mirror of
https://github.com/github/codeql.git
synced 2025-12-20 02:44:30 +01:00
3e7dc12246
The meat of this PR is described in the new python/ql/test/experimental/meta/InlineTaintTest.qll file: > Defines a InlineExpectationsTest for checking whether any arguments in > `ensure_tainted` and `ensure_not_tainted` calls are tainted. > > Also defines query predicates to ensure that: > - if any arguments to `ensure_not_tainted` are tainted, their annotation is marked with `SPURIOUS`. > - if any arguments to `ensure_tainted` are not tainted, their annotation is marked with `MISSING`. > > The functionality of this module is tested in `ql/test/experimental/meta/inline-taint-test-demo`.
9 lines
278 B
Plaintext
9 lines
278 B
Plaintext
import experimental.meta.InlineTaintTest
|
|
import semmle.python.dataflow.new.BarrierGuards
|
|
|
|
class CustomSanitizerOverrides extends TestTaintTrackingConfiguration {
|
|
override predicate isSanitizerGuard(DataFlow::BarrierGuard guard) {
|
|
guard instanceof StringConstCompare
|
|
}
|
|
}
|