hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-29 18:55:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Rename predicate to getQuery

Browse Source
This commit is contained in:
thank_you
2021-04-20 08:47:37 -04:00
parent 5d25a27d62
commit bbd3552392
3 changed files with 7 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
python/ql/src/experimental/semmle/python/Concepts.qll
View File

@@ -16,7 +16,7 @@ private import experimental.semmle.python.Frameworks
module NoSQLQuery {
abstract class Range extends DataFlow::Node {
abstract DataFlow::Node getQueryNode();
abstract DataFlow::Node getQuery();
}
}
@@ -25,7 +25,7 @@ class NoSQLQuery extends DataFlow::Node {
NoSQLQuery() { this = range }
DataFlow::Node getQueryNode() { result = range.getQueryNode() }
DataFlow::Node getQuery() { result = range.getQuery() }
}
module NoSQLSanitizer {

8
python/ql/src/experimental/semmle/python/frameworks/Stdlib.qll
View File

@@ -32,7 +32,7 @@ private module NoSQL {
.getACall()
}
override DataFlow::Node getQueryNode() { result = this.getArg(0) }
override DataFlow::Node getQuery() { result = this.getArg(0) }
}
private class PyMongoFlaskMethods extends string {
@@ -50,7 +50,7 @@ private module NoSQL {
.getACall()
}
override DataFlow::Node getQueryNode() { result = this.getArg(0) }
override DataFlow::Node getQuery() { result = this.getArg(0) }
}
private class MongoEngineObjectsCall extends DataFlow::CallCfgNode, NoSQLQuery::Range {
@@ -63,7 +63,7 @@ private module NoSQL {
.getACall()
}
override DataFlow::Node getQueryNode() { result = this.getArgByName(any(string name)) }
override DataFlow::Node getQuery() { result = this.getArgByName(any(string name)) }
}
private class MongoEngineObjectsFlaskCall extends DataFlow::CallCfgNode, NoSQLQuery::Range {
@@ -78,7 +78,7 @@ private module NoSQL {
.getACall()
}
override DataFlow::Node getQueryNode() { result = this.getArgByName(any(string name)) }
override DataFlow::Node getQuery() { result = this.getArgByName(any(string name)) }
}
private class MongoSanitizerCall extends DataFlow::CallCfgNode, NoSQLSanitizer::Range {

4
python/ql/src/experimental/semmle/python/security/injection/NoSQLInjection.qll
View File

@@ -51,9 +51,7 @@ class FromDataDictToSink extends TaintTracking2::Configuration {
override predicate isSource(DataFlow::Node source) { source instanceof DataToDictSink }
override predicate isSink(DataFlow::Node sink) {
sink = any(NoSQLQuery noSQLQuery).getQueryNode()
}
override predicate isSink(DataFlow::Node sink) { sink = any(NoSQLQuery noSQLQuery).getQuery() }
override predicate isSanitizer(DataFlow::Node sanitizer) {
sanitizer = any(NoSQLSanitizer noSQLSanitizer).getSanitizerNode()