Skip to content

Commit 9916753

Browse files
haby0haby0
committed
Modify sinks
1 parent c60eded commit 9916753

File tree

1 file changed

+31
-5
lines changed
  • python/ql/src/experimental/semmle/python/frameworks

1 file changed

+31
-5
lines changed

python/ql/src/experimental/semmle/python/frameworks/Log.qll

Lines changed: 31 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,9 @@ private module log {
2020
* See https://docs.python.org/3/library/logging.html#logger-objects
2121
*/
2222
private class LogOutputMethods extends string {
23-
LogOutputMethods() { this in ["info", "error", "warn", "warning", "debug", "critical"] }
23+
LogOutputMethods() {
24+
this in ["info", "error", "warn", "warning", "debug", "critical", "exception", "log"]
25+
}
2426
}
2527

2628
/**
@@ -33,7 +35,13 @@ private module log {
3335
this = API::moduleImport("logging").getMember(any(LogOutputMethods m)).getACall()
3436
}
3537

36-
override DataFlow::Node getAnInput() { result = this.getArg(_) }
38+
override DataFlow::Node getAnInput() {
39+
this.getFunction().(DataFlow::AttrRead).getAttributeName() != "log" and
40+
result = this.getArg(0)
41+
or
42+
this.getFunction().(DataFlow::AttrRead).getAttributeName() = "log" and
43+
result = this.getArg(1)
44+
}
3745
}
3846

3947
/**
@@ -51,7 +59,13 @@ private module log {
5159
.getACall()
5260
}
5361

54-
override DataFlow::Node getAnInput() { result = this.getArg(_) }
62+
override DataFlow::Node getAnInput() {
63+
this.getFunction().(DataFlow::AttrRead).getAttributeName() != "log" and
64+
result = this.getArg(0)
65+
or
66+
this.getFunction().(DataFlow::AttrRead).getAttributeName() = "log" and
67+
result = this.getArg(1)
68+
}
5569
}
5670

5771
/**
@@ -68,7 +82,13 @@ private module log {
6882
.getACall()
6983
}
7084

71-
override DataFlow::Node getAnInput() { result = this.getArg(_) }
85+
override DataFlow::Node getAnInput() {
86+
this.getFunction().(DataFlow::AttrRead).getAttributeName() != "log" and
87+
result = this.getArg(0)
88+
or
89+
this.getFunction().(DataFlow::AttrRead).getAttributeName() = "log" and
90+
result = this.getArg(1)
91+
}
7292
}
7393

7494
/**
@@ -87,6 +107,12 @@ private module log {
87107
.getACall()
88108
}
89109

90-
override DataFlow::Node getAnInput() { result = this.getArg(_) }
110+
override DataFlow::Node getAnInput() {
111+
this.getFunction().(DataFlow::AttrRead).getAttributeName() != "log" and
112+
result = this.getArg(0)
113+
or
114+
this.getFunction().(DataFlow::AttrRead).getAttributeName() = "log" and
115+
result = this.getArg(1)
116+
}
91117
}
92118
}

0 commit comments

Comments
 (0)