client |
|
||||
| test.py:7:19:7:21 | ControlFlowNode for BSC | semmle.label | ControlFlowNode for BSC |
|
||||
| test.py:7:19:7:42 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| test.py:8:5:8:15 | ControlFlowNode for blob_client | semmle.label | ControlFlowNode for blob_client |
|
||||
| test.py:9:5:9:15 | ControlFlowNode for blob_client | semmle.label | ControlFlowNode for blob_client |
|
||||
| test.py:9:5:9:15 | [post] ControlFlowNode for blob_client | semmle.label | [post] ControlFlowNode for blob_client |
|
||||
| test.py:11:9:11:19 | ControlFlowNode for blob_client | semmle.label | ControlFlowNode for blob_client |
|
||||
| test.py:15:5:15:23 | SSA variable blob_service_client | semmle.label | SSA variable blob_service_client |
|
||||
| test.py:15:27:15:71 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| test.py:16:5:16:23 | ControlFlowNode for blob_service_client | semmle.label | ControlFlowNode for blob_service_client |
|
||||
| test.py:17:5:17:23 | ControlFlowNode for blob_service_client | semmle.label | ControlFlowNode for blob_service_client |
|
||||
| test.py:17:5:17:23 | [post] ControlFlowNode for blob_service_client | semmle.label | [post] ControlFlowNode for blob_service_client |
|
||||
| test.py:19:5:19:15 | SSA variable blob_client | semmle.label | SSA variable blob_client |
|
||||
| test.py:19:19:19:37 | ControlFlowNode for blob_service_client | semmle.label | ControlFlowNode for blob_service_client |
|
||||
| test.py:19:19:19:58 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| test.py:21:9:21:19 | ControlFlowNode for blob_client | semmle.label | ControlFlowNode for blob_client |
|
||||
| test.py:25:5:25:20 | SSA variable container_client | semmle.label | SSA variable container_client |
|
||||
| test.py:25:24:25:66 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| test.py:26:5:26:20 | ControlFlowNode for container_client | semmle.label | ControlFlowNode for container_client |
|
||||
| test.py:27:5:27:20 | ControlFlowNode for container_client | semmle.label | ControlFlowNode for container_client |
|
||||
| test.py:27:5:27:20 | [post] ControlFlowNode for container_client | semmle.label | [post] ControlFlowNode for container_client |
|
||||
| test.py:29:5:29:15 | SSA variable blob_client | semmle.label | SSA variable blob_client |
|
||||
| test.py:29:19:29:34 | ControlFlowNode for container_client | semmle.label | ControlFlowNode for container_client |
|
||||
| test.py:29:19:29:55 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| test.py:31:9:31:19 | ControlFlowNode for blob_client | semmle.label | ControlFlowNode for blob_client |
|
||||
| test.py:35:5:35:15 | SSA variable blob_client | semmle.label | SSA variable blob_client |
|
||||
| test.py:35:19:35:21 | ControlFlowNode for BSC | semmle.label | ControlFlowNode for BSC |
|
||||
| test.py:35:19:35:42 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| test.py:36:5:36:15 | ControlFlowNode for blob_client | semmle.label | ControlFlowNode for blob_client |
|
||||
| test.py:37:5:37:15 | ControlFlowNode for blob_client | semmle.label | ControlFlowNode for blob_client |
|
||||
| test.py:37:5:37:15 | [post] ControlFlowNode for blob_client | semmle.label | [post] ControlFlowNode for blob_client |
|
||||
| test.py:43:9:43:19 | ControlFlowNode for blob_client | semmle.label | ControlFlowNode for blob_client |
|
||||
| test.py:66:5:66:15 | SSA variable blob_client | semmle.label | SSA variable blob_client |
|
||||
| test.py:66:19:66:21 | ControlFlowNode for BSC | semmle.label | ControlFlowNode for BSC |
|
||||
| test.py:66:19:66:42 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| test.py:67:5:67:15 | ControlFlowNode for blob_client | semmle.label | ControlFlowNode for blob_client |
|
||||
| test.py:68:5:68:15 | ControlFlowNode for blob_client | semmle.label | ControlFlowNode for blob_client |
|
||||
| test.py:68:5:68:15 | [post] ControlFlowNode for blob_client | semmle.label | [post] ControlFlowNode for blob_client |
|
||||
| test.py:69:12:69:22 | ControlFlowNode for blob_client | semmle.label | ControlFlowNode for blob_client |
|
||||
| test.py:73:5:73:6 | SSA variable bc | semmle.label | SSA variable bc |
|
||||
| test.py:73:10:73:33 | ControlFlowNode for get_unsafe_blob_client() | semmle.label | ControlFlowNode for get_unsafe_blob_client() |
|
||||
| test.py:75:9:75:10 | ControlFlowNode for bc | semmle.label | ControlFlowNode for bc |
|
||||
subpaths
|
||||
|
||||
@@ -1,12 +1,18 @@
|
||||
edges
|
||||
| flask_bad.py:13:17:13:54 | ControlFlowNode for Attribute() | flask_bad.py:14:12:14:20 | ControlFlowNode for client_ip |
|
||||
| flask_bad.py:20:17:20:54 | ControlFlowNode for Attribute() | flask_bad.py:21:12:21:20 | ControlFlowNode for client_ip |
|
||||
| tornado_bad.py:22:25:22:69 | ControlFlowNode for Attribute() | tornado_bad.py:23:16:23:24 | ControlFlowNode for client_ip |
|
||||
| flask_bad.py:13:5:13:13 | SSA variable client_ip | flask_bad.py:14:12:14:20 | ControlFlowNode for client_ip |
|
||||
| flask_bad.py:13:17:13:54 | ControlFlowNode for Attribute() | flask_bad.py:13:5:13:13 | SSA variable client_ip |
|
