hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-01 19:55:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'main' of github.com:github/codeql into python/support-match

Browse Source
This commit is contained in:
Rasmus Lerchedahl Petersen
2022-01-26 11:39:46 +01:00
parent 32cbeae05f 477f83cf9e
commit 47af3a69a5
635 changed files with 40719 additions and 11029 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
python/ql/test/experimental/dataflow/sensitive-data/test.py
View File

@@ -112,3 +112,16 @@ print(foo) # $ SensitiveUse=password
harmless = lambda: "bar"
bar = call_wrapper(harmless)
print(bar) # $ SPURIOUS: SensitiveUse=password
# ------------------------------------------------------------------------------
# cross-talk in dictionary.
# ------------------------------------------------------------------------------
from unknown_settings import password # $ SensitiveDataSource=password
print(password) # $ SensitiveUse=password
_config = {"sleep_timer": 5, "mysql_password": password}
# since we have taint-step from store of `password`, we will consider any item in the
# dictionary to be a password :(
print(_config["sleep_timer"]) # $ SPURIOUS: SensitiveUse=password