Skip to content

Commit 7d287f1

Browse files
committed
python: add concept for xpath execution
1 parent 103b576 commit 7d287f1

File tree

1 file changed

+47
-0
lines changed

1 file changed

+47
-0
lines changed

python/ql/lib/semmle/python/Concepts.qll

Lines changed: 47 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -449,6 +449,53 @@ module RegexExecution {
449449
}
450450
}
451451

452+
/**
453+
* A data-flow node that executes a xpath expression.
454+
*
455+
* Extend this class to refine existing API models. If you want to model new APIs,
456+
* extend `XPathExecution::Range` instead.
457+
*/
458+
class XPathExecution extends DataFlow::Node {
459+
XPathExecution::Range range;
460+
461+
XPathExecution() { this = range }
462+
463+
/** Gets the data flow node for the xpath expression being executed by this node. */
464+
DataFlow::Node getXPath() { result = range.getXPath() }
465+
466+
/** Gets a dataflow node for the tree in which the xpath is being evaluated. */
467+
DataFlow::Node getTree() { result = range.getTree() }
468+
469+
/**
470+
* Gets the name of this xpath expression execution, typically the name of an executing method.
471+
* This is used for nice alert messages and should include the module if possible.
472+
*/
473+
string getName() { result = range.getName() }
474+
}
475+
476+
/** Provides classes for modeling new regular-expression execution APIs. */
477+
module XPathExecution {
478+
/**
479+
* A data-flow node that executes a xpath expression.
480+
*
481+
* Extend this class to model new APIs. If you want to refine existing API models,
482+
* extend `XPathExecution` instead.
483+
*/
484+
abstract class Range extends DataFlow::Node {
485+
/** Gets the data flow node for the xpath expression being executed by this node. */
486+
abstract DataFlow::Node getXPath();
487+
488+
/** Gets a dataflow node for the tree in which the xpath is being evaluated. */
489+
abstract DataFlow::Node getTree();
490+
491+
/**
492+
* Gets the name of this xpath expression execution, typically the name of an executing method.
493+
* This is used for nice alert messages and should include the module if possible.
494+
*/
495+
abstract string getName();
496+
}
497+
}
498+
452499
/**
453500
* A data-flow node that escapes meta-characters, which could be used to prevent
454501
* injection attacks.

0 commit comments

Comments
 (0)