||||
| flask_bad.py:20:5:20:13 | SSA variable client_ip | flask_bad.py:21:12:21:20 | ControlFlowNode for client_ip |
|
||||
| flask_bad.py:20:17:20:54 | ControlFlowNode for Attribute() | flask_bad.py:20:5:20:13 | SSA variable client_ip |
|
||||
| tornado_bad.py:22:13:22:21 | SSA variable client_ip | tornado_bad.py:23:16:23:24 | ControlFlowNode for client_ip |
|
||||
| tornado_bad.py:22:25:22:69 | ControlFlowNode for Attribute() | tornado_bad.py:22:13:22:21 | SSA variable client_ip |
|
||||
nodes
|
||||
| flask_bad.py:13:5:13:13 | SSA variable client_ip | semmle.label | SSA variable client_ip |
|
||||
| flask_bad.py:13:17:13:54 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| flask_bad.py:14:12:14:20 | ControlFlowNode for client_ip | semmle.label | ControlFlowNode for client_ip |
|
||||
| flask_bad.py:20:5:20:13 | SSA variable client_ip | semmle.label | SSA variable client_ip |
|
||||
| flask_bad.py:20:17:20:54 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| flask_bad.py:21:12:21:20 | ControlFlowNode for client_ip | semmle.label | ControlFlowNode for client_ip |
|
||||
| tornado_bad.py:22:13:22:21 | SSA variable client_ip | semmle.label | SSA variable client_ip |
|
||||
| tornado_bad.py:22:25:22:69 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| tornado_bad.py:23:16:23:24 | ControlFlowNode for client_ip | semmle.label | ControlFlowNode for client_ip |
|
||||
subpaths
|
||||
|
||||
@@ -1,26 +1,30 @@
|
||||
edges
|
||||
| ldap3_remote.py:2:19:2:25 | ControlFlowNode for ImportMember | ldap3_remote.py:2:19:2:25 | GSSA Variable request |
|
||||
| ldap3_remote.py:2:19:2:25 | GSSA Variable request | ldap3_remote.py:138:21:138:27 | ControlFlowNode for request |
|
||||
| ldap3_remote.py:101:12:101:49 | ControlFlowNode for BinaryExpr | ldap3_remote.py:102:18:102:21 | ControlFlowNode for host |
|
||||
| ldap3_remote.py:114:12:114:49 | ControlFlowNode for BinaryExpr | ldap3_remote.py:115:18:115:21 | ControlFlowNode for host |
|
||||
| ldap3_remote.py:126:12:126:31 | ControlFlowNode for BinaryExpr | ldap3_remote.py:127:18:127:21 | ControlFlowNode for host |
|
||||
| ldap3_remote.py:138:21:138:27 | ControlFlowNode for request | ldap3_remote.py:138:21:138:32 | ControlFlowNode for Attribute |
|
||||
| ldap3_remote.py:138:21:138:32 | ControlFlowNode for Attribute | ldap3_remote.py:138:21:138:40 | ControlFlowNode for Subscript |
|
||||
| ldap3_remote.py:138:21:138:40 | ControlFlowNode for Subscript | ldap3_remote.py:139:18:139:21 | ControlFlowNode for host |
|
||||
| ldap3_remote.py:101:5:101:8 | SSA variable host | ldap3_remote.py:102:18:102:21 | ControlFlowNode for host |
|
||||
| ldap3_remote.py:101:12:101:49 | ControlFlowNode for BinaryExpr | ldap3_remote.py:101:5:101:8 | SSA variable host |
|
||||
| ldap3_remote.py:114:5:114:8 | SSA variable host | ldap3_remote.py:115:18:115:21 | ControlFlowNode for host |
|
||||
| ldap3_remote.py:114:12:114:49 | ControlFlowNode for BinaryExpr | ldap3_remote.py:114:5:114:8 | SSA variable host |
|
||||
| ldap3_remote.py:126:5:126:8 | SSA variable host | ldap3_remote.py:127:18:127:21 | ControlFlowNode for host |
|
||||
| ldap3_remote.py:126:12:126:31 | ControlFlowNode for BinaryExpr | ldap3_remote.py:126:5:126:8 | SSA variable host |
|
||||
| ldap3_remote.py:138:5:138:8 | SSA variable host | ldap3_remote.py:139:18:139:21 | ControlFlowNode for host |
|
||||
| ldap3_remote.py:138:21:138:27 | ControlFlowNode for request | ldap3_remote.py:138:5:138:8 | SSA variable host |
|
||||
nodes
|
||||
| ldap2_remote.py:45:41:45:60 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| ldap2_remote.py:56:41:56:60 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| ldap3_remote.py:2:19:2:25 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| ldap3_remote.py:2:19:2:25 | GSSA Variable request | semmle.label | GSSA Variable request |
|
||||
| ldap3_remote.py:101:5:101:8 | SSA variable host | semmle.label | SSA variable host |
|
||||
| ldap3_remote.py:101:12:101:49 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| ldap3_remote.py:102:18:102:21 | ControlFlowNode for host | semmle.label | ControlFlowNode for host |
|
||||
| ldap3_remote.py:114:5:114:8 | SSA variable host | semmle.label | SSA variable host |
|
||||
| ldap3_remote.py:114:12:114:49 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| ldap3_remote.py:115:18:115:21 | ControlFlowNode for host | semmle.label | ControlFlowNode for host |
|
||||
| ldap3_remote.py:126:5:126:8 | SSA variable host | semmle.label | SSA variable host |
|
||||
| ldap3_remote.py:126:12:126:31 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
|
||||
| ldap3_remote.py:127:18:127:21 | ControlFlowNode for host | semmle.label | ControlFlowNode for host |
|
||||
| ldap3_remote.py:138:5:138:8 | SSA variable host | semmle.label | SSA variable host |
|
||||
| ldap3_remote.py:138:21:138:27 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| ldap3_remote.py:138:21:138:32 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| ldap3_remote.py:138:21:138:40 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| ldap3_remote.py:139:18:139:21 | ControlFlowNode for host | semmle.label | ControlFlowNode for host |
