Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit b428945

Browse files
RasmusWLRasmusWL
committed
Django: Fix DjangoRouteHandler char-pred
Before it the class would contain _all_ functions xD
1 parent 78a3206 commit b428945

1 file changed

Lines changed: 2 additions & 2 deletions

File tree

python/ql/src/semmle/python/frameworks/Django.qll

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -2029,7 +2029,7 @@ private module Django {
20292029
DjangoViewClassDef() { this.getABase() = django::views::generic::View::subclassRef().asExpr() }
20302030

20312031
/** Gets a function that could handle incoming requests, if any. */
2032-
DjangoRouteHandler getARequestHandler() {
2032+
Function getARequestHandler() {
20332033
// TODO: This doesn't handle attribute assignment. Should be OK, but analysis is not as complete as with
20342034
// points-to and `.lookup`, which would handle `post = my_post_handler` inside class def
20352035
result = this.getAMethod() and
@@ -2076,7 +2076,7 @@ private module Django {
20762076
*/
20772077
private class DjangoRouteHandler extends Function {
20782078
DjangoRouteHandler() {
2079-
exists(djangoRouteHandlerFunctionTracker(this))
2079+
exists(DjangoRouteSetup route | route.getViewArg() = djangoRouteHandlerFunctionTracker(this))
20802080
or
20812081
any(DjangoViewClassDef vc).getARequestHandler() = this
20822082
}

0 commit comments

Comments
 (0)