Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 3daec8e

Browse files
jorgectfjorgectf
committed
Enclose Sinks and ReMethods in a module
1 parent caaf543 commit 3daec8e

1 file changed

Lines changed: 24 additions & 22 deletions

File tree

python/ql/src/semmle/python/frameworks/Stdlib.qll

Lines changed: 24 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -868,30 +868,32 @@ private module Stdlib {
868868
// ---------------------------------------------------------------------------
869869
// re
870870
// ---------------------------------------------------------------------------
871-
/** List of re methods. */
872-
private class ReMethods extends string {
873-
ReMethods() { this in ["match", "fullmatch", "search", "split", "findall", "finditer"] }
874-
}
875-
876-
/** re.ReMethod(pattern, string) */
877-
private class DirectRegex extends DataFlow::Node {
878-
DirectRegex() {
879-
exists(ReMethods reMethod, DataFlow::CallCfgNode reCall |
880-
reCall = API::moduleImport("re").getMember(reMethod).getACall() and
881-
this = reCall.getArg(0)
882-
)
871+
private module Re {
872+
/** List of re methods. */
873+
private class ReMethods extends string {
874+
ReMethods() { this in ["match", "fullmatch", "search", "split", "findall", "finditer"] }
875+
}
876+
877+
/** re.ReMethod(pattern, string) */
878+
private class DirectRegex extends DataFlow::Node {
879+
DirectRegex() {
880+
exists(ReMethods reMethod, DataFlow::CallCfgNode reCall |
881+
reCall = API::moduleImport("re").getMember(reMethod).getACall() and
882+
this = reCall.getArg(0)
883+
)
884+
}
883885
}
884-
}
885886

886-
/** re.compile(pattern).ReMethod */
887-
class CompiledRegex extends DataFlow::Node {
888-
CompiledRegex() {
889-
exists(DataFlow::CallCfgNode patternCall, DataFlow::AttrRead reMethod |
890-
patternCall = API::moduleImport("re").getMember("compile").getACall() and
891-
patternCall = reMethod.getObject().getALocalSource() and
892-
reMethod.getAttributeName() instanceof ReMethods and
893-
this = patternCall.getArg(0)
894-
)
887+
/** re.compile(pattern).ReMethod */
888+
class CompiledRegex extends DataFlow::Node {
889+
CompiledRegex() {
890+
exists(DataFlow::CallCfgNode patternCall, DataFlow::AttrRead reMethod |
891+
patternCall = API::moduleImport("re").getMember("compile").getACall() and
892+
patternCall = reMethod.getObject().getALocalSource() and
893+
reMethod.getAttributeName() instanceof ReMethods and
894+
this = patternCall.getArg(0)
895+
)
896+
}
895897
}
896898
}
897899
}

0 commit comments

Comments
 (0)