hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix a mistake :(

Browse Source
This commit is contained in:
amammad
2023-06-26 16:51:14 +10:00
parent b506b7d298
commit 8fccd65d34
1 changed files with 2 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
python/ql/src/experimental/Security/CWE-409/DecompressionBombs.ql
View File

@@ -502,8 +502,8 @@ module BombsConfig implements DataFlow::ConfigSig {
predicate isSink(DataFlow::Node sink) {
sink =
[
PyZipFile::isSink(), ZipFile::isSink(), Gzip::isSink(), Lzma::isSink(), Bz2::isSink(),
TarFile::isSink(), Shutil::isSink(), Pandas::isSink()
ZipFile::isSink(), Gzip::isSink(), Lzma::isSink(), Bz2::isSink(), TarFile::isSink(),
Shutil::isSink(), Pandas::isSink()
] and
exists(sink.getLocation().getFile().getRelativePath())
}
@@ -512,7 +512,6 @@ module BombsConfig implements DataFlow::ConfigSig {
(
isAdditionalTaintStepTextIOWrapper(nodeFrom, nodeTo) or
ZipFile::isAdditionalTaintStep(nodeFrom, nodeTo) or
PyZipFile::isAdditionalTaintStep(nodeFrom, nodeTo) or
TarFile::isAdditionalTaintStep(nodeFrom, nodeTo)
) and
exists(nodeTo.getLocation().getFile().getRelativePath())