hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-25 00:35:20 +02:00
Code Issues Packages Projects Releases Wiki Activity

Python: Move TarSlip to new dataflow API

Browse Source
This commit is contained in:
Rasmus Wriedt Larsen
2023-08-25 15:37:02 +02:00
parent e97032909a
commit d4e4e2d426
2 changed files with 19 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
python/ql/src/Security/CWE-022/TarSlip.ql
View File

@@ -14,9 +14,9 @@
import python
import semmle.python.security.dataflow.TarSlipQuery
import DataFlow::PathGraph
import TarSlipFlow::PathGraph
from Configuration config, DataFlow::PathNode source, DataFlow::PathNode sink
where config.hasFlowPath(source, sink)
from TarSlipFlow::PathNode source, TarSlipFlow::PathNode sink
where TarSlipFlow::flowPath(source, sink)
select sink.getNode(), source, sink, "This file extraction depends on a $@.", source.getNode(),
"potentially untrusted source"