hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 02:44:30 +01:00
Code Issues Packages Projects Releases Wiki Activity

Python: Fix taint handling of copy.deepcopy

Browse Source 
(test results didn't change)

Thanks @yoff 👍
This commit is contained in:
Rasmus Wriedt Larsen
2020-09-01 11:50:46 +02:00
parent e5a361c230
commit ddc55a18cf
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
python/ql/src/experimental/dataflow/internal/TaintTrackingPrivate.qll
View File

@@ -196,7 +196,7 @@ predicate copyStep(DataFlow::CfgNode nodeFrom, DataFlow::CfgNode nodeTo) {
(
call.getFunction().(NameNode).getId() in ["copy", "deepcopy"]
or
call.getFunction().(AttrNode).getObject("copy").(NameNode).getId() in ["copy", "deepcopy"]
call.getFunction().(AttrNode).getObject(["copy", "deepcopy"]).(NameNode).getId() = "copy"
) and
call.getArg(0) = nodeFrom.getNode()
)