Python: migrate remaining query-side files to new Cfg::

yoff · Copilot · yoff · commit 350a68d65ec8 · 2026-05-26T16:47:42.000Z
Four library/query files still referenced the legacy Flow.qll `ControlFlowNode`
and friends, which no longer match the dataflow library's `Cfg::ControlFlowNode`:

- SubclassFinder.qll: type `value` as `Cfg::ControlFlowNode`.
- ExceptionInfo.qll: replace `EssaNodeDefinition.getDefiningNode()` filter
  with `Cfg::NameNode.defines(_)` (the legacy ESSA class isn't reachable
  through the new dataflow API at the query-pack layer).
- ServerSideRequestForgeryCustomizations.qll: qualify `BinaryExprNode` with
  `Cfg::` and update `stringRestriction` to take `Cfg::ControlFlowNode`.
- TarSlipCustomizations.qll: qualify `CallNode`/`AttrNode`/`NameNode` and
  the `tarFileInfoSanitizer` parameter with `Cfg::`.

The three reblessed `.expected` files are purely cosmetic toString churn
("ControlFlowNode for X" -&gt; "X", "After X"); verified set-equal after
normalising the toString prefixes.

Co-authored-by: Copilot &lt;223556219+Copilot@users.noreply.github.com&gt;
diff --git a/python/ql/lib/semmle/python/frameworks/internal/SubclassFinder.qll b/python/ql/lib/semmle/python/frameworks/internal/SubclassFinder.qll
@@ -11,6 +11,7 @@ private import semmle.python.dataflow.new.internal.ImportResolution
 private import semmle.python.ApiGraphs
 private import semmle.python.filters.Tests
 private import semmle.python.Module
+private import semmle.python.controlflow.internal.Cfg as Cfg
 
 // very much inspired by the draft at https://github.com/github/codeql/pull/5632
 module NotExposed {
@@ -206,7 +207,7 @@ module NotExposed {
     string relevantName, Location loc
   ) {
     loc = mod.getLocation() and
-    exists(API::Node relevantClass, ControlFlowNode value |
+    exists(API::Node relevantClass, Cfg::ControlFlowNode value |
       relevantClass = newOrExistingModeling(spec).getASubclass*() and
       ImportResolution::module_export(mod, relevantName, def) and
       value = relevantClass.getAValueReachableFromSource().asCfgNode() and
diff --git a/python/ql/lib/semmle/python/security/dataflow/ExceptionInfo.qll b/python/ql/lib/semmle/python/security/dataflow/ExceptionInfo.qll
@@ -3,6 +3,7 @@
 import python
 import semmle.python.dataflow.new.DataFlow
 private import semmle.python.ApiGraphs
+private import semmle.python.controlflow.internal.Cfg as Cfg
 
 /**
  * INTERNAL: Do not use.
@@ -29,7 +30,7 @@ private class TracebackFunctionCall extends ExceptionInfo, DataFlow::CallCfgNode
 private class CaughtException extends ExceptionInfo {
   CaughtException() {
     this.asExpr() = any(ExceptStmt s).getName() and
-    this.asCfgNode() = any(EssaNodeDefinition def).getDefiningNode()
+    this.asCfgNode().(Cfg::NameNode).defines(_)
   }
 }
 
diff --git a/python/ql/lib/semmle/python/security/dataflow/ServerSideRequestForgeryCustomizations.qll b/python/ql/lib/semmle/python/security/dataflow/ServerSideRequestForgeryCustomizations.qll
@@ -11,6 +11,7 @@ private import semmle.python.dataflow.new.RemoteFlowSources
 private import semmle.python.dataflow.new.BarrierGuards
 private import semmle.python.ApiGraphs
 private import semmle.python.frameworks.data.internal.ApiGraphModels
+private import semmle.python.controlflow.internal.Cfg as Cfg
 
 /**
  * Provides default sources, sinks and sanitizers for detecting
@@ -95,7 +96,7 @@ module ServerSideRequestForgery {
   class StringConstructionAsFullUrlControlSanitizer extends FullUrlControlSanitizer {
     StringConstructionAsFullUrlControlSanitizer() {
       // string concat
-      exists(BinaryExprNode add |
+      exists(Cfg::BinaryExprNode add |
         add.getOp() instanceof Add and
         add.getRight() = this.asCfgNode() and
         not add.getLeft().getNode().(StringLiteral).getText().toLowerCase() in [
@@ -104,7 +105,7 @@ module ServerSideRequestForgery {
       )
       or
       // % formatting
-      exists(BinaryExprNode fmt |
+      exists(Cfg::BinaryExprNode fmt |
         fmt.getOp() instanceof Mod and
         fmt.getRight() = this.asCfgNode() and
         // detecting %-formatting is not super easy, so we simplify it to only handle
@@ -155,7 +156,9 @@ module ServerSideRequestForgery {
     }
   }
 
