Python: LdapInjection

Author: d10c

python/ql/lib/semmle/python/security/dataflow/LdapInjectionQuery.qll

@@ -20,17 +20,7 @@ private module LdapInjectionDnConfig implements DataFlow::ConfigSig {
 
   predicate isBarrier(DataFlow::Node node) { node instanceof DnSanitizer }
 
-  predicate observeDiffInformedIncrementalMode() {
-    any() // TODO: Make sure that the location overrides match the query's select clause: Column 1 does not select a source or sink originating from the flow call on line 21 (/Users/d10c/src/semmle-code/ql/python/ql/src/Security/CWE-090/LdapInjection.ql@26:8:26:21), Column 5 does not select a source or sink originating from the flow call on line 21 (/Users/d10c/src/semmle-code/ql/python/ql/src/Security/CWE-090/LdapInjection.ql@27:68:27:83)
-  }
-
-  Location getASelectedSourceLocation(DataFlow::Node source) {
-    none() // TODO: Make sure that this source location matches the query's select clause: Column 1 does not select a source or sink originating from the flow call on line 21 (/Users/d10c/src/semmle-code/ql/python/ql/src/Security/CWE-090/LdapInjection.ql@26:8:26:21), Column 5 does not select a source or sink originating from the flow call on line 21 (/Users/d10c/src/semmle-code/ql/python/ql/src/Security/CWE-090/LdapInjection.ql@27:68:27:83)
-  }
-
-  Location getASelectedSinkLocation(DataFlow::Node sink) {
-    none() // TODO: Make sure that this sink location matches the query's select clause: Column 1 does not select a source or sink originating from the flow call on line 21 (/Users/d10c/src/semmle-code/ql/python/ql/src/Security/CWE-090/LdapInjection.ql@26:8:26:21), Column 5 does not select a source or sink originating from the flow call on line 21 (/Users/d10c/src/semmle-code/ql/python/ql/src/Security/CWE-090/LdapInjection.ql@27:68:27:83)
-  }
+  predicate observeDiffInformedIncrementalMode() { any() }
 }
 
 /** Global taint-tracking for detecting "LDAP injection via the distinguished name (DN) parameter" vulnerabilities. */
@@ -43,17 +33,7 @@ private module LdapInjectionFilterConfig implements DataFlow::ConfigSig {
 
   predicate isBarrier(DataFlow::Node node) { node instanceof FilterSanitizer }
 
-  predicate observeDiffInformedIncrementalMode() {
-    any() // TODO: Make sure that the location overrides match the query's select clause: Column 1 does not select a source or sink originating from the flow call on line 24 (/Users/d10c/src/semmle-code/ql/python/ql/src/Security/CWE-090/LdapInjection.ql@26:8:26:21), Column 5 does not select a source or sink originating from the flow call on line 24 (/Users/d10c/src/semmle-code/ql/python/ql/src/Security/CWE-090/LdapInjection.ql@27:68:27:83)
-  }
-
-  Location getASelectedSourceLocation(DataFlow::Node source) {
-    none() // TODO: Make sure that this source location matches the query's select clause: Column 1 does not select a source or sink originating from the flow call on line 24 (/Users/d10c/src/semmle-code/ql/python/ql/src/Security/CWE-090/LdapInjection.ql@26:8:26:21), Column 5 does not select a source or sink originating from the flow call on line 24 (/Users/d10c/src/semmle-code/ql/python/ql/src/Security/CWE-090/LdapInjection.ql@27:68:27:83)
-  }
-
-  Location getASelectedSinkLocation(DataFlow::Node sink) {
-    none() // TODO: Make sure that this sink location matches the query's select clause: Column 1 does not select a source or sink originating from the flow call on line 24 (/Users/d10c/src/semmle-code/ql/python/ql/src/Security/CWE-090/LdapInjection.ql@26:8:26:21), Column 5 does not select a source or sink originating from the flow call on line 24 (/Users/d10c/src/semmle-code/ql/python/ql/src/Security/CWE-090/LdapInjection.ql@27:68:27:83)
-  }
+  predicate observeDiffInformedIncrementalMode() { any() }
 }
 
 /** Global taint-tracking for detecting "LDAP injection via the filter parameter" vulnerabilities. */