|
||||
subpaths
|
||||
#select
|
||||
|
||||
@@ -6,18 +6,11 @@ edges
|
||||
| flask_bad.py:1:26:1:32 | GSSA Variable request | flask_bad.py:24:49:24:55 | ControlFlowNode for request |
|
||||
| flask_bad.py:1:26:1:32 | GSSA Variable request | flask_bad.py:32:37:32:43 | ControlFlowNode for request |
|
||||
| flask_bad.py:1:26:1:32 | GSSA Variable request | flask_bad.py:32:60:32:66 | ControlFlowNode for request |
|
||||
| flask_bad.py:24:21:24:27 | ControlFlowNode for request | flask_bad.py:24:21:24:32 | ControlFlowNode for Attribute |
|
||||
| flask_bad.py:24:21:24:27 | ControlFlowNode for request | flask_bad.py:24:49:24:60 | ControlFlowNode for Attribute |
|
||||
| flask_bad.py:24:21:24:32 | ControlFlowNode for Attribute | flask_bad.py:24:21:24:40 | ControlFlowNode for Subscript |
|
||||
| flask_bad.py:24:49:24:55 | ControlFlowNode for request | flask_bad.py:24:49:24:60 | ControlFlowNode for Attribute |
|
||||
| flask_bad.py:24:49:24:60 | ControlFlowNode for Attribute | flask_bad.py:24:49:24:69 | ControlFlowNode for Subscript |
|
||||
| flask_bad.py:32:37:32:43 | ControlFlowNode for request | flask_bad.py:32:37:32:48 | ControlFlowNode for Attribute |
|
||||
| flask_bad.py:32:37:32:43 | ControlFlowNode for request | flask_bad.py:32:60:32:71 | ControlFlowNode for Attribute |
|
||||
| flask_bad.py:32:37:32:48 | ControlFlowNode for Attribute | flask_bad.py:32:37:32:56 | ControlFlowNode for Subscript |
|
||||
| flask_bad.py:32:37:32:56 | ControlFlowNode for Subscript | flask_bad.py:32:34:32:98 | ControlFlowNode for Fstring |
|
||||
| flask_bad.py:32:60:32:66 | ControlFlowNode for request | flask_bad.py:32:60:32:71 | ControlFlowNode for Attribute |
|
||||
| flask_bad.py:32:60:32:71 | ControlFlowNode for Attribute | flask_bad.py:32:60:32:80 | ControlFlowNode for Subscript |
|
||||
| flask_bad.py:32:60:32:80 | ControlFlowNode for Subscript | flask_bad.py:32:34:32:98 | ControlFlowNode for Fstring |
|
||||
| flask_bad.py:24:21:24:27 | ControlFlowNode for request | flask_bad.py:24:21:24:40 | ControlFlowNode for Subscript |
|
||||
| flask_bad.py:24:21:24:27 | ControlFlowNode for request | flask_bad.py:24:49:24:69 | ControlFlowNode for Subscript |
|
||||
| flask_bad.py:24:49:24:55 | ControlFlowNode for request | flask_bad.py:24:49:24:69 | ControlFlowNode for Subscript |
|
||||
| flask_bad.py:32:37:32:43 | ControlFlowNode for request | flask_bad.py:32:34:32:98 | ControlFlowNode for Fstring |
|
||||
| flask_bad.py:32:60:32:66 | ControlFlowNode for request | flask_bad.py:32:34:32:98 | ControlFlowNode for Fstring |
|
||||
nodes
|
||||
| django_bad.py:19:21:19:55 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| django_bad.py:20:21:20:56 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
@@ -27,18 +20,12 @@ nodes
|
||||
| flask_bad.py:1:26:1:32 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| flask_bad.py:1:26:1:32 | GSSA Variable request | semmle.label | GSSA Variable request |
|
||||
| flask_bad.py:24:21:24:27 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| flask_bad.py:24:21:24:32 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| flask_bad.py:24:21:24:40 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| flask_bad.py:24:49:24:55 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| flask_bad.py:24:49:24:60 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| flask_bad.py:24:49:24:69 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| flask_bad.py:32:34:32:98 | ControlFlowNode for Fstring | semmle.label | ControlFlowNode for Fstring |
|
||||
| flask_bad.py:32:37:32:43 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| flask_bad.py:32:37:32:48 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| flask_bad.py:32:37:32:56 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| flask_bad.py:32:60:32:66 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| flask_bad.py:32:60:32:71 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| flask_bad.py:32:60:32:80 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
subpaths
|
||||
#select
|
||||
| django_bad.py:19:21:19:55 | ControlFlowNode for Attribute() | django_bad.py:19:21:19:55 | ControlFlowNode for Attribute() | django_bad.py:19:21:19:55 | ControlFlowNode for Attribute() | Cookie is constructed from a $@,and its httponly flag is not properly set. | django_bad.py:19:21:19:55 | ControlFlowNode for Attribute() | user-supplied input |
|
||||
|
||||
@@ -2,22 +2,22 @@ edges
|
||||
| flask_mongoengine_bad.py:1:26:1:32 | ControlFlowNode for ImportMember | flask_mongoengine_bad.py:1:26:1:32 | GSSA Variable request |
|
||||
| flask_mongoengine_bad.py:1:26:1:32 | GSSA Variable request | flask_mongoengine_bad.py:19:21:19:27 | ControlFlowNode for request |
|
||||
| flask_mongoengine_bad.py:1:26:1:32 | GSSA Variable request | flask_mongoengine_bad.py:26:21:26:27 | ControlFlowNode for request |
|
||||
| flask_mongoengine_bad.py:19:21:19:27 | ControlFlowNode for request | flask_mongoengine_bad.py:19:21:19:32 | ControlFlowNode for Attribute |
|
||||
