hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-03 04:39:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

Python taint-tracking: Don't track strings through json.decode().

Browse Source
This commit is contained in:
Mark Shannon
2019-06-03 15:53:36 +01:00
parent 6a79e0aaa7
commit fc2ac891f8
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
python/ql/src/semmle/python/security/strings/Basic.qll
View File

@@ -81,6 +81,7 @@ private predicate str_format(ControlFlowNode fromnode, CallNode tonode) {
/* tonode = codec.[en|de]code(fromnode)*/
private predicate encode_decode(ControlFlowNode fromnode, CallNode tonode) {
exists(FunctionObject func, string name |
not func.getFunction().isMethod() and
func.getACall() = tonode and
tonode.getAnArg() = fromnode and
func.getName() = name |