Apply suggestions from code review

yoff · RasmusWL · web-flow · commit 433a36225b74 · 2020-10-12T15:26:53.000+02:00
Co-authored-by: Rasmus Wriedt Larsen &lt;rasmuswriedtlarsen@gmail.com&gt;
diff --git a/python/ql/src/experimental/Security-new-dataflow/CWE-502/UnsafeDeserialization.ql b/python/ql/src/experimental/Security-new-dataflow/CWE-502/UnsafeDeserialization.ql
@@ -19,7 +19,7 @@ import experimental.dataflow.RemoteFlowSources
 import DataFlow::PathGraph
 
 class UnsafeDeserializationConfiguration extends TaintTracking::Configuration {
-  UnsafeDeserializationConfiguration() { this = "Unsafe deserialization configuration" }
+  UnsafeDeserializationConfiguration() { this = "UnsafeDeserializationConfiguration" }
 
   override predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource }
 
diff --git a/python/ql/src/experimental/semmle/python/frameworks/Marshal.qll b/python/ql/src/experimental/semmle/python/frameworks/Marshal.qll
@@ -9,7 +9,7 @@ private import experimental.semmle.python.Concepts
 
 private module Marshal {
   /** Gets a reference to the `marshal` module. */
-  DataFlow::Node marshal(DataFlow::TypeTracker t) {
+  private DataFlow::Node marshal(DataFlow::TypeTracker t) {
     t.start() and
     result = DataFlow::importModule("marshal")
     or
@@ -38,7 +38,7 @@ private module Marshal {
 
 /**
  * A call to `marshal.loads`
- * See https://docs.python.org/2/library/marshal.html#marshal.load
+ * See https://docs.python.org/3/library/marshal.html#marshal.loads
  */
 private class MarshalDeserialization extends DeserializationSink::Range {
   MarshalDeserialization() {
