hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-01 21:34:50 +01:00
Code Issues Packages Projects Releases Wiki Activity

Python: Improve API and representation of taint tracking nodes. Update queries and tests accordingly.

Browse Source
This commit is contained in:
Mark Shannon
2018-11-23 12:18:56 +00:00
parent c01db23f58
commit 61bd8682df
20 changed files with 190 additions and 152 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
python/ql/src/Security/CWE-078/CommandInjection.ql
View File

@@ -23,7 +23,6 @@ import semmle.python.web.HttpRequest
/* Sinks */
import semmle.python.security.injection.Command
from TaintedNode srcnode, TaintedNode sinknode, TaintSource src, TaintSink sink
where src.flowsToSink(sink) and srcnode.getNode() = src and sinknode.getNode() = sink
select sink, srcnode, sinknode, "This command depends on $@.", src, "a user-provided value"
from TaintedPathSource src, TaintedPathSink sink
where src.flowsTo(sink)
select sink.getSink(), src, sink, "This command depends on $@.", src.getSource(), "a user-provided value"