hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-02 20:25:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

python: remove superfluous configuration

Browse Source 
this also removes duplicated nodes and edges
in the path results
This commit is contained in:
Rasmus Lerchedahl Petersen
2022-02-08 11:34:11 +01:00
parent a9cfc60ea1
commit 103b5761f3
2 changed files with 3 additions and 49 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
python/ql/src/Security/CWE-643/XpathInjection.ql
View File

@@ -10,24 +10,10 @@
* external/cwe/cwe-643
*/
private import python
private import semmle.python.Concepts
private import semmle.python.dataflow.new.TaintTracking
private import semmle.python.Concepts
private import semmle.python.ApiGraphs
private import semmle.python.dataflow.new.RemoteFlowSources
private import semmle.python.dataflow.new.BarrierGuards
import semmle.python.security.dataflow.XpathInjection::XpathInjection
import python
import semmle.python.security.dataflow.XpathInjection
import DataFlow::PathGraph
class XpathInjectionConfiguration extends TaintTracking::Configuration {
XpathInjectionConfiguration() { this = "PathNotNormalizedConfiguration" }
override predicate isSource(DataFlow::Node source) { source instanceof Source }
override predicate isSink(DataFlow::Node sink) { sink instanceof Sink }
}
from XpathInjectionConfiguration config, DataFlow::PathNode source, DataFlow::PathNode sink
from XpathInjection::Configuration config, DataFlow::PathNode source, DataFlow::PathNode sink
where config.hasFlowPath(source, sink)
select sink, source, sink, "This Xpath query depends on $@.", source, "a user-provided value"