diff --git a/python/ql/src/Security/CWE-020-ExternalAPIs/ExternalAPIs.qll b/python/ql/src/Security/CWE-020-ExternalAPIs/ExternalAPIs.qll index 94494f3ca9b..ae2c9c273f5 100644 --- a/python/ql/src/Security/CWE-020-ExternalAPIs/ExternalAPIs.qll +++ b/python/ql/src/Security/CWE-020-ExternalAPIs/ExternalAPIs.qll @@ -43,7 +43,12 @@ private class DefaultSafeExternalApi extends SafeExternalApi { } } -/** Gets a human readable representation of `node`. */ +/** + * Gets a human readable representation of `node`. + * + * Note that this is only defined for API nodes that are allowed as external APIs, + * so `None.json.dumps` will for example not be allowed. + */ string apiNodeToStringRepr(API::Node node) { node = API::builtin(result) or @@ -51,7 +56,8 @@ string apiNodeToStringRepr(API::Node node) { or exists(API::Node base, string basename | base.getDepth() < node.getDepth() and - basename = apiNodeToStringRepr(base) + basename = apiNodeToStringRepr(base) and + not base = API::builtin("None") | exists(string m | node = base.getMember(m) | result = basename + "." + m) or diff --git a/python/ql/test/query-tests/Security/CWE-020-ExternalAPIs/ExternalAPIsUsedWithUntrustedData.expected b/python/ql/test/query-tests/Security/CWE-020-ExternalAPIs/ExternalAPIsUsedWithUntrustedData.expected index 30220ea651d..a346aef9d22 100644 --- a/python/ql/test/query-tests/Security/CWE-020-ExternalAPIs/ExternalAPIsUsedWithUntrustedData.expected +++ b/python/ql/test/query-tests/Security/CWE-020-ExternalAPIs/ExternalAPIsUsedWithUntrustedData.expected @@ -1,5 +1,3 @@ -| None.json.dumps [position 0] | 1 | 1 | -| builtins.None.json.dumps [position 0] | 1 | 1 | | hmac.new [keyword msg] | 1 | 1 | | hmac.new [position 1] | 1 | 1 | | unknown.lib.func [keyword kw] | 2 | 1 | diff --git a/python/ql/test/query-tests/Security/CWE-020-ExternalAPIs/UntrustedDataToExternalAPI.expected b/python/ql/test/query-tests/Security/CWE-020-ExternalAPIs/UntrustedDataToExternalAPI.expected index 708054a8dab..bb6ffaab366 100644 --- a/python/ql/test/query-tests/Security/CWE-020-ExternalAPIs/UntrustedDataToExternalAPI.expected +++ b/python/ql/test/query-tests/Security/CWE-020-ExternalAPIs/UntrustedDataToExternalAPI.expected @@ -51,5 +51,3 @@ subpaths | test.py:36:13:36:16 | ControlFlowNode for data | test.py:5:26:5:32 | ControlFlowNode for ImportMember | test.py:36:13:36:16 | ControlFlowNode for data | Call to unknown.lib.func [keyword kw] with untrusted data from $@. | test.py:5:26:5:32 | ControlFlowNode for ImportMember | ControlFlowNode for ImportMember | | test.py:43:22:43:25 | ControlFlowNode for data | test.py:5:26:5:32 | ControlFlowNode for ImportMember | test.py:43:22:43:25 | ControlFlowNode for data | Call to unknown.lib.func [position 0] with untrusted data from $@. | test.py:5:26:5:32 | ControlFlowNode for ImportMember | ControlFlowNode for ImportMember | | test.py:44:25:44:28 | ControlFlowNode for data | test.py:5:26:5:32 | ControlFlowNode for ImportMember | test.py:44:25:44:28 | ControlFlowNode for data | Call to unknown.lib.func [keyword kw] with untrusted data from $@. | test.py:5:26:5:32 | ControlFlowNode for ImportMember | ControlFlowNode for ImportMember | -| test.py:50:32:50:34 | ControlFlowNode for arg | test.py:5:26:5:32 | ControlFlowNode for ImportMember | test.py:50:32:50:34 | ControlFlowNode for arg | Call to None.json.dumps [position 0] with untrusted data from $@. | test.py:5:26:5:32 | ControlFlowNode for ImportMember | ControlFlowNode for ImportMember | -| test.py:50:32:50:34 | ControlFlowNode for arg | test.py:5:26:5:32 | ControlFlowNode for ImportMember | test.py:50:32:50:34 | ControlFlowNode for arg | Call to builtins.None.json.dumps [position 0] with untrusted data from $@. | test.py:5:26:5:32 | ControlFlowNode for ImportMember | ControlFlowNode for ImportMember |