| flask_mongoengine_bad.py:19:21:19:32 | ControlFlowNode for Attribute | flask_mongoengine_bad.py:19:21:19:42 | ControlFlowNode for Subscript |
|
||||
| flask_mongoengine_bad.py:19:21:19:42 | ControlFlowNode for Subscript | flask_mongoengine_bad.py:20:30:20:42 | ControlFlowNode for unsafe_search |
|
||||
| flask_mongoengine_bad.py:20:19:20:43 | ControlFlowNode for Attribute() | flask_mongoengine_bad.py:22:34:22:44 | ControlFlowNode for json_search |
|
||||
| flask_mongoengine_bad.py:19:5:19:17 | SSA variable unsafe_search | flask_mongoengine_bad.py:20:30:20:42 | ControlFlowNode for unsafe_search |
|
||||
| flask_mongoengine_bad.py:19:21:19:27 | ControlFlowNode for request | flask_mongoengine_bad.py:19:5:19:17 | SSA variable unsafe_search |
|
||||
| flask_mongoengine_bad.py:20:5:20:15 | SSA variable json_search | flask_mongoengine_bad.py:22:34:22:44 | ControlFlowNode for json_search |
|
||||
| flask_mongoengine_bad.py:20:19:20:43 | ControlFlowNode for Attribute() | flask_mongoengine_bad.py:20:5:20:15 | SSA variable json_search |
|
||||
| flask_mongoengine_bad.py:20:30:20:42 | ControlFlowNode for unsafe_search | flask_mongoengine_bad.py:20:19:20:43 | ControlFlowNode for Attribute() |
|
||||
| flask_mongoengine_bad.py:26:21:26:27 | ControlFlowNode for request | flask_mongoengine_bad.py:26:21:26:32 | ControlFlowNode for Attribute |
|
||||
| flask_mongoengine_bad.py:26:21:26:32 | ControlFlowNode for Attribute | flask_mongoengine_bad.py:26:21:26:42 | ControlFlowNode for Subscript |
|
||||
| flask_mongoengine_bad.py:26:21:26:42 | ControlFlowNode for Subscript | flask_mongoengine_bad.py:27:30:27:42 | ControlFlowNode for unsafe_search |
|
||||
| flask_mongoengine_bad.py:27:19:27:43 | ControlFlowNode for Attribute() | flask_mongoengine_bad.py:30:39:30:59 | ControlFlowNode for Dict |
|
||||
| flask_mongoengine_bad.py:26:5:26:17 | SSA variable unsafe_search | flask_mongoengine_bad.py:27:30:27:42 | ControlFlowNode for unsafe_search |
|
||||
| flask_mongoengine_bad.py:26:21:26:27 | ControlFlowNode for request | flask_mongoengine_bad.py:26:5:26:17 | SSA variable unsafe_search |
|
||||
| flask_mongoengine_bad.py:27:5:27:15 | SSA variable json_search | flask_mongoengine_bad.py:30:39:30:59 | ControlFlowNode for Dict |
|
||||
| flask_mongoengine_bad.py:27:19:27:43 | ControlFlowNode for Attribute() | flask_mongoengine_bad.py:27:5:27:15 | SSA variable json_search |
|
||||
| flask_mongoengine_bad.py:27:30:27:42 | ControlFlowNode for unsafe_search | flask_mongoengine_bad.py:27:19:27:43 | ControlFlowNode for Attribute() |
|
||||
| flask_pymongo_bad.py:1:26:1:32 | ControlFlowNode for ImportMember | flask_pymongo_bad.py:1:26:1:32 | GSSA Variable request |
|
||||
| flask_pymongo_bad.py:1:26:1:32 | GSSA Variable request | flask_pymongo_bad.py:11:21:11:27 | ControlFlowNode for request |
|
||||
| flask_pymongo_bad.py:11:21:11:27 | ControlFlowNode for request | flask_pymongo_bad.py:11:21:11:32 | ControlFlowNode for Attribute |
|
||||
| flask_pymongo_bad.py:11:21:11:32 | ControlFlowNode for Attribute | flask_pymongo_bad.py:11:21:11:42 | ControlFlowNode for Subscript |
|
||||
| flask_pymongo_bad.py:11:21:11:42 | ControlFlowNode for Subscript | flask_pymongo_bad.py:12:30:12:42 | ControlFlowNode for unsafe_search |
|
||||
| flask_pymongo_bad.py:12:19:12:43 | ControlFlowNode for Attribute() | flask_pymongo_bad.py:14:31:14:51 | ControlFlowNode for Dict |
|
||||
| flask_pymongo_bad.py:11:5:11:17 | SSA variable unsafe_search | flask_pymongo_bad.py:12:30:12:42 | ControlFlowNode for unsafe_search |
|
||||
| flask_pymongo_bad.py:11:21:11:27 | ControlFlowNode for request | flask_pymongo_bad.py:11:5:11:17 | SSA variable unsafe_search |
|
||||
| flask_pymongo_bad.py:12:5:12:15 | SSA variable json_search | flask_pymongo_bad.py:14:31:14:51 | ControlFlowNode for Dict |
|
||||
| flask_pymongo_bad.py:12:19:12:43 | ControlFlowNode for Attribute() | flask_pymongo_bad.py:12:5:12:15 | SSA variable json_search |
|
||||
| flask_pymongo_bad.py:12:30:12:42 | ControlFlowNode for unsafe_search | flask_pymongo_bad.py:12:19:12:43 | ControlFlowNode for Attribute() |
|
||||
| mongoengine_bad.py:1:26:1:32 | ControlFlowNode for ImportMember | mongoengine_bad.py:1:26:1:32 | GSSA Variable request |
|
||||
| mongoengine_bad.py:1:26:1:32 | GSSA Variable request | mongoengine_bad.py:18:21:18:27 | ControlFlowNode for request |
|
||||
@@ -26,130 +26,130 @@ edges
|
||||
| mongoengine_bad.py:1:26:1:32 | GSSA Variable request | mongoengine_bad.py:42:21:42:27 | ControlFlowNode for request |
|
||||
| mongoengine_bad.py:1:26:1:32 | GSSA Variable request | mongoengine_bad.py:50:21:50:27 | ControlFlowNode for request |
|
||||
| mongoengine_bad.py:1:26:1:32 | GSSA Variable request | mongoengine_bad.py:57:21:57:27 | ControlFlowNode for request |
|
||||
| mongoengine_bad.py:18:21:18:27 | ControlFlowNode for request | mongoengine_bad.py:18:21:18:32 | ControlFlowNode for Attribute |
|
||||
| mongoengine_bad.py:18:21:18:32 | ControlFlowNode for Attribute | mongoengine_bad.py:18:21:18:42 | ControlFlowNode for Subscript |
|
||||
| mongoengine_bad.py:18:21:18:42 | ControlFlowNode for Subscript | mongoengine_bad.py:19:30:19:42 | ControlFlowNode for unsafe_search |
