File tree Expand file tree Collapse file tree 1 file changed +7
-6
lines changed
python/ql/src/experimental/Security Expand file tree Collapse file tree 1 file changed +7
-6
lines changed Original file line number Diff line number Diff line change @@ -32,12 +32,13 @@ class UnsafeUnpackingConfig extends TaintTracking::Configuration {
3232 or
3333 // A source catching an S3 filename download
3434 // see boto3: https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/s3.html#S3.Client.download_file
35- exists ( MethodCallNode mcn , Node s3 , Node bc |
36- bc = API:: moduleImport ( "boto3" ) .getMember ( "client" ) .getACall ( ) and
37- bc = s3 .getALocalSource ( ) and
38- mcn .calls ( s3 , "download_file" ) and
39- source = mcn .getArg ( 2 )
40- )
35+ source =
36+ API:: moduleImport ( "boto3" )
37+ .getMember ( "client" )
38+ .getReturn ( )
39+ .getMember ( "download_file" )
40+ .getACall ( )
41+ .getArg ( 2 )
4142 or
4243 // A source download a file using wget
4344 // see wget: https://pypi.org/project/wget/
You can’t perform that action at this time.
0 commit comments