mirror of
https://github.com/github/codeql.git
synced 2026-05-29 18:41:27 +02:00
0a9946121b
Migrate 27 queries under python/ql/src/ from legacy CFG types (CallNode/AttrNode/NameNode/etc.) to the shared-CFG-based 'Cfg::' namespace, matching the dataflow API surface introduced earlier on this branch. ModificationOfParameterWithDefaultCustomizations.qll is rewritten on top of BarrierGuard, removing the last legacy ESSA dependency in that file. UnguardedNextInGenerator.ql still uses ESSA and bridges to the new CFG via Cfg::CallNode.getNode(). Also reformat 14 library and query files that had drifted from the formatter. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
32 lines
955 B
Plaintext
32 lines
955 B
Plaintext
/**
|
|
* This query is meant to catch the flows from `CUSTOM_SOURCE` to `CUSTOM_SINK`.
|
|
*
|
|
* This should be compared to
|
|
* python/ql/test/library-tests/taint/dataflow/Dataflow.ql
|
|
* A first goal is to have identical results; after that we
|
|
* hope to remove the false positive.
|
|
*/
|
|
|
|
import python
|
|
private import semmle.python.controlflow.internal.Cfg as Cfg
|
|
import semmle.python.dataflow.new.DataFlow
|
|
|
|
module CustomTestConfig implements DataFlow::ConfigSig {
|
|
predicate isSource(DataFlow::Node node) {
|
|
node.asCfgNode().(Cfg::NameNode).getId() = "CUSTOM_SOURCE"
|
|
}
|
|
|
|
predicate isSink(DataFlow::Node node) {
|
|
exists(Cfg::CallNode call |
|
|
call.getFunction().(Cfg::NameNode).getId() in ["CUSTOM_SINK", "CUSTOM_SINK_F"] and
|
|
node.asCfgNode() = call.getAnArg()
|
|
)
|
|
}
|
|
}
|
|
|
|
module CustomTestFlow = DataFlow::Global<CustomTestConfig>;
|
|
|
|
from DataFlow::Node source, DataFlow::Node sink
|
|
where CustomTestFlow::flow(source, sink)
|
|
select source, sink
|