|
||||
| mongoengine_bad.py:19:19:19:43 | ControlFlowNode for Attribute() | mongoengine_bad.py:22:26:22:46 | ControlFlowNode for Dict |
|
||||
| mongoengine_bad.py:18:5:18:17 | SSA variable unsafe_search | mongoengine_bad.py:19:30:19:42 | ControlFlowNode for unsafe_search |
|
||||
| mongoengine_bad.py:18:21:18:27 | ControlFlowNode for request | mongoengine_bad.py:18:5:18:17 | SSA variable unsafe_search |
|
||||
| mongoengine_bad.py:19:5:19:15 | SSA variable json_search | mongoengine_bad.py:22:26:22:46 | ControlFlowNode for Dict |
|
||||
| mongoengine_bad.py:19:19:19:43 | ControlFlowNode for Attribute() | mongoengine_bad.py:19:5:19:15 | SSA variable json_search |
|
||||
| mongoengine_bad.py:19:30:19:42 | ControlFlowNode for unsafe_search | mongoengine_bad.py:19:19:19:43 | ControlFlowNode for Attribute() |
|
||||
| mongoengine_bad.py:26:21:26:27 | ControlFlowNode for request | mongoengine_bad.py:26:21:26:32 | ControlFlowNode for Attribute |
|
||||
| mongoengine_bad.py:26:21:26:32 | ControlFlowNode for Attribute | mongoengine_bad.py:26:21:26:42 | ControlFlowNode for Subscript |
|
||||
| mongoengine_bad.py:26:21:26:42 | ControlFlowNode for Subscript | mongoengine_bad.py:27:30:27:42 | ControlFlowNode for unsafe_search |
|
||||
| mongoengine_bad.py:27:19:27:43 | ControlFlowNode for Attribute() | mongoengine_bad.py:30:26:30:46 | ControlFlowNode for Dict |
|
||||
| mongoengine_bad.py:26:5:26:17 | SSA variable unsafe_search | mongoengine_bad.py:27:30:27:42 | ControlFlowNode for unsafe_search |
|
||||
| mongoengine_bad.py:26:21:26:27 | ControlFlowNode for request | mongoengine_bad.py:26:5:26:17 | SSA variable unsafe_search |
|
||||
| mongoengine_bad.py:27:5:27:15 | SSA variable json_search | mongoengine_bad.py:30:26:30:46 | ControlFlowNode for Dict |
|
||||
| mongoengine_bad.py:27:19:27:43 | ControlFlowNode for Attribute() | mongoengine_bad.py:27:5:27:15 | SSA variable json_search |
|
||||
| mongoengine_bad.py:27:30:27:42 | ControlFlowNode for unsafe_search | mongoengine_bad.py:27:19:27:43 | ControlFlowNode for Attribute() |
|
||||
| mongoengine_bad.py:34:21:34:27 | ControlFlowNode for request | mongoengine_bad.py:34:21:34:32 | ControlFlowNode for Attribute |
|
||||
| mongoengine_bad.py:34:21:34:32 | ControlFlowNode for Attribute | mongoengine_bad.py:34:21:34:42 | ControlFlowNode for Subscript |
|
||||
| mongoengine_bad.py:34:21:34:42 | ControlFlowNode for Subscript | mongoengine_bad.py:35:30:35:42 | ControlFlowNode for unsafe_search |
|
||||
| mongoengine_bad.py:35:19:35:43 | ControlFlowNode for Attribute() | mongoengine_bad.py:38:26:38:46 | ControlFlowNode for Dict |
|
||||
| mongoengine_bad.py:34:5:34:17 | SSA variable unsafe_search | mongoengine_bad.py:35:30:35:42 | ControlFlowNode for unsafe_search |
|
||||
| mongoengine_bad.py:34:21:34:27 | ControlFlowNode for request | mongoengine_bad.py:34:5:34:17 | SSA variable unsafe_search |
|
||||
| mongoengine_bad.py:35:5:35:15 | SSA variable json_search | mongoengine_bad.py:38:26:38:46 | ControlFlowNode for Dict |
|
||||
| mongoengine_bad.py:35:19:35:43 | ControlFlowNode for Attribute() | mongoengine_bad.py:35:5:35:15 | SSA variable json_search |
|
||||
| mongoengine_bad.py:35:30:35:42 | ControlFlowNode for unsafe_search | mongoengine_bad.py:35:19:35:43 | ControlFlowNode for Attribute() |
|
||||
| mongoengine_bad.py:42:21:42:27 | ControlFlowNode for request | mongoengine_bad.py:42:21:42:32 | ControlFlowNode for Attribute |
|
||||
| mongoengine_bad.py:42:21:42:32 | ControlFlowNode for Attribute | mongoengine_bad.py:42:21:42:42 | ControlFlowNode for Subscript |
|
||||
| mongoengine_bad.py:42:21:42:42 | ControlFlowNode for Subscript | mongoengine_bad.py:43:30:43:42 | ControlFlowNode for unsafe_search |
|
||||
| mongoengine_bad.py:43:19:43:43 | ControlFlowNode for Attribute() | mongoengine_bad.py:46:26:46:46 | ControlFlowNode for Dict |
|
||||
| mongoengine_bad.py:42:5:42:17 | SSA variable unsafe_search | mongoengine_bad.py:43:30:43:42 | ControlFlowNode for unsafe_search |
|
||||
| mongoengine_bad.py:42:21:42:27 | ControlFlowNode for request | mongoengine_bad.py:42:5:42:17 | SSA variable unsafe_search |
|
||||
| mongoengine_bad.py:43:5:43:15 | SSA variable json_search | mongoengine_bad.py:46:26:46:46 | ControlFlowNode for Dict |
|
||||
| mongoengine_bad.py:43:19:43:43 | ControlFlowNode for Attribute() | mongoengine_bad.py:43:5:43:15 | SSA variable json_search |
|
||||
| mongoengine_bad.py:43:30:43:42 | ControlFlowNode for unsafe_search | mongoengine_bad.py:43:19:43:43 | ControlFlowNode for Attribute() |
|
||||
| mongoengine_bad.py:50:21:50:27 | ControlFlowNode for request | mongoengine_bad.py:50:21:50:32 | ControlFlowNode for Attribute |
|
||||
| mongoengine_bad.py:50:21:50:32 | ControlFlowNode for Attribute | mongoengine_bad.py:50:21:50:42 | ControlFlowNode for Subscript |
|
||||
| mongoengine_bad.py:50:21:50:42 | ControlFlowNode for Subscript | mongoengine_bad.py:51:30:51:42 | ControlFlowNode for unsafe_search |
|
||||
| mongoengine_bad.py:51:19:51:43 | ControlFlowNode for Attribute() | mongoengine_bad.py:53:34:53:44 | ControlFlowNode for json_search |
|
||||
