Python: Enable taint when iterating over ExternalFileObject

RasmusWL · RasmusWL · commit 06edd076b639 · 2020-04-23T14:11:50.000+02:00
diff --git a/python/ql/src/semmle/python/security/strings/External.qll b/python/ql/src/semmle/python/security/strings/External.qll
@@ -195,6 +195,8 @@ class ExternalFileObject extends TaintKind {
         or
         name = "readlines" and result.(SequenceKind).getItem() = this.getValue()
     }
+
+    override TaintKind getTaintForIteration() { result = this.getValue() }
 }
 
 /**

Original file line number	Diff line number	Diff line change
`@@ -195,6 +195,8 @@ class ExternalFileObject extends TaintKind {`
`195`	`195`	`or`
`196`	`196`	`name = "readlines" and result.(SequenceKind).getItem() = this.getValue()`
`197`	`197`	`}`
	`198`	`+`
	`199`	`+ override TaintKind getTaintForIteration() { result = this.getValue() }`
`198`	`200`	`}`
`199`	`201`
`200`	`202`	`/**`