Python: PathCheck StartswithCall

Should this use `Value::named`?
2025-12-20 10:46:30 +01:00 · 2020-10-22 11:34:07 +02:00
parent 6e361c7793
commit 391925532d
1 changed files with 9 additions and 0 deletions
--- a/python/ql/src/experimental/semmle/python/frameworks/Stdlib.qll
+++ b/python/ql/src/experimental/semmle/python/frameworks/Stdlib.qll
@@ -734,3 +734,12 @@ private class OpenCall extends FileSystemAccess::Range, DataFlow::CfgNode {
    result.asCfgNode() in [node.getArg(0), node.getArgByName("file")]
  }
 }
+
+private class StartswithCall extends PathCheck::Range {
+  StartswithCall() { this.(CallNode).getFunction().(AttrNode).getName() = "startswith" }
+
+  override predicate checks(ControlFlowNode node, boolean branch) {
+    node = this.(CallNode).getFunction().(AttrNode).getObject() and
+    branch = true
+  }
+}