hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity

Change False and None scopes

Browse Source
This commit is contained in:
jorgectf
2021-07-25 18:21:16 +02:00
parent c8a7f48d6e
commit 54ed25a925
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
python/ql/src/experimental/Security/CWE-614/InsecureCookie.ql
View File

@@ -15,7 +15,7 @@ import semmle.python.dataflow.new.DataFlow
import semmle.python.Concepts
import experimental.semmle.python.Concepts
from Expr cookieExpr, False f, None n
from Expr cookieExpr
where
exists(HeaderDeclaration headerWrite, StrConst headerName, StrConst headerValue |
headerName.getText() = "Set-Cookie" and
@@ -25,7 +25,7 @@ where
cookieExpr = headerWrite.asExpr()
)
or
exists(ExperimentalHTTP::CookieWrite cookieWrite |
exists(ExperimentalHTTP::CookieWrite cookieWrite, False f, None n |
[DataFlow::exprNode(f), DataFlow::exprNode(n)]
.(DataFlow::LocalSourceNode)
.flowsTo(cookieWrite.(DataFlow::CallCfgNode).getArgByName("secure")) and