github
diff --git a/‎python/ql/test/experimental/query-tests/Security-new-dataflow/CWE-089/SqlInjection.expected‎
Lines changed: 0 additions & 16 deletions b/‎python/ql/test/experimental/query-tests/Security-new-dataflow/CWE-089/SqlInjection.expected‎
Lines changed: 0 additions & 16 deletions
diff --git a/‎python/ql/test/experimental/query-tests/Security-new-dataflow/CWE-089/SqlInjection.qlref‎
Lines changed: 0 additions & 1 deletion b/‎python/ql/test/experimental/query-tests/Security-new-dataflow/CWE-089/SqlInjection.qlref‎
Lines changed: 0 additions & 1 deletion
diff --git a/‎python/ql/test/experimental/query-tests/Security-new-dataflow/CWE-089/sql_injection.py‎
Lines changed: 0 additions & 40 deletions b/‎python/ql/test/experimental/query-tests/Security-new-dataflow/CWE-089/sql_injection.py‎
Lines changed: 0 additions & 40 deletions
diff --git a/‎python/ql/test/query-tests/Security/CWE-089/SqlInjection.expected‎
Lines changed: 14 additions & 20 deletions b/‎python/ql/test/query-tests/Security/CWE-089/SqlInjection.expected‎
Lines changed: 14 additions & 20 deletions
diff --git a/‎python/ql/test/query-tests/Security/CWE-089/options‎
Lines changed: 0 additions & 1 deletion b/‎python/ql/test/query-tests/Security/CWE-089/options‎
Lines changed: 0 additions & 1 deletion
diff --git a/‎python/ql/test/query-tests/Security/CWE-089/sql_injection.py‎
Lines changed: 6 additions & 6 deletions b/‎python/ql/test/query-tests/Security/CWE-089/sql_injection.py‎
Lines changed: 6 additions & 6 deletions
@@ -1,22 +1,16 @@
 edges
-| sql_injection.py:12:24:12:31 | externally controlled string | sql_injection.py:19:70:19:77 | externally controlled string |
-| sql_injection.py:12:24:12:31 | externally controlled string | sql_injection.py:19:70:19:77 | externally controlled string |
-| sql_injection.py:12:24:12:31 | externally controlled string | sql_injection.py:22:88:22:95 | externally controlled string |
-| sql_injection.py:12:24:12:31 | externally controlled string | sql_injection.py:22:88:22:95 | externally controlled string |
-| sql_injection.py:12:24:12:31 | externally controlled string | sql_injection.py:23:76:23:83 | externally controlled string |
-| sql_injection.py:12:24:12:31 | externally controlled string | sql_injection.py:23:76:23:83 | externally controlled string |
-| sql_injection.py:12:24:12:31 | externally controlled string | sql_injection.py:24:78:24:85 | externally controlled string |
-| sql_injection.py:12:24:12:31 | externally controlled string | sql_injection.py:24:78:24:85 | externally controlled string |
-| sql_injection.py:19:70:19:77 | externally controlled string | sql_injection.py:19:24:19:77 | externally controlled string |
-| sql_injection.py:19:70:19:77 | externally controlled string | sql_injection.py:19:24:19:77 | externally controlled string |
-| sql_injection.py:22:88:22:95 | externally controlled string | sql_injection.py:22:38:22:95 | externally controlled string |
-| sql_injection.py:22:88:22:95 | externally controlled string | sql_injection.py:22:38:22:95 | externally controlled string |
-| sql_injection.py:23:76:23:83 | externally controlled string | sql_injection.py:23:26:23:83 | externally controlled string |
-| sql_injection.py:23:76:23:83 | externally controlled string | sql_injection.py:23:26:23:83 | externally controlled string |
-| sql_injection.py:24:78:24:85 | externally controlled string | sql_injection.py:24:28:24:85 | externally controlled string |
-| sql_injection.py:24:78:24:85 | externally controlled string | sql_injection.py:24:28:24:85 | externally controlled string |
+| sql_injection.py:14:15:14:22 | SSA variable username | sql_injection.py:21:24:21:77 | ControlFlowNode for BinaryExpr |
+| sql_injection.py:14:15:14:22 | SSA variable username | sql_injection.py:24:38:24:95 | ControlFlowNode for BinaryExpr |
+| sql_injection.py:14:15:14:22 | SSA variable username | sql_injection.py:25:26:25:83 | ControlFlowNode for BinaryExpr |
