Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit ed36ff1

Browse files
RasmusWLRasmusWL
committed
Python: ORM: Handle <Model>.objects.[<QuerySet>].update() 
1 parent fea46b6 commit ed36ff1

2 files changed

Lines changed: 10 additions & 1 deletion

File tree

python/ql/lib/semmle/python/frameworks/Django.qll

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -865,6 +865,15 @@ module PrivateDjango {
865865
)
866866
)
867867
or
868+
// attribute store in `<Model>.objects.[<QuerySet>].update()` -> synthetic
869+
// see https://docs.djangoproject.com/en/4.0/ref/models/querysets/#update
870+
exists(DataFlow::CallCfgNode call, API::Node modelClass, string fieldName |
871+
call = [manager(modelClass), querySet(modelClass)].getMember("update").getACall() and
872+
nodeFrom = call.getArgByName(fieldName) and
873+
c.(DataFlow::AttributeContent).getAttribute() = fieldName and
874+
nodeTo.(SyntheticDjangoOrmModelNode).getModelClass() = modelClass
875+
)
876+
or
868877
// synthetic -> method-call that returns collection of ORM models (all/filter/...)
869878
exists(API::Node modelClass |
870879
nodeFrom.(SyntheticDjangoOrmModelNode).getModelClass() = modelClass and

python/ql/test/library-tests/frameworks/django-orm/testapp/orm_tests.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -169,7 +169,7 @@ def test_save8_store():
169169

170170
def test_save8_load():
171171
obj = TestSave8.objects.first()
172-
SINK(obj.text) # $ MISSING: flow
172+
SINK(obj.text) # $ flow="SOURCE, l:-4 -> obj.text"
173173

174174
# --------------------------------------
175175
# .save() on foreign key field

0 commit comments

Comments
 (0)