| mongoengine_bad.py:50:5:50:17 | SSA variable unsafe_search | mongoengine_bad.py:51:30:51:42 | ControlFlowNode for unsafe_search |
|
||||
| mongoengine_bad.py:50:21:50:27 | ControlFlowNode for request | mongoengine_bad.py:50:5:50:17 | SSA variable unsafe_search |
|
||||
| mongoengine_bad.py:51:5:51:15 | SSA variable json_search | mongoengine_bad.py:53:34:53:44 | ControlFlowNode for json_search |
|
||||
| mongoengine_bad.py:51:19:51:43 | ControlFlowNode for Attribute() | mongoengine_bad.py:51:5:51:15 | SSA variable json_search |
|
||||
| mongoengine_bad.py:51:30:51:42 | ControlFlowNode for unsafe_search | mongoengine_bad.py:51:19:51:43 | ControlFlowNode for Attribute() |
|
||||
| mongoengine_bad.py:57:21:57:27 | ControlFlowNode for request | mongoengine_bad.py:57:21:57:32 | ControlFlowNode for Attribute |
|
||||
| mongoengine_bad.py:57:21:57:32 | ControlFlowNode for Attribute | mongoengine_bad.py:57:21:57:42 | ControlFlowNode for Subscript |
|
||||
| mongoengine_bad.py:57:21:57:42 | ControlFlowNode for Subscript | mongoengine_bad.py:58:30:58:42 | ControlFlowNode for unsafe_search |
|
||||
| mongoengine_bad.py:58:19:58:43 | ControlFlowNode for Attribute() | mongoengine_bad.py:61:29:61:49 | ControlFlowNode for Dict |
|
||||
| mongoengine_bad.py:57:5:57:17 | SSA variable unsafe_search | mongoengine_bad.py:58:30:58:42 | ControlFlowNode for unsafe_search |
|
||||
| mongoengine_bad.py:57:21:57:27 | ControlFlowNode for request | mongoengine_bad.py:57:5:57:17 | SSA variable unsafe_search |
|
||||
| mongoengine_bad.py:58:5:58:15 | SSA variable json_search | mongoengine_bad.py:61:29:61:49 | ControlFlowNode for Dict |
|
||||
| mongoengine_bad.py:58:19:58:43 | ControlFlowNode for Attribute() | mongoengine_bad.py:58:5:58:15 | SSA variable json_search |
|
||||
| mongoengine_bad.py:58:30:58:42 | ControlFlowNode for unsafe_search | mongoengine_bad.py:58:19:58:43 | ControlFlowNode for Attribute() |
|
||||
| pymongo_test.py:1:26:1:32 | ControlFlowNode for ImportMember | pymongo_test.py:1:26:1:32 | GSSA Variable request |
|
||||
| pymongo_test.py:1:26:1:32 | GSSA Variable request | pymongo_test.py:12:21:12:27 | ControlFlowNode for request |
|
||||
| pymongo_test.py:1:26:1:32 | GSSA Variable request | pymongo_test.py:29:27:29:33 | ControlFlowNode for request |
|
||||
| pymongo_test.py:1:26:1:32 | GSSA Variable request | pymongo_test.py:39:27:39:33 | ControlFlowNode for request |
|
||||
| pymongo_test.py:12:21:12:27 | ControlFlowNode for request | pymongo_test.py:12:21:12:32 | ControlFlowNode for Attribute |
|
||||
| pymongo_test.py:12:21:12:32 | ControlFlowNode for Attribute | pymongo_test.py:12:21:12:42 | ControlFlowNode for Subscript |
|
||||
| pymongo_test.py:12:21:12:42 | ControlFlowNode for Subscript | pymongo_test.py:13:30:13:42 | ControlFlowNode for unsafe_search |
|
||||
| pymongo_test.py:13:19:13:43 | ControlFlowNode for Attribute() | pymongo_test.py:15:42:15:62 | ControlFlowNode for Dict |
|
||||
| pymongo_test.py:12:5:12:17 | SSA variable unsafe_search | pymongo_test.py:13:30:13:42 | ControlFlowNode for unsafe_search |
|
||||
| pymongo_test.py:12:21:12:27 | ControlFlowNode for request | pymongo_test.py:12:5:12:17 | SSA variable unsafe_search |
|
||||
| pymongo_test.py:13:5:13:15 | SSA variable json_search | pymongo_test.py:15:42:15:62 | ControlFlowNode for Dict |
|
||||
| pymongo_test.py:13:19:13:43 | ControlFlowNode for Attribute() | pymongo_test.py:13:5:13:15 | SSA variable json_search |
|
||||
| pymongo_test.py:13:30:13:42 | ControlFlowNode for unsafe_search | pymongo_test.py:13:19:13:43 | ControlFlowNode for Attribute() |
|
||||
| pymongo_test.py:29:16:29:51 | ControlFlowNode for Attribute() | pymongo_test.py:33:34:33:73 | ControlFlowNode for Dict |
|
||||
| pymongo_test.py:29:27:29:33 | ControlFlowNode for request | pymongo_test.py:29:27:29:38 | ControlFlowNode for Attribute |
|
||||
| pymongo_test.py:29:27:29:38 | ControlFlowNode for Attribute | pymongo_test.py:29:27:29:50 | ControlFlowNode for Subscript |
|
||||
| pymongo_test.py:29:5:29:12 | SSA variable event_id | pymongo_test.py:33:34:33:73 | ControlFlowNode for Dict |
|
||||
| pymongo_test.py:29:16:29:51 | ControlFlowNode for Attribute() | pymongo_test.py:29:5:29:12 | SSA variable event_id |
|
||||
| pymongo_test.py:29:27:29:33 | ControlFlowNode for request | pymongo_test.py:29:27:29:50 | ControlFlowNode for Subscript |
|
||||
| pymongo_test.py:29:27:29:50 | ControlFlowNode for Subscript | pymongo_test.py:29:16:29:51 | ControlFlowNode for Attribute() |
|
||||
| pymongo_test.py:39:16:39:51 | ControlFlowNode for Attribute() | pymongo_test.py:43:34:43:73 | ControlFlowNode for Dict |
|
||||
| pymongo_test.py:39:27:39:33 | ControlFlowNode for request | pymongo_test.py:39:27:39:38 | ControlFlowNode for Attribute |
|
||||
| pymongo_test.py:39:27:39:38 | ControlFlowNode for Attribute | pymongo_test.py:39:27:39:50 | ControlFlowNode for Subscript |
|
||||
| pymongo_test.py:39:5:39:12 | SSA variable event_id | pymongo_test.py:43:34:43:73 | ControlFlowNode for Dict |
|
||||
| pymongo_test.py:39:16:39:51 | ControlFlowNode for Attribute() | pymongo_test.py:39:5:39:12 | SSA variable event_id |
|
||||
