Merge pull request #2248 from RasmusWL/python-sensitive-data-fewer-fp

Python: Limit what functions we treat as returning sensitive data

Author: tausbn

python/ql/src/semmle/python/security/SensitiveData.qll

@@ -112,12 +112,6 @@ module SensitiveData {
 
     private SensitiveData fromFunction(Value func) {
         result = HeuristicNames::getSensitiveDataForName(func.getName())
-        or
-        // This is particularly to pick up methods with an argument like "password", which
-        // may indicate a lookup.
-        exists(string name | name = func.(PythonFunctionValue).getScope().getAnArg().asName().getId() |
-            result = HeuristicNames::getSensitiveDataForName(name)
-        )
     }
 
     abstract class Source extends TaintSource {