-  private predicate stringRestriction(DataFlow::GuardNode g, ControlFlowNode node, boolean branch) {
+  private predicate stringRestriction(
+    DataFlow::GuardNode g, Cfg::ControlFlowNode node, boolean branch
+  ) {
     exists(DataFlow::MethodCallNode call, DataFlow::Node strNode |
       call.asCfgNode() = g and strNode.asCfgNode() = node
     |
diff --git a/python/ql/lib/semmle/python/security/dataflow/TarSlipCustomizations.qll b/python/ql/lib/semmle/python/security/dataflow/TarSlipCustomizations.qll
@@ -9,6 +9,7 @@ private import semmle.python.dataflow.new.DataFlow
 private import semmle.python.Concepts
 private import semmle.python.dataflow.new.BarrierGuards
 private import semmle.python.ApiGraphs
+private import semmle.python.controlflow.internal.Cfg as Cfg
 
 /**
  * Provides default sources, sinks and sanitizers for detecting
@@ -139,18 +140,18 @@ module TarSlip {
    * where `<check_path>` is any function matching `"%path"`.
    * `info` is assumed to be a `TarInfo` instance.
    */
-  predicate tarFileInfoSanitizer(DataFlow::GuardNode g, ControlFlowNode tarInfo, boolean branch) {
-    exists(CallNode call, AttrNode attr |
+  predicate tarFileInfoSanitizer(DataFlow::GuardNode g, Cfg::ControlFlowNode tarInfo, boolean branch) {
+    exists(Cfg::CallNode call, Cfg::AttrNode attr |
       g = call and
       // We must test the name of the tar info object.
       attr = call.getAnArg() and
       attr.getName() = "name" and
       attr.getObject() = tarInfo
     |
       // The assumption that any test that matches %path is a sanitizer might be too broad.
-      call.getAChild*().(AttrNode).getName().matches("%path")
+      call.getAChild*().(Cfg::AttrNode).getName().matches("%path")
       or
-      call.getAChild*().(NameNode).getId().matches("%path")
+      call.getAChild*().(Cfg::NameNode).getId().matches("%path")
     ) and
     branch = false
   }
diff --git a/python/ql/test/query-tests/Security/CWE-022-TarSlip/TarSlip.expected b/python/ql/test/query-tests/Security/CWE-022-TarSlip/TarSlip.expected
@@ -1,66 +1,66 @@
 edges
-| tarslip.py:14:1:14:3 | ControlFlowNode for tar | tarslip.py:15:1:15:3 | ControlFlowNode for tar | provenance |  |
-| tarslip.py:14:7:14:39 | ControlFlowNode for Attribute() | tarslip.py:14:1:14:3 | ControlFlowNode for tar | provenance |  |
-| tarslip.py:18:1:18:3 | ControlFlowNode for tar | tarslip.py:19:5:19:9 | ControlFlowNode for entry | provenance |  |
-| tarslip.py:18:7:18:39 | ControlFlowNode for Attribute() | tarslip.py:18:1:18:3 | ControlFlowNode for tar | provenance |  |
-| tarslip.py:19:5:19:9 | ControlFlowNode for entry | tarslip.py:20:17:20:21 | ControlFlowNode for entry | provenance |  |
-| tarslip.py:35:1:35:3 | ControlFlowNode for tar | tarslip.py:36:5:36:9 | ControlFlowNode for entry | provenance |  |
-| tarslip.py:35:7:35:39 | ControlFlowNode for Attribute() | tarslip.py:35:1:35:3 | ControlFlowNode for tar | provenance |  |
-| tarslip.py:36:5:36:9 | ControlFlowNode for entry | tarslip.py:39:17:39:21 | ControlFlowNode for entry | provenance |  |
-| tarslip.py:42:1:42:3 | ControlFlowNode for tar | tarslip.py:43:24:43:26 | ControlFlowNode for tar | provenance |  |
-| tarslip.py:42:7:42:39 | ControlFlowNode for Attribute() | tarslip.py:42:1:42:3 | ControlFlowNode for tar | provenance |  |
-| tarslip.py:58:1:58:3 | ControlFlowNode for tar | tarslip.py:59:5:59:9 | ControlFlowNode for entry | provenance |  |
-| tarslip.py:58:7:58:39 | ControlFlowNode for Attribute() | tarslip.py:58:1:58:3 | ControlFlowNode for tar | provenance |  |
-| tarslip.py:59:5:59:9 | ControlFlowNode for entry | tarslip.py:61:21:61:25 | ControlFlowNode for entry | provenance |  |
-| tarslip.py:90:1:90:3 | ControlFlowNode for tar | tarslip.py:91:1:91:3 | ControlFlowNode for tar | provenance |  |
-| tarslip.py:90:7:90:39 | ControlFlowNode for Attribute() | tarslip.py:90:1:90:3 | ControlFlowNode for tar | provenance |  |
