hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity

Python: require dict sinks be dangerous.

Browse Source
This commit is contained in:
Rasmus Lerchedahl Petersen
2023-09-29 13:45:23 +02:00
parent f3a01612e8
commit 97696680e6
1 changed files with 5 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
python/ql/lib/semmle/python/security/dataflow/NoSQLInjectionCustomizations.qll
View File

@@ -77,7 +77,11 @@ module NoSqlInjection {
/** A NoSQL query that is vulnerable to user controlled dictionaries. */ /** A NoSQL query that is vulnerable to user controlled dictionaries. */
class NoSqlExecutionAsDictSink extends DictSink { class NoSqlExecutionAsDictSink extends DictSink {
NoSqlExecutionAsDictSink() { this = any(NoSqlExecution noSqlExecution).getQuery() } NoSqlExecutionAsDictSink() {
exists(NoSqlExecution noSqlExecution | this = noSqlExecution.getQuery() |
noSqlExecution.interpretsDict()
)
}
} }
/** A JSON decoding converts a string to a dictionary. */ /** A JSON decoding converts a string to a dictionary. */