Adress review comments: Add missing deprecation + additional test case

2026-04-26 17:25:19 +02:00 · 2024-09-23 10:55:29 +01:00
parent 7aa2816570
commit 48f9e0efe5
2 changed files with 10 additions and 2 deletions
--- a/python/ql/lib/semmle/python/security/dataflow/UrlRedirectCustomizations.qll
+++ b/python/ql/lib/semmle/python/security/dataflow/UrlRedirectCustomizations.qll
@@ -140,12 +140,15 @@ module UrlRedirect {
  }

  /**
-   * A comparison with a constant string, considered as a sanitizer-guard.
+   * A comparison with a constant, considered as a sanitizer-guard.
   */
-  class StringConstCompareAsSanitizerGuard extends Sanitizer, ConstCompareBarrier {
+  class ConstCompareAsSanitizerGuard extends Sanitizer, ConstCompareBarrier {
    override predicate sanitizes(FlowState state) {
      // sanitize all flow states
      any()
    }
  }
+
+  /** DEPRECATED: Use ConstCompareAsSanitizerGuard instead. */
+  deprecated class StringConstCompareAsSanitizerGuard = ConstCompareAsSanitizerGuard;
 }
--- a/python/ql/test/library-tests/dataflow/tainttracking/commonSanitizer/test_const_compare.py
+++ b/python/ql/test/library-tests/dataflow/tainttracking/commonSanitizer/test_const_compare.py
@@ -106,6 +106,11 @@ def test_in_list_with_constants():
    else:
        ensure_tainted(ts) # $ tainted

+    if ts in ["safe", not_constant(), None]:
+        ensure_tainted(ts)  # $ tainted
+
+def not_constant():
+    return "x"

 SAFE = ["safe", "also_safe"]