| pymongo_test.py:39:27:39:33 | ControlFlowNode for request | pymongo_test.py:39:27:39:50 | ControlFlowNode for Subscript |
|
||||
| pymongo_test.py:39:27:39:50 | ControlFlowNode for Subscript | pymongo_test.py:39:16:39:51 | ControlFlowNode for Attribute() |
|
||||
nodes
|
||||
| flask_mongoengine_bad.py:1:26:1:32 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| flask_mongoengine_bad.py:1:26:1:32 | GSSA Variable request | semmle.label | GSSA Variable request |
|
||||
| flask_mongoengine_bad.py:19:5:19:17 | SSA variable unsafe_search | semmle.label | SSA variable unsafe_search |
|
||||
| flask_mongoengine_bad.py:19:21:19:27 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| flask_mongoengine_bad.py:19:21:19:32 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| flask_mongoengine_bad.py:19:21:19:42 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| flask_mongoengine_bad.py:20:5:20:15 | SSA variable json_search | semmle.label | SSA variable json_search |
|
||||
| flask_mongoengine_bad.py:20:19:20:43 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| flask_mongoengine_bad.py:20:30:20:42 | ControlFlowNode for unsafe_search | semmle.label | ControlFlowNode for unsafe_search |
|
||||
| flask_mongoengine_bad.py:22:34:22:44 | ControlFlowNode for json_search | semmle.label | ControlFlowNode for json_search |
|
||||
| flask_mongoengine_bad.py:26:5:26:17 | SSA variable unsafe_search | semmle.label | SSA variable unsafe_search |
|
||||
| flask_mongoengine_bad.py:26:21:26:27 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| flask_mongoengine_bad.py:26:21:26:32 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| flask_mongoengine_bad.py:26:21:26:42 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| flask_mongoengine_bad.py:27:5:27:15 | SSA variable json_search | semmle.label | SSA variable json_search |
|
||||
| flask_mongoengine_bad.py:27:19:27:43 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| flask_mongoengine_bad.py:27:30:27:42 | ControlFlowNode for unsafe_search | semmle.label | ControlFlowNode for unsafe_search |
|
||||
| flask_mongoengine_bad.py:30:39:30:59 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
| flask_pymongo_bad.py:1:26:1:32 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| flask_pymongo_bad.py:1:26:1:32 | GSSA Variable request | semmle.label | GSSA Variable request |
|
||||
| flask_pymongo_bad.py:11:5:11:17 | SSA variable unsafe_search | semmle.label | SSA variable unsafe_search |
|
||||
| flask_pymongo_bad.py:11:21:11:27 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| flask_pymongo_bad.py:11:21:11:32 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| flask_pymongo_bad.py:11:21:11:42 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| flask_pymongo_bad.py:12:5:12:15 | SSA variable json_search | semmle.label | SSA variable json_search |
|
||||
| flask_pymongo_bad.py:12:19:12:43 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| flask_pymongo_bad.py:12:30:12:42 | ControlFlowNode for unsafe_search | semmle.label | ControlFlowNode for unsafe_search |
|
||||
| flask_pymongo_bad.py:14:31:14:51 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
| mongoengine_bad.py:1:26:1:32 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| mongoengine_bad.py:1:26:1:32 | GSSA Variable request | semmle.label | GSSA Variable request |
|
||||
| mongoengine_bad.py:18:5:18:17 | SSA variable unsafe_search | semmle.label | SSA variable unsafe_search |
|
||||
| mongoengine_bad.py:18:21:18:27 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| mongoengine_bad.py:18:21:18:32 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| mongoengine_bad.py:18:21:18:42 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| mongoengine_bad.py:19:5:19:15 | SSA variable json_search | semmle.label | SSA variable json_search |
|
||||
| mongoengine_bad.py:19:19:19:43 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| mongoengine_bad.py:19:30:19:42 | ControlFlowNode for unsafe_search | semmle.label | ControlFlowNode for unsafe_search |
|
||||
| mongoengine_bad.py:22:26:22:46 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
| mongoengine_bad.py:26:5:26:17 | SSA variable unsafe_search | semmle.label | SSA variable unsafe_search |
|
||||
| mongoengine_bad.py:26:21:26:27 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| mongoengine_bad.py:26:21:26:32 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| mongoengine_bad.py:26:21:26:42 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| mongoengine_bad.py:27:5:27:15 | SSA variable json_search | semmle.label | SSA variable json_search |
|
||||
| mongoengine_bad.py:27:19:27:43 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| mongoengine_bad.py:27:30:27:42 | ControlFlowNode for unsafe_search | semmle.label | ControlFlowNode for unsafe_search |
|
||||
| mongoengine_bad.py:30:26:30:46 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
| mongoengine_bad.py:34:5:34:17 | SSA variable unsafe_search | semmle.label | SSA variable unsafe_search |
|
||||