-| tarslip.py:94:1:94:3 | ControlFlowNode for tar | tarslip.py:95:5:95:9 | ControlFlowNode for entry | provenance |  |
-| tarslip.py:94:7:94:39 | ControlFlowNode for Attribute() | tarslip.py:94:1:94:3 | ControlFlowNode for tar | provenance |  |
-| tarslip.py:95:5:95:9 | ControlFlowNode for entry | tarslip.py:96:17:96:21 | ControlFlowNode for entry | provenance |  |
-| tarslip.py:109:1:109:3 | ControlFlowNode for tar | tarslip.py:110:1:110:3 | ControlFlowNode for tar | provenance |  |
-| tarslip.py:109:7:109:39 | ControlFlowNode for Attribute() | tarslip.py:109:1:109:3 | ControlFlowNode for tar | provenance |  |
-| tarslip.py:112:1:112:3 | ControlFlowNode for tar | tarslip.py:113:24:113:26 | ControlFlowNode for tar | provenance |  |
-| tarslip.py:112:7:112:39 | ControlFlowNode for Attribute() | tarslip.py:112:1:112:3 | ControlFlowNode for tar | provenance |  |
+| tarslip.py:14:1:14:3 | tar | tarslip.py:15:1:15:3 | tar | provenance |  |
+| tarslip.py:14:7:14:39 | After Attribute() | tarslip.py:14:1:14:3 | tar | provenance |  |
+| tarslip.py:18:1:18:3 | tar | tarslip.py:19:5:19:9 | entry | provenance |  |
+| tarslip.py:18:7:18:39 | After Attribute() | tarslip.py:18:1:18:3 | tar | provenance |  |
+| tarslip.py:19:5:19:9 | entry | tarslip.py:20:17:20:21 | entry | provenance |  |
+| tarslip.py:35:1:35:3 | tar | tarslip.py:36:5:36:9 | entry | provenance |  |
+| tarslip.py:35:7:35:39 | After Attribute() | tarslip.py:35:1:35:3 | tar | provenance |  |
+| tarslip.py:36:5:36:9 | entry | tarslip.py:39:17:39:21 | entry | provenance |  |
+| tarslip.py:42:1:42:3 | tar | tarslip.py:43:24:43:26 | tar | provenance |  |
+| tarslip.py:42:7:42:39 | After Attribute() | tarslip.py:42:1:42:3 | tar | provenance |  |
+| tarslip.py:58:1:58:3 | tar | tarslip.py:59:5:59:9 | entry | provenance |  |
+| tarslip.py:58:7:58:39 | After Attribute() | tarslip.py:58:1:58:3 | tar | provenance |  |
+| tarslip.py:59:5:59:9 | entry | tarslip.py:61:21:61:25 | entry | provenance |  |
+| tarslip.py:90:1:90:3 | tar | tarslip.py:91:1:91:3 | tar | provenance |  |
+| tarslip.py:90:7:90:39 | After Attribute() | tarslip.py:90:1:90:3 | tar | provenance |  |
+| tarslip.py:94:1:94:3 | tar | tarslip.py:95:5:95:9 | entry | provenance |  |
+| tarslip.py:94:7:94:39 | After Attribute() | tarslip.py:94:1:94:3 | tar | provenance |  |
+| tarslip.py:95:5:95:9 | entry | tarslip.py:96:17:96:21 | entry | provenance |  |
+| tarslip.py:109:1:109:3 | tar | tarslip.py:110:1:110:3 | tar | provenance |  |
+| tarslip.py:109:7:109:39 | After Attribute() | tarslip.py:109:1:109:3 | tar | provenance |  |
+| tarslip.py:112:1:112:3 | tar | tarslip.py:113:24:113:26 | tar | provenance |  |
+| tarslip.py:112:7:112:39 | After Attribute() | tarslip.py:112:1:112:3 | tar | provenance |  |
 nodes
-| tarslip.py:14:1:14:3 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
-| tarslip.py:14:7:14:39 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
-| tarslip.py:15:1:15:3 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
-| tarslip.py:18:1:18:3 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
-| tarslip.py:18:7:18:39 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
-| tarslip.py:19:5:19:9 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry |
-| tarslip.py:20:17:20:21 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry |
-| tarslip.py:35:1:35:3 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
-| tarslip.py:35:7:35:39 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
-| tarslip.py:36:5:36:9 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry |
-| tarslip.py:39:17:39:21 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry |
-| tarslip.py:42:1:42:3 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
-| tarslip.py:42:7:42:39 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
-| tarslip.py:43:24:43:26 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
-| tarslip.py:58:1:58:3 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
