Python: Update rest of tests to new dataflow lib

I had missed these originally, since I had just fixed the ones that were highlighted in the actions logs, thinking they had covered everything :(
2026-04-26 01:05:15 +02:00 · 2023-12-04 14:48:47 +01:00
parent 46531e653d
commit c952f6a648
18 changed files with 109 additions and 133 deletions
--- a/python/ql/src/meta/alerts/RemoteFlowSourcesReach.ql
+++ b/python/ql/src/meta/alerts/RemoteFlowSourcesReach.ql
@@ -16,15 +16,13 @@ private import semmle.python.dataflow.new.RemoteFlowSources
 private import meta.MetaMetrics
 private import semmle.python.dataflow.new.internal.PrintNode

-class RemoteFlowSourceReach extends TaintTracking::Configuration {
-  RemoteFlowSourceReach() { this = "RemoteFlowSourceReach" }
-
-  override predicate isSource(DataFlow::Node node) {
+module RemoteFlowSourceReachConfig implements DataFlow::ConfigSig {
+  predicate isSource(DataFlow::Node node) {
    node instanceof RemoteFlowSource and
    not node.getLocation().getFile() instanceof IgnoredFile
  }

-  override predicate isSink(DataFlow::Node node) {
+  predicate isSink(DataFlow::Node node) {
    not node.getLocation().getFile() instanceof IgnoredFile
    // We could try to reduce the number of sinks in this configuration, by only
    // allowing something that is on one end of a localFlowStep, readStep or storeStep,
@@ -37,6 +35,8 @@ class RemoteFlowSourceReach extends TaintTracking::Configuration {
  }
 }

-from RemoteFlowSourceReach cfg, DataFlow::Node reachable
-where cfg.hasFlow(_, reachable)
+module RemoteFlowSourceReachFlow = TaintTracking::Global<RemoteFlowSourceReachConfig>;
+
+from DataFlow::Node reachable
+where RemoteFlowSourceReachFlow::flow(_, reachable)
 select reachable, prettyNode(reachable)