python: No fieldFlowBranchLimit for SummarizedCallables

Like https://github.com/github/codeql/pull/15689 for Ruby.
2026-04-25 08:45:14 +02:00 · 2024-03-18 10:29:36 +01:00
parent 45c65b48aa
commit 2a0c451d2d
2 changed files with 3 additions and 1 deletions
--- a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImplSpecific.qll
+++ b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImplSpecific.qll
@@ -22,4 +22,6 @@ module PythonDataFlow implements InputSig {
  predicate neverSkipInPathGraph = Private::neverSkipInPathGraph/1;

  Node exprNode(DataFlowExpr e) { result = Public::exprNode(e) }
+
+  predicate ignoreFieldFlowBranchLimit(DataFlowCallable c) { exists(c.asLibraryCallable()) }
 }
--- a/python/ql/test/experimental/dataflow/summaries/conflicting_summaries.py
+++ b/python/ql/test/experimental/dataflow/summaries/conflicting_summaries.py
@@ -7,7 +7,7 @@ from extracted_package.functions import with_subpath, without_subpath
 # can be concluded from its definition. This seems to discard all summaries, including
 # the one with flow to `ReturnValue.Attribute[pattern]`.
 ensure_tainted(
-    with_subpath(ts).pattern,  # $ MISSING: tainted
+    with_subpath(ts).pattern,  # $ tainted
    with_subpath(ts),  # $ tainted
    with_subpath(ts),  # $ tainted
 )