Python: Remove usage of .getASuccessor() in XSLT.qll

RasmusWL · RasmusWL · commit 22ad8f717fc7 · 2020-06-25T12:07:45.000+02:00
diff --git a/python/ql/src/experimental/semmle/python/security/injection/XSLT.qll b/python/ql/src/experimental/semmle/python/security/injection/XSLT.qll
@@ -41,12 +41,7 @@ module XSLTInjection {
   }
 
   private predicate etreeXML(ControlFlowNode fromnode, CallNode tonode) {
-    exists(CallNode call, AttrNode atr |
-      atr = etree().getAReference().getASuccessor() and
-      // XML(text, parser=None, base_url=None)
-      atr.getName() = "XML" and
-      atr = call.getFunction()
-    |
+    exists(CallNode call | call.getFunction().(AttrNode).getObject("XML").pointsTo(etree()) |
       call.getArg(0) = fromnode and
       call = tonode
     )

Original file line number	Diff line number	Diff line change
`@@ -41,12 +41,7 @@ module XSLTInjection {`
`41`	`41`	`}`
`42`	`42`
`43`	`43`	`private predicate etreeXML(ControlFlowNode fromnode, CallNode tonode) {`
`44`		`- exists(CallNode call, AttrNode atr \|`
`45`		`- atr = etree().getAReference().getASuccessor() and`
`46`		`- // XML(text, parser=None, base_url=None)`
`47`		`- atr.getName() = "XML" and`
`48`		`- atr = call.getFunction()`
`49`		`- \|`
	`44`	`+ exists(CallNode call \| call.getFunction().(AttrNode).getObject("XML").pointsTo(etree()) \|`
`50`	`45`	`call.getArg(0) = fromnode and`
`51`	`46`	`call = tonode`
`52`	`47`	`)`