Update python/ql/src/experimental/semmle/python/security/injection/CsvInjection.qll

haby0 · yoff · web-flow · commit 1e6893e23000 · 2022-03-30T22:54:30.000+08:00
Co-authored-by: yoff &lt;lerchedahl@gmail.com&gt;
diff --git a/python/ql/src/experimental/semmle/python/security/injection/CsvInjection.qll b/python/ql/src/experimental/semmle/python/security/injection/CsvInjection.qll
@@ -22,15 +22,15 @@ class CsvInjectionFlowConfig extends TaintTracking::Configuration {
 }
 
 private class StartsWithCheck extends DataFlow::BarrierGuard {
-  Attribute attr;
+  DataFlow::MethodCallNode mc;
 
   StartsWithCheck() {
-    this.(CallNode).getNode().getFunc() = attr and
-    attr.getName() = "startswith"
+    this = mc.asCfgNode() and
+    mc.calls(_, "startswith")
   }
 
   override predicate checks(ControlFlowNode node, boolean branch) {
-    node = attr.getObject().getAFlowNode() and
+    node = mc.getObject().asCfgNode() and
     branch = true
   }
 }

Original file line number	Diff line number	Diff line change
`@@ -22,15 +22,15 @@ class CsvInjectionFlowConfig extends TaintTracking::Configuration {`
`22`	`22`	`}`
`23`	`23`
`24`	`24`	`private class StartsWithCheck extends DataFlow::BarrierGuard {`
`25`		`- Attribute attr;`
	`25`	`+ DataFlow::MethodCallNode mc;`
`26`	`26`
`27`	`27`	`StartsWithCheck() {`
`28`		`- this.(CallNode).getNode().getFunc() = attr and`
`29`		`- attr.getName() = "startswith"`
	`28`	`+ this = mc.asCfgNode() and`
	`29`	`+ mc.calls(_, "startswith")`
`30`	`30`	`}`
`31`	`31`
`32`	`32`	`override predicate checks(ControlFlowNode node, boolean branch) {`
`33`		`- node = attr.getObject().getAFlowNode() and`
	`33`	`+ node = mc.getObject().asCfgNode() and`
`34`	`34`	`branch = true`
`35`	`35`	`}`
`36`	`36`	`}`