hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 09:43:15 +01:00
Code Issues Packages Projects Releases Wiki Activity

rename more acronyms

Browse Source
This commit is contained in:
erik-krogh
2022-08-24 12:59:07 +02:00
parent 06afe9c0f4
commit cc7a9ef97a
93 changed files with 693 additions and 451 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
python/ql/src/experimental/semmle/python/frameworks/Django.qll
View File

@@ -22,11 +22,14 @@ private module ExperimentalPrivateDjango {
module Request {
module HttpRequest {
class DjangoGETParameter extends DataFlow::Node, RemoteFlowSource::Range {
DjangoGETParameter() { this = request().getMember("GET").getMember("get").getACall() }
class DjangoGetParameter extends DataFlow::Node, RemoteFlowSource::Range {
DjangoGetParameter() { this = request().getMember("GET").getMember("get").getACall() }
override string getSourceType() { result = "django.http.request.GET.get" }
}
/** DEPRECATED: Alias for DjangoGetParameter */
deprecated class DjangoGETParameter = DjangoGetParameter;
}
}

12
python/ql/src/experimental/semmle/python/frameworks/LDAP.qll
View File

@@ -126,9 +126,9 @@ private module Ldap {
(
// ldap_connection.start_tls_s()
// see https://www.python-ldap.org/en/python-ldap-3.3.0/reference/ldap.html#ldap.LDAPObject.start_tls_s
exists(DataFlow::MethodCallNode startTLS |
startTLS.getObject().getALocalSource() = initialize and
startTLS.getMethodName() = "start_tls_s"
exists(DataFlow::MethodCallNode startTls |
startTls.getObject().getALocalSource() = initialize and
startTls.getMethodName() = "start_tls_s"
)
or
// ldap_connection.set_option(ldap.OPT_X_TLS_%s, True)
@@ -234,9 +234,9 @@ private module Ldap {
or
// ldap_connection.start_tls_s()
// see https://www.python-ldap.org/en/python-ldap-3.3.0/reference/ldap.html#ldap.LDAPObject.start_tls_s
exists(DataFlow::MethodCallNode startTLS |
startTLS.getMethodName() = "start_tls_s" and
startTLS.getObject().getALocalSource() = this
exists(DataFlow::MethodCallNode startTls |
startTls.getMethodName() = "start_tls_s" and
startTls.getObject().getALocalSource() = this
)
}

14
python/ql/src/experimental/semmle/python/libraries/SmtpLib.qll
View File

@@ -31,8 +31,8 @@ module SmtpLib {
* argument. Used because of the impossibility to get local source nodes from `_subparts`'
* `(List|Tuple)` elements.
*/
private class SMTPMessageConfig extends TaintTracking2::Configuration {
SMTPMessageConfig() { this = "SMTPMessageConfig" }
private class SmtpMessageConfig extends TaintTracking2::Configuration {
SmtpMessageConfig() { this = "SMTPMessageConfig" }
override predicate isSource(DataFlow::Node source) { source = mimeText(_) }
@@ -87,7 +87,7 @@ module SmtpLib {
sink =
[sendCall.getArg(2), sendCall.getArg(2).(DataFlow::MethodCallNode).getObject()]
.getALocalSource() and
any(SMTPMessageConfig a)
any(SmtpMessageConfig a)
.hasFlow(source, sink.(DataFlow::CallCfgNode).getArgByName("_subparts"))
or
// via .attach()
@@ -117,7 +117,7 @@ module SmtpLib {
* * `sub` would be `message["Subject"]` (`Subscript`)
* * `result` would be `"multipart test"`
*/
private DataFlow::Node getSMTPSubscriptByIndex(DataFlow::CallCfgNode sendCall, string index) {
private DataFlow::Node getSmtpSubscriptByIndex(DataFlow::CallCfgNode sendCall, string index) {
exists(DefinitionNode def, Subscript sub |
sub = def.getNode() and
DataFlow::exprNode(sub.getObject()).getALocalSource() =
@@ -163,15 +163,15 @@ module SmtpLib {
override DataFlow::Node getHtmlBody() { result = getSmtpMessage(this, "html") }
override DataFlow::Node getTo() {
result in [this.getArg(1), getSMTPSubscriptByIndex(this, "To")]
result in [this.getArg(1), getSmtpSubscriptByIndex(this, "To")]
}
override DataFlow::Node getFrom() {
result in [this.getArg(0), getSMTPSubscriptByIndex(this, "From")]
result in [this.getArg(0), getSmtpSubscriptByIndex(this, "From")]
}
override DataFlow::Node getSubject() {
result in [this.getArg(2), getSMTPSubscriptByIndex(this, "Subject")]
result in [this.getArg(2), getSmtpSubscriptByIndex(this, "Subject")]
}
}
}