+| sql_injection.py:14:15:14:22 | SSA variable username | sql_injection.py:26:28:26:85 | ControlFlowNode for BinaryExpr |
+nodes
+| sql_injection.py:14:15:14:22 | SSA variable username | semmle.label | SSA variable username |
+| sql_injection.py:21:24:21:77 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
+| sql_injection.py:24:38:24:95 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
+| sql_injection.py:25:26:25:83 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
+| sql_injection.py:26:28:26:85 | ControlFlowNode for BinaryExpr | semmle.label | ControlFlowNode for BinaryExpr |
 #select
-| sql_injection.py:19:24:19:77 | BinaryExpr | sql_injection.py:12:24:12:31 | externally controlled string | sql_injection.py:19:24:19:77 | externally controlled string | This SQL query depends on $@. | sql_injection.py:12:24:12:31 | username | a user-provided value |
-| sql_injection.py:22:38:22:95 | BinaryExpr | sql_injection.py:12:24:12:31 | externally controlled string | sql_injection.py:22:38:22:95 | externally controlled string | This SQL query depends on $@. | sql_injection.py:12:24:12:31 | username | a user-provided value |
-| sql_injection.py:23:26:23:83 | BinaryExpr | sql_injection.py:12:24:12:31 | externally controlled string | sql_injection.py:23:26:23:83 | externally controlled string | This SQL query depends on $@. | sql_injection.py:12:24:12:31 | username | a user-provided value |
-| sql_injection.py:24:28:24:85 | BinaryExpr | sql_injection.py:12:24:12:31 | externally controlled string | sql_injection.py:24:28:24:85 | externally controlled string | This SQL query depends on $@. | sql_injection.py:12:24:12:31 | username | a user-provided value |
+| sql_injection.py:21:24:21:77 | ControlFlowNode for BinaryExpr | sql_injection.py:14:15:14:22 | SSA variable username | sql_injection.py:21:24:21:77 | ControlFlowNode for BinaryExpr | This SQL query depends on $@. | sql_injection.py:14:15:14:22 | SSA variable username | a user-provided value |
+| sql_injection.py:24:38:24:95 | ControlFlowNode for BinaryExpr | sql_injection.py:14:15:14:22 | SSA variable username | sql_injection.py:24:38:24:95 | ControlFlowNode for BinaryExpr | This SQL query depends on $@. | sql_injection.py:14:15:14:22 | SSA variable username | a user-provided value |
+| sql_injection.py:25:26:25:83 | ControlFlowNode for BinaryExpr | sql_injection.py:14:15:14:22 | SSA variable username | sql_injection.py:25:26:25:83 | ControlFlowNode for BinaryExpr | This SQL query depends on $@. | sql_injection.py:14:15:14:22 | SSA variable username | a user-provided value |
+| sql_injection.py:26:28:26:85 | ControlFlowNode for BinaryExpr | sql_injection.py:14:15:14:22 | SSA variable username | sql_injection.py:26:28:26:85 | ControlFlowNode for BinaryExpr | This SQL query depends on $@. | sql_injection.py:14:15:14:22 | SSA variable username | a user-provided value |
@@ -1,15 +1,17 @@
-"""This is copied from ql/python/ql/test/library-tests/web/django/test.py
-and a only a slight extension of ql/python/ql/src/Security/CWE-089/examples/sql_injection.py
+"""This is adapted from ql/python/ql/test/query-tests\Security\CWE-089
+we now prefer to setup routing by flask
 """
 
-from django.conf.urls import url
 from django.db import connection, models
 from django.db.models.expressions import RawSQL
+from flask import Flask, request
+app = Flask(__name__)
 
 class User(models.Model):
     pass
 
-def show_user(request, username):
+@app.route("/users/<username>")
+def show_user(username):
     with connection.cursor() as cursor:
         # GOOD -- Using parameters
         cursor.execute("SELECT * FROM users WHERE username = %s", username)
@@ -36,5 +38,3 @@ def show_user(request, username):
         # When testing this out locally, none of the queries worked against SQLite3, but I could use
         # the SQL injection against MySQL.
         User.objects.raw("SELECT * FROM users WHERE username = '%s'", (username,))
-
-urlpatterns = [url(r'^users/(?P<username>[^/]+)$', show_user)]