| mongoengine_bad.py:34:21:34:27 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| mongoengine_bad.py:34:21:34:32 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| mongoengine_bad.py:34:21:34:42 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| mongoengine_bad.py:35:5:35:15 | SSA variable json_search | semmle.label | SSA variable json_search |
|
||||
| mongoengine_bad.py:35:19:35:43 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| mongoengine_bad.py:35:30:35:42 | ControlFlowNode for unsafe_search | semmle.label | ControlFlowNode for unsafe_search |
|
||||
| mongoengine_bad.py:38:26:38:46 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
| mongoengine_bad.py:42:5:42:17 | SSA variable unsafe_search | semmle.label | SSA variable unsafe_search |
|
||||
| mongoengine_bad.py:42:21:42:27 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| mongoengine_bad.py:42:21:42:32 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| mongoengine_bad.py:42:21:42:42 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| mongoengine_bad.py:43:5:43:15 | SSA variable json_search | semmle.label | SSA variable json_search |
|
||||
| mongoengine_bad.py:43:19:43:43 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| mongoengine_bad.py:43:30:43:42 | ControlFlowNode for unsafe_search | semmle.label | ControlFlowNode for unsafe_search |
|
||||
| mongoengine_bad.py:46:26:46:46 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
| mongoengine_bad.py:50:5:50:17 | SSA variable unsafe_search | semmle.label | SSA variable unsafe_search |
|
||||
| mongoengine_bad.py:50:21:50:27 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| mongoengine_bad.py:50:21:50:32 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| mongoengine_bad.py:50:21:50:42 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| mongoengine_bad.py:51:5:51:15 | SSA variable json_search | semmle.label | SSA variable json_search |
|
||||
| mongoengine_bad.py:51:19:51:43 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| mongoengine_bad.py:51:30:51:42 | ControlFlowNode for unsafe_search | semmle.label | ControlFlowNode for unsafe_search |
|
||||
| mongoengine_bad.py:53:34:53:44 | ControlFlowNode for json_search | semmle.label | ControlFlowNode for json_search |
|
||||
| mongoengine_bad.py:57:5:57:17 | SSA variable unsafe_search | semmle.label | SSA variable unsafe_search |
|
||||
| mongoengine_bad.py:57:21:57:27 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| mongoengine_bad.py:57:21:57:32 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| mongoengine_bad.py:57:21:57:42 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| mongoengine_bad.py:58:5:58:15 | SSA variable json_search | semmle.label | SSA variable json_search |
|
||||
| mongoengine_bad.py:58:19:58:43 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| mongoengine_bad.py:58:30:58:42 | ControlFlowNode for unsafe_search | semmle.label | ControlFlowNode for unsafe_search |
|
||||
| mongoengine_bad.py:61:29:61:49 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
| pymongo_test.py:1:26:1:32 | ControlFlowNode for ImportMember | semmle.label | ControlFlowNode for ImportMember |
|
||||
| pymongo_test.py:1:26:1:32 | GSSA Variable request | semmle.label | GSSA Variable request |
|
||||
| pymongo_test.py:12:5:12:17 | SSA variable unsafe_search | semmle.label | SSA variable unsafe_search |
|
||||
| pymongo_test.py:12:21:12:27 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| pymongo_test.py:12:21:12:32 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| pymongo_test.py:12:21:12:42 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| pymongo_test.py:13:5:13:15 | SSA variable json_search | semmle.label | SSA variable json_search |
|
||||
| pymongo_test.py:13:19:13:43 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| pymongo_test.py:13:30:13:42 | ControlFlowNode for unsafe_search | semmle.label | ControlFlowNode for unsafe_search |
|
||||
| pymongo_test.py:15:42:15:62 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
| pymongo_test.py:29:5:29:12 | SSA variable event_id | semmle.label | SSA variable event_id |
|
||||
| pymongo_test.py:29:16:29:51 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| pymongo_test.py:29:27:29:33 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| pymongo_test.py:29:27:29:38 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| pymongo_test.py:29:27:29:50 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| pymongo_test.py:33:34:33:73 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
| pymongo_test.py:39:5:39:12 | SSA variable event_id | semmle.label | SSA variable event_id |
|
||||
| pymongo_test.py:39:16:39:51 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| pymongo_test.py:39:27:39:33 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
|
||||
| pymongo_test.py:39:27:39:38 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
|
||||
| pymongo_test.py:39:27:39:50 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
|
||||
| pymongo_test.py:43:34:43:73 | ControlFlowNode for Dict | semmle.label | ControlFlowNode for Dict |
|
||||
subpaths
|
||||
|
||||
Reference in New Issue
Block a user