hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 18:56:32 +01:00
Code Issues Packages Projects Releases Wiki Activity

Extend mayBeDangerous() QLDoc

Browse Source
This commit is contained in:
jorgectf
2021-10-16 09:57:28 +02:00
parent 15dfc6d1da
commit 5b66a15de3
1 changed files with 12 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
python/ql/src/experimental/semmle/python/Concepts.qll
View File

@@ -97,6 +97,9 @@ module XMLParsing {
/**
* Holds if the parser may be parsing the input dangerously.
*
* Specifically, this predicate holds whether the XML parsing parses/extends external
* entities in the parsed XML stream.
*/
abstract predicate mayBeDangerous();
}
@@ -115,6 +118,9 @@ class XMLParsing extends DataFlow::Node {
/**
* Gets the argument containing the content to parse.
*
* Specifically, this predicate holds whether the XML parsing parses/extends external
* entities in the parsed XML stream.
*/
DataFlow::Node getAnInput() { result = range.getAnInput() }
@@ -140,6 +146,9 @@ module XMLParser {
/**
* Holds if the parser may be dangerously configured.
*
* Specifically, this predicate holds whether the XML parser parses/extends external
* entities in the parsed XML stream.
*/
abstract predicate mayBeDangerous();
}
@@ -163,6 +172,9 @@ class XMLParser extends DataFlow::Node {
/**
* Holds if the parser may be dangerously configured.
*
* Specifically, this predicate holds whether the XML parser parses/extends external
* entities in the parsed XML stream.
*/
predicate mayBeDangerous() { range.mayBeDangerous() }
}