hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-21 15:05:56 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #5791 from tausbn/python-limit-absolute-imports

Browse Source 
Python: Limit absolute imports
This commit is contained in:
yoff
2021-04-28 16:22:08 +02:00
committed by GitHub
parent 310baab73f 4ae3a23089
commit 73521e22de
1 changed files with 8 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
python/ql/src/semmle/python/Module.qll
View File

@@ -212,8 +212,15 @@ private string moduleNameFromBase(Container file) {
private predicate transitively_imported_from_entry_point(File file) {
file.getExtension().matches("%py%") and
exists(File importer |
// Only consider files that are in the source archive
exists(importer.getRelativePath()) and
importer.getParent() = file.getParent() and
exists(ImportExpr i | i.getLocation().getFile() = importer and i.getName() = file.getStem())
exists(ImportExpr i |
i.getLocation().getFile() = importer and
i.getName() = file.getStem() and
// Disregard relative imports
i.getLevel() = 0
)
|
importer.isPossibleEntryPoint() or transitively_imported_from_entry_point(importer)
)