hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 12:46:34 +01:00
Code Issues Packages Projects Releases Wiki Activity

Python: Use explicit keyword parameter

Browse Source
This commit is contained in:
Rasmus Wriedt Larsen
2023-10-23 16:44:54 +02:00
parent 46e44a0036
commit 60e7786b04
1 changed files with 7 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
python/ql/test/library-tests/frameworks/rest_framework/taint_test.py
View File

@@ -112,18 +112,19 @@ class MyClass(APIView):
# see https://www.django-rest-framework.org/api-guide/viewsets/
class MyModelViewSet(ModelViewSet):
def retrieve(self, request, *args, **kwargs): # $ requestHandler
def retrieve(self, request, routed_param): # $ requestHandler routedParameter=routed_param
ensure_tainted(
request, # $ tainted
request.GET, # $ tainted
request.GET.get("pk"), # $ tainted
request.data # $ tainted
)
ensure_tainted(
kwargs, # $ tainted
kwargs["pk"], # $ tainted
kwargs.get("pk"), # $ tainted
)
ensure_tainted(routed_param) # $ tainted
# same as for standard Django view
ensure_tainted(self.args, self.kwargs) # $ tainted
return Response("retrieve") # $ HttpResponse