From c485e313145992cbe6f4148a1b4674eaaa93305d Mon Sep 17 00:00:00 2001
From: Taus <tausbn@github.com>
Date: Fri, 13 Oct 2023 12:17:45 +0000
Subject: [PATCH] Python: Model `kombu.serialization`

More `pickle` wrappers.
---
 python/ql/lib/semmle/python/frameworks/Stdlib.qll | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/python/ql/lib/semmle/python/frameworks/Stdlib.qll b/python/ql/lib/semmle/python/frameworks/Stdlib.qll
index 2fe8190f1d8..b9a6fe806ab 100644
--- a/python/ql/lib/semmle/python/frameworks/Stdlib.qll
+++ b/python/ql/lib/semmle/python/frameworks/Stdlib.qll
@@ -1298,14 +1298,21 @@ module StdlibPrivate {
   // pickle
   // ---------------------------------------------------------------------------
   /** Gets a reference to any of the `pickle` modules. */
-  API::Node pickle() { result = API::moduleImport(["pickle", "cPickle", "_pickle", "cloudpickle"]) }
+  API::Node pickle() {
+    result = API::moduleImport(["pickle", "cPickle", "_pickle", "cloudpickle"]) or
+    result = API::moduleImport("kombu").getMember("serialization").getMember("pickle")
+  }
 
   /**
    * A call to `pickle.load`
    * See https://docs.python.org/3/library/pickle.html#pickle.load
    */
   private class PickleLoadCall extends Decoding::Range, DataFlow::CallCfgNode {
-    PickleLoadCall() { this = pickle().getMember("load").getACall() }
+    PickleLoadCall() {
+      this = pickle().getMember("load").getACall() or
+      this =
+        API::moduleImport("kombu").getMember("serialization").getMember("pickle_load").getACall()
+    }
 
     override predicate mayExecuteInput() { any() }