hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-05 21:55:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

Python: Minor SQLALchemy comment fixes

Browse Source
This commit is contained in:
Rasmus Wriedt Larsen
2021-09-22 13:58:29 +02:00
parent a66f83644b
commit 8badba26b8
2 changed files with 5 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
python/ql/test/library-tests/frameworks/sqlalchemy/new_tests.py
View File

@@ -202,8 +202,8 @@ assert query.all() == []
# - This would require a LOT of modeling for these additional taint steps, since there
# are many many constructs we would need to have models for. (see the 2 examples below)
#
# So instead we flag user-input to a TextClause with its' own query. And so we don't
# highlight any parts of an ORM constructed query such as these as containing SQL.
# So instead we extended the SQL injection query to include TextClause construction as a
# sink directly.
# `filter` provides more general filtering
# see https://docs.sqlalchemy.org/en/14/orm/tutorial.html#common-filter-operators