hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-05 13:45:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

Python: Port py/stack-trace-exposure to use proper source/sink customization

Browse Source
This commit is contained in:
Rasmus Wriedt Larsen
2021-07-02 15:33:51 +02:00
parent 934007c811
commit 47f5c977cf
3 changed files with 91 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
python/ql/src/Security/CWE-209/StackTraceExposure.ql
View File

@@ -17,7 +17,7 @@ import python
import semmle.python.security.dataflow.StackTraceExposure
import DataFlow::PathGraph
from StackTraceExposureConfiguration config, DataFlow::PathNode source, DataFlow::PathNode sink
from StackTraceExposure::Configuration config, DataFlow::PathNode source, DataFlow::PathNode sink
where config.hasFlowPath(source, sink)
select sink.getNode(), source, sink, "$@ may be exposed to an external user", source.getNode(),
"Error information"