hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 19:26:31 +01:00
Code Issues Packages Projects Releases Wiki Activity

Python: require dict sinks be dangerous.

Browse Source
This commit is contained in:
Rasmus Lerchedahl Petersen
2023-09-29 13:45:23 +02:00
parent f3a01612e8
commit 97696680e6
1 changed files with 5 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
python/ql/lib/semmle/python/security/dataflow/NoSQLInjectionCustomizations.qll
View File

@@ -77,7 +77,11 @@ module NoSqlInjection {
/** A NoSQL query that is vulnerable to user controlled dictionaries. */
class NoSqlExecutionAsDictSink extends DictSink {
NoSqlExecutionAsDictSink() { this = any(NoSqlExecution noSqlExecution).getQuery() }
NoSqlExecutionAsDictSink() {
exists(NoSqlExecution noSqlExecution | this = noSqlExecution.getQuery() |
noSqlExecution.interpretsDict()
)
}
}
/** A JSON decoding converts a string to a dictionary. */