mirror of
https://github.com/github/codeql.git
synced 2025-12-21 03:06:31 +01:00
22 lines
683 B
Plaintext
22 lines
683 B
Plaintext
/**
|
|
* @kind path-problem
|
|
*/
|
|
|
|
import python
|
|
import semmle.python.dataflow.new.FlowSummary
|
|
import TestFlow::PathGraph
|
|
import semmle.python.dataflow.new.TaintTracking
|
|
import semmle.python.dataflow.new.internal.FlowSummaryImpl
|
|
import semmle.python.ApiGraphs
|
|
import experimental.dataflow.testTaintConfig
|
|
private import TestSummaries
|
|
|
|
query predicate invalidSpecComponent(SummarizedCallable sc, string s, string c) {
|
|
(sc.propagatesFlow(s, _, _) or sc.propagatesFlow(_, s, _)) and
|
|
Private::External::invalidSpecComponent(s, c)
|
|
}
|
|
|
|
from TestFlow::PathNode source, TestFlow::PathNode sink
|
|
where TestFlow::flowPath(source, sink)
|
|
select sink, source, sink, "$@", source, source.toString()
|