hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-29 02:35:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Python: Explicitly mention lack of transitive flow in asSource/asSink

Browse Source
This commit is contained in:
Asger F
2022-06-28 09:46:26 +02:00
parent 9b27a7cbcd
commit a033338d20
1 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
python/ql/lib/semmle/python/ApiGraphs.qll
View File

@@ -121,6 +121,9 @@ module API {
* obj.prop = x
* foo.bar(obj);
* ```
*
* This predicate does not include nodes transitively reaching the sink by data flow;
* use `getAValueReachingSink` for that.
*/
DataFlow::Node asSink() { Impl::rhs(this, result) }
@@ -146,6 +149,9 @@ module API {
* # API::moduleImport("re").getMember("escape").getReturn().asSource()
* re.escape()
* ```
*
* This predicate does not include nodes transitively reachable by data flow;
* use `getAValueReachableFromSource` for that.
*/
DataFlow::LocalSourceNode asSource() { Impl::use(this, result) }