Python: Fix API::moduleImport("foo.bar")

python/ql/src/experimental/Security/CWE-285/PamAuthorization.ql

@@ -16,7 +16,7 @@ import semmle.python.dataflow.new.TaintTracking
 
 API::Node libPam() {
   exists(API::CallNode findLibCall, API::CallNode cdllCall |
-    findLibCall = API::moduleImport("ctypes.util").getMember("find_library").getACall() and
+    findLibCall = API::moduleImport("ctypes").getMember("util").getMember("find_library").getACall() and
     findLibCall.getParameter(0).getAValueReachingRhs().asExpr().(StrConst).getText() = "pam" and
     cdllCall = API::moduleImport("ctypes").getMember("CDLL").getACall() and
     cdllCall.getParameter(0).getAValueReachingRhs() = findLibCall

python/ql/src/experimental/semmle/python/frameworks/NoSQL.qll

@@ -210,10 +210,13 @@ private module NoSql {
    */
   private class BsonObjectIdCall extends DataFlow::CallCfgNode, NoSqlSanitizer::Range {
     BsonObjectIdCall() {
-      this =
-        API::moduleImport(["bson", "bson.objectid", "bson.json_util"])
-            .getMember("ObjectId")
-            .getACall()
+      exists(API::Node mod |
+        mod = API::moduleImport("bson")
+        or
+        mod = API::moduleImport("bson").getMember(["objectid", "json_util"])
+      |
+        this = mod.getMember("ObjectId").getACall()
+      )
     }
 
     override DataFlow::Node getAnInput() { result = this.getArg(0) }