Skip to content

Commit 8df3dab

Browse files
committed
Python: Adjust .expected with subpaths
1 parent e472814 commit 8df3dab

1 file changed

Lines changed: 1 addition & 0 deletions

File tree

  • python/ql/test/experimental/query-tests/Security/CWE-611

python/ql/test/experimental/query-tests/Security/CWE-611/XXE.expected

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -70,6 +70,7 @@ nodes
7070
| xml_sax_make_parser.py:71:19:71:30 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
7171
| xml_sax_make_parser.py:71:19:71:45 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
7272
| xml_sax_make_parser.py:75:34:75:54 | ControlFlowNode for StringIO() | semmle.label | ControlFlowNode for StringIO() |
73+
subpaths
7374
#select
7475
| general.py:20:34:20:44 | ControlFlowNode for xml_content | general.py:18:19:18:25 | ControlFlowNode for request | general.py:20:34:20:44 | ControlFlowNode for xml_content | $@ XML input is constructed from a $@ and isn't secured against XML External Entities abuse | general.py:20:34:20:44 | ControlFlowNode for xml_content | This | general.py:18:19:18:25 | ControlFlowNode for request | user-provided value |
7576
| general.py:27:27:27:37 | ControlFlowNode for xml_content | general.py:25:19:25:25 | ControlFlowNode for request | general.py:27:27:27:37 | ControlFlowNode for xml_content | $@ XML input is constructed from a $@ and isn't secured against XML External Entities abuse | general.py:27:27:27:37 | ControlFlowNode for xml_content | This | general.py:25:19:25:25 | ControlFlowNode for request | user-provided value |

0 commit comments

Comments
 (0)