github
diff --git a/‎python/ql/src/semmle/python/security/TaintTracking.qll‎
Lines changed: 4 additions & 2 deletions b/‎python/ql/src/semmle/python/security/TaintTracking.qll‎
Lines changed: 4 additions & 2 deletions
diff --git a/‎python/ql/test/library-tests/taint/general/ModuleAttribute.expected‎
Lines changed: 1 addition & 2 deletions b/‎python/ql/test/library-tests/taint/general/ModuleAttribute.expected‎
Lines changed: 1 addition & 2 deletions
@@ -318,7 +318,7 @@ class DictKind extends CollectionKind {
         Implementation::copyCall(fromnode, tonode) and this = fromkind
         or
         tonode.(CallNode).getFunction().pointsTo(ObjectInternal::builtin("dict")) and
-        tonode.(CallNode).getArg(0) = fromnode
+        tonode.(CallNode).getArg(0) = fromnode and this = fromkind
         or
         dict_construct(fromnode, tonode) and this.getValue() = fromkind
     }
@@ -430,11 +430,13 @@ abstract class TaintSource extends @py_flow_node {
     final predicate flowsToSink(TaintKind srckind, TaintSink sink) {
         exists(TaintedNode src, TaintedNode tsink |
             src = this.getATaintNode() and
+            src.getTaintKind() = srckind and
             src.getASuccessor*() = tsink and
             this.isSourceOf(srckind, _) and
             sink = tsink.getCfgNode() and
             sink.sinks(tsink.getTaintKind()) and
-            tsink.getPath().noAttribute()
+            tsink.getPath().noAttribute() and
+            tsink.isSink()
         )
     }
 
 
@@ -1,4 +1,3 @@
 | Module deep | x | Taint simple.test |  | deep.py:20 |
 | Module module | dangerous | Taint simple.test |  | module.py:3 |
-| Module test | module | Attribute 'dangerous' taint simple.test |  | test.py:85 |
-| Module test | unsafe | Taint simple.test |  | test.py:155 |
+| Module test | unsafe | Taint simple.test |  | test.py:156 |