Python: From an Argument to a Parameter #13590
-
I have a case where the call to function The code is in Python: obj1 = f1()
obj1.m(a) I noticed the source I want to write an additional taint step that links the Do you have any advice on how to handle such a case, please? |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 2 replies
-
If I wrote this simple python script and query and the result was found. Are you trying to do something different? class Obj:
def m(self, a):
print(a)
def f1():
return Obj()
a = 1
obj1 = f1()
obj1.m(a) import python
import semmle.python.dataflow.new.DataFlow
class SampleConfiguration extends DataFlow::Configuration {
SampleConfiguration() { this = "sample" }
override predicate isSource(DataFlow::Node source) {
source.asExpr() instanceof IntegerLiteral
}
override predicate isSink(DataFlow::Node sink) {
exists(Call print
| print.getFunc().pointsTo(Value::named("print"))
| print.getArg(0) = sink.asExpr())
}
}
from DataFlow::Node start, DataFlow::Node end, SampleConfiguration config
where config.hasFlow(start, end)
select start, end |
Beta Was this translation helpful? Give feedback.
If
f()
is a library defined in the current program (not in a third party library), then the dataflow should be connected. Can you share a query that you are writing as well as a snippet of code that should be working?I wrote this simple python script and query and the result was found. Are you trying to do something different?