Python: Highlight how await taint-step works

RasmusWL · RasmusWL · commit 065075056b1a · 2021-09-02T15:45:59.000+02:00
diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/TaintTrackingPrivate.qll b/python/ql/lib/semmle/python/dataflow/new/internal/TaintTrackingPrivate.qll
@@ -205,7 +205,8 @@ predicate copyStep(DataFlow::CfgNode nodeFrom, DataFlow::CfgNode nodeTo) {
 }
 
 /**
- * Holds if taint can flow from `nodeFrom` to `nodeTo` with a step related `await`.
+ * Holds if taint can flow from `nodeFrom` to `nodeTo` with an `await`-step,
+ * such that the whole expression `await x` is tainted if `x` is tainted.
  */
 predicate awaitStep(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) {
   nodeTo.asExpr().(Await).getValue() = nodeFrom.asExpr()

Original file line number	Diff line number	Diff line change
`@@ -205,7 +205,8 @@ predicate copyStep(DataFlow::CfgNode nodeFrom, DataFlow::CfgNode nodeTo) {`
`205`	`205`	`}`
`206`	`206`
`207`	`207`	`/**`
`208`		- * Holds if taint can flow from `nodeFrom` to `nodeTo` with a step related `await`.
	`208`	+ * Holds if taint can flow from `nodeFrom` to `nodeTo` with an `await`-step,
	`209`	+ * such that the whole expression `await x` is tainted if `x` is tainted.
`209`	`210`	`*/`
`210`	`211`	`predicate awaitStep(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) {`
`211`	`212`	`nodeTo.asExpr().(Await).getValue() = nodeFrom.asExpr()`