hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 11:15:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Python: uncertainty is treated as a certificate :O

Browse Source
This commit is contained in:
Rasmus Wriedt Larsen
2022-06-22 09:59:17 +02:00
parent 2b892bc000
commit abdcfd55c3
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
python/ql/test/experimental/dataflow/sensitive-data/test.py
View File

@@ -56,6 +56,11 @@ getattr(foo, x) # $ SensitiveDataSource=password
def my_func(password): # $ SensitiveDataSource=password
print(password) # $ SensitiveUse=password
# FP where the `cert` in `uncertainty` makes us treat it like a certificate
# https://github.com/github/codeql/issues/9632
def my_other_func(uncertainty): # $ SPURIOUS: SensitiveDataSource=certificate
print(uncertainty) # $ SPURIOUS: SensitiveUse=certificate
password = some_function() # $ SensitiveDataSource=password
print(password) # $ SensitiveUse=password