hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 19:26:31 +01:00
Code Issues Packages Projects Releases Wiki Activity

move the MaD sql-injection sink to SqlInjectionCustomizations.qll

Browse Source
This commit is contained in:
Erik Krogh Kristensen
2022-05-03 22:51:54 +02:00
parent 571fc3e73b
commit a812d4dd34
2 changed files with 7 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
python/ql/lib/semmle/python/Concepts.qll
View File

@@ -372,14 +372,6 @@ module SqlExecution {
/** Gets the argument that specifies the SQL statements to be executed. */ /** Gets the argument that specifies the SQL statements to be executed. */
abstract DataFlow::Node getSql(); abstract DataFlow::Node getSql();
} }
private import semmle.python.frameworks.data.ModelsAsData
private class DataAsSqlExecution extends Range {
DataAsSqlExecution() { this = ModelOutput::getASinkNode("sql-injection").getARhs() }
override DataFlow::Node getSql() { result = this }
}
} }
/** /**

7
python/ql/lib/semmle/python/security/dataflow/SqlInjectionCustomizations.qll
View File

@@ -60,4 +60,11 @@ module SqlInjection {
* A comparison with a constant string, considered as a sanitizer-guard. * A comparison with a constant string, considered as a sanitizer-guard.
*/ */
class StringConstCompareAsSanitizerGuard extends SanitizerGuard, StringConstCompare { } class StringConstCompareAsSanitizerGuard extends SanitizerGuard, StringConstCompare { }
private import semmle.python.frameworks.data.ModelsAsData
/** A sink for sql-injection from model data. */
private class DataAsSqlSink extends Sink {
DataAsSqlSink() { this = ModelOutput::getASinkNode("sql-injection").getARhs() }
}
} }