hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 11:15:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Python: Port py/insecure-temporary-file

Browse Source
This commit is contained in:
Taus Brock-Nannestad
2021-02-23 20:02:22 +01:00
parent f65843a273
commit b8ce5e969e
1 changed files with 4 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
python/ql/src/Security/CWE-377/InsecureTemporaryFile.ql
View File

@@ -11,8 +11,9 @@
*/
import python
import semmle.python.ApiGraphs
FunctionValue temporary_name_function(string mod, string function) {
API::Node temporary_name_function(string mod, string function) {
(
mod = "tempfile" and function = "mktemp"
or
@@ -23,9 +24,9 @@ FunctionValue temporary_name_function(string mod, string function) {
function = "tempnam"
)
) and
result = Module::named(mod).attr(function)
result = API::moduleImport(mod).getMember(function)
}
from Call c, string mod, string function
where temporary_name_function(mod, function).getACall().getNode() = c
where temporary_name_function(mod, function).getACall().asExpr() = c
select c, "Call to deprecated function " + mod + "." + function + " may be insecure."