Skip to content

Commit 2f68b54

Browse files
committed
A simple download_file() call from maybe boto3
1 parent b194524 commit 2f68b54

File tree

1 file changed

+3
-0
lines changed

1 file changed

+3
-0
lines changed

python/ql/src/experimental/Security/CWE-022bis/UnsafeUnpack.ql

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -35,6 +35,9 @@ class UnsafeUnpackingConfig extends TaintTracking::Configuration {
3535
args.flowsTo(o) and
3636
source.(AttrRead).accesses(o, any(string s))
3737
)
38+
or
39+
// A source catching a S3 filename download
40+
exists(API::Node s3 | source = s3.getMember("download_file").getACall().getArg(2))
3841
}
3942

4043
override predicate isSink(DataFlow::Node sink) {

0 commit comments

Comments
 (0)