hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity

Make query alert refer to AST nodes rather than CFG nodes.

Browse Source
This commit is contained in:
Taus Brock-Nannestad
2019-02-26 15:56:37 +01:00
parent 504cb648d1
commit 7daaf77183
2 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
python/ql/src/Security/CWE-377/InsecureTemporaryFile.ql
View File

@@ -25,7 +25,7 @@ FunctionObject temporary_name_function(string mod, string function) {
result = any(ModuleObject m | m.getName() = mod).getAttribute(function)
}
from CallNode c, string mod, string function
from Call c, string mod, string function
where
temporary_name_function(mod, function).getACall() = c
temporary_name_function(mod, function).getACall().getNode() = c
select c, "Call to deprecated function $@.$@ may be insecure.", mod, function

6
python/ql/test/query-tests/Security/CWE-377/InsecureTemporaryFile.expected
View File

@@ -1,3 +1,3 @@
| InsecureTemporaryFile.py:5:16:5:23 | ControlFlowNode for mktemp() | Call to deprecated function $@.$@ may be insecure. | tempfile | mktemp |
| InsecureTemporaryFile.py:11:16:11:27 | ControlFlowNode for Attribute() | Call to deprecated function $@.$@ may be insecure. | os | tempnam |
| InsecureTemporaryFile.py:17:16:17:26 | ControlFlowNode for Attribute() | Call to deprecated function $@.$@ may be insecure. | os | tmpnam |
| InsecureTemporaryFile.py:5:16:5:23 | mktemp() | Call to deprecated function $@.$@ may be insecure. | tempfile | mktemp |
| InsecureTemporaryFile.py:11:16:11:27 | Attribute() | Call to deprecated function $@.$@ may be insecure. | os | tempnam |
| InsecureTemporaryFile.py:17:16:17:26 | Attribute() | Call to deprecated function $@.$@ may be insecure. | os | tmpnam |