hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 02:44:30 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #5248 from tausbn/python-port-insecure-temporary-file

Browse Source 
Python: Port `py/insecure-temporary-file`
This commit is contained in:
Rasmus Wriedt Larsen
2021-02-23 21:37:59 +01:00
committed by GitHub
parent 91928fa098 b8ce5e969e
commit 358ade67e5
1 changed files with 4 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
python/ql/src/Security/CWE-377/InsecureTemporaryFile.ql
View File

@@ -11,8 +11,9 @@
*/
import python
import semmle.python.ApiGraphs
FunctionValue temporary_name_function(string mod, string function) {
API::Node temporary_name_function(string mod, string function) {
(
mod = "tempfile" and function = "mktemp"
or
@@ -23,9 +24,9 @@ FunctionValue temporary_name_function(string mod, string function) {
function = "tempnam"
)
) and
result = Module::named(mod).attr(function)
result = API::moduleImport(mod).getMember(function)
}
from Call c, string mod, string function
where temporary_name_function(mod, function).getACall().getNode() = c
where temporary_name_function(mod, function).getACall().asExpr() = c
select c, "Call to deprecated function " + mod + "." + function + " may be insecure."