hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-02 20:25:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Polished select statement

Browse Source
This commit is contained in:
jorgectf
2021-03-27 19:59:39 +01:00
parent f75110365f
commit 66ee67a781
1 changed files with 9 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
python/ql/src/experimental/Security/CWE-730/RegexInjection.ql
View File

@@ -16,10 +16,14 @@ import python
import experimental.semmle.python.security.injection.RegexInjection
import DataFlow::PathGraph
from RegexInjectionFlowConfig config, DataFlow::PathNode source, DataFlow::PathNode sink
where config.hasFlowPath(source, sink)
from
RegexInjectionFlowConfig config, DataFlow::PathNode source, DataFlow::PathNode sink,
RegexInjectionSink castedSink, Attribute methodAttribute
where
config.hasFlowPath(source, sink) and
castedSink = sink.getNode() and
methodAttribute = castedSink.getRegexMethod()
select sink.getNode(), source, sink,
"$@ regular expression is constructed from a $@ and executed by $@.", sink.getNode(), "This",
source.getNode(), "user-provided value", sink.getNode(),
sink.getNode().(RegexInjectionSink).getRegexModule() + "." +
sink.getNode().(RegexInjectionSink).getRegexMethod().getName()
source.getNode(), "user-provided value", methodAttribute,
castedSink.getRegexModule() + "." + methodAttribute.getName()