hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 11:15:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add Concepts

Browse Source
This commit is contained in:
jorgectf
2021-03-30 21:13:15 +02:00
parent 517a9202ce
commit aea7546cf9
1 changed files with 27 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
python/ql/src/experimental/semmle/python/Concepts.qll
View File

@@ -14,12 +14,30 @@ private import semmle.python.dataflow.new.RemoteFlowSources
private import semmle.python.dataflow.new.TaintTracking
private import experimental.semmle.python.Frameworks
/**
* To-Do:
*
* NoSQLExecution: Collects functions that execute nosql queries
* getNoSQLNode - get (Sink) argument holding the query
* NoSQLEscape: Collects functions that escape nosql queries
* getNoSQLEscapeNode - get argument holding the query to-sanitize
*/
module NoSQLExecution { }
module NoSQLQuery {
abstract class Range extends DataFlow::Node {
abstract DataFlow::Node getQueryNode();
}
}
class NoSQLQuery extends DataFlow::Node {
NoSQLQuery::Range range;
NoSQLQuery() { this = range }
DataFlow::Node getQueryNode() { result = range.getQueryNode() }
}
module NoSQLSanitizer {
abstract class Range extends DataFlow::Node {
abstract DataFlow::Node getSanitizerNode();
}
}
class NoSQLSanitizer extends DataFlow::Node {
NoSQLSanitizer::Range range;
NoSQLSanitizer() { this = range }
DataFlow::Node getSanitizerNode() { result = range.getSanitizerNode() }
}