hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 01:33:15 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix OPT_X_TLS_ mandatory options

Browse Source
This commit is contained in:
jorgectf
2021-09-07 19:01:46 +02:00
parent ee98c0c587
commit b802d7903a
1 changed files with 1 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
python/ql/src/experimental/semmle/python/frameworks/LDAP.qll
View File

@@ -122,13 +122,11 @@ private module LDAP {
)
or
// ldap_connection.set_option(ldap.OPT_X_TLS_%s, True)
// ldap_connection.set_option(ldap.OPT_X_TLS_%s)
exists(DataFlow::CallCfgNode setOption |
setOption.getFunction().(DataFlow::AttrRead).getObject().getALocalSource() =
initialize and
setOption.getFunction().(DataFlow::AttrRead).getAttributeName() = "set_option" and
setOption.getArg(0) =
ldap().getMember("OPT_X_TLS_" + ["ALLOW", "TRY", "DEMAND", "HARD"]).getAUse() and
setOption.getArg(0) = ldap().getMember("OPT_X_TLS_" + ["DEMAND", "HARD"]).getAUse() and
not DataFlow::exprNode(any(False falseExpr))
.(DataFlow::LocalSourceNode)
.flowsTo(setOption.getArg(1))