File tree Expand file tree Collapse file tree 1 file changed +2
-6
lines changed
python/ql/lib/semmle/python/frameworks Expand file tree Collapse file tree 1 file changed +2
-6
lines changed Original file line number Diff line number Diff line change @@ -584,7 +584,7 @@ module PrivateDjango {
584584 * - https://docs.djangoproject.com/en/3.1/ref/models/fields/#django.db.models.ImageField
585585 */
586586 module FileField {
587- /** Gets a reference to the `flask.views.View ` class or any subclass. */
587+ /** Gets a reference to the `django.db.models.FileField` or the `django.db.models.ImageField ` class or any subclass. */
588588 API:: Node subclassRef ( ) {
589589 exists ( string className | className in [ "FileField" , "ImageField" ] |
590590 // commonly used alias
@@ -2288,11 +2288,7 @@ module PrivateDjango {
22882288 exists ( DataFlow:: CallCfgNode call , DataFlow:: Node uploadToArg , Function func |
22892289 this .getParameter ( ) = func .getArg ( 1 ) and
22902290 call = django:: db:: models:: FileField:: subclassRef ( ) .getACall ( ) and
2291- (
2292- uploadToArg = call .getArg ( 2 )
2293- or
2294- uploadToArg = call .getArgByName ( "upload_to" )
2295- ) and
2291+ uploadToArg in [ call .getArg ( 2 ) , call .getArgByName ( "upload_to" ) ] and
22962292 uploadToArg = poorMansFunctionTracker ( func )
22972293 )
22982294 }
You can’t perform that action at this time.
0 commit comments