forked from github/codeql
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathExecUsed.ql
More file actions
27 lines (23 loc) · 692 Bytes
/
ExecUsed.ql
File metadata and controls
27 lines (23 loc) · 692 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
/**
* @name 'exec' used
* @description The 'exec' statement or function is used which could cause arbitrary code to be executed.
* @kind problem
* @tags security
* correctness
* @problem.severity error
* @sub-severity high
* @precision low
* @id py/use-of-exec
*/
import python
string message() {
result = "The 'exec' statement is used." and major_version() = 2
or
result = "The 'exec' function is used." and major_version() = 3
}
predicate exec_function_call(Call c) {
exists(GlobalVariable exec | exec = c.getFunc().(Name).getVariable() and exec.getId() = "exec")
}
from AstNode exec
where exec_function_call(exec) or exec instanceof Exec
select exec, message()