-| tarslip.py:58:7:58:39 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
-| tarslip.py:59:5:59:9 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry |
-| tarslip.py:61:21:61:25 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry |
-| tarslip.py:90:1:90:3 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
-| tarslip.py:90:7:90:39 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
-| tarslip.py:91:1:91:3 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
-| tarslip.py:94:1:94:3 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
-| tarslip.py:94:7:94:39 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
-| tarslip.py:95:5:95:9 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry |
-| tarslip.py:96:17:96:21 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry |
-| tarslip.py:109:1:109:3 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
-| tarslip.py:109:7:109:39 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
-| tarslip.py:110:1:110:3 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
-| tarslip.py:112:1:112:3 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
-| tarslip.py:112:7:112:39 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
-| tarslip.py:113:24:113:26 | ControlFlowNode for tar | semmle.label | ControlFlowNode for tar |
+| tarslip.py:14:1:14:3 | tar | semmle.label | tar |
+| tarslip.py:14:7:14:39 | After Attribute() | semmle.label | After Attribute() |
+| tarslip.py:15:1:15:3 | tar | semmle.label | tar |
+| tarslip.py:18:1:18:3 | tar | semmle.label | tar |
+| tarslip.py:18:7:18:39 | After Attribute() | semmle.label | After Attribute() |
+| tarslip.py:19:5:19:9 | entry | semmle.label | entry |
+| tarslip.py:20:17:20:21 | entry | semmle.label | entry |
+| tarslip.py:35:1:35:3 | tar | semmle.label | tar |
+| tarslip.py:35:7:35:39 | After Attribute() | semmle.label | After Attribute() |
+| tarslip.py:36:5:36:9 | entry | semmle.label | entry |
+| tarslip.py:39:17:39:21 | entry | semmle.label | entry |
+| tarslip.py:42:1:42:3 | tar | semmle.label | tar |
+| tarslip.py:42:7:42:39 | After Attribute() | semmle.label | After Attribute() |
+| tarslip.py:43:24:43:26 | tar | semmle.label | tar |
+| tarslip.py:58:1:58:3 | tar | semmle.label | tar |
+| tarslip.py:58:7:58:39 | After Attribute() | semmle.label | After Attribute() |
+| tarslip.py:59:5:59:9 | entry | semmle.label | entry |
+| tarslip.py:61:21:61:25 | entry | semmle.label | entry |
+| tarslip.py:90:1:90:3 | tar | semmle.label | tar |
+| tarslip.py:90:7:90:39 | After Attribute() | semmle.label | After Attribute() |
+| tarslip.py:91:1:91:3 | tar | semmle.label | tar |
+| tarslip.py:94:1:94:3 | tar | semmle.label | tar |
+| tarslip.py:94:7:94:39 | After Attribute() | semmle.label | After Attribute() |
+| tarslip.py:95:5:95:9 | entry | semmle.label | entry |
+| tarslip.py:96:17:96:21 | entry | semmle.label | entry |
+| tarslip.py:109:1:109:3 | tar | semmle.label | tar |
+| tarslip.py:109:7:109:39 | After Attribute() | semmle.label | After Attribute() |
+| tarslip.py:110:1:110:3 | tar | semmle.label | tar |
+| tarslip.py:112:1:112:3 | tar | semmle.label | tar |
+| tarslip.py:112:7:112:39 | After Attribute() | semmle.label | After Attribute() |
+| tarslip.py:113:24:113:26 | tar | semmle.label | tar |
 subpaths
 #select
-| tarslip.py:15:1:15:3 | ControlFlowNode for tar | tarslip.py:14:7:14:39 | ControlFlowNode for Attribute() | tarslip.py:15:1:15:3 | ControlFlowNode for tar | This file extraction depends on a $@. | tarslip.py:14:7:14:39 | ControlFlowNode for Attribute() | potentially untrusted source |
-| tarslip.py:20:17:20:21 | ControlFlowNode for entry | tarslip.py:18:7:18:39 | ControlFlowNode for Attribute() | tarslip.py:20:17:20:21 | ControlFlowNode for entry | This file extraction depends on a $@. | tarslip.py:18:7:18:39 | ControlFlowNode for Attribute() | potentially untrusted source |
-| tarslip.py:39:17:39:21 | ControlFlowNode for entry | tarslip.py:35:7:35:39 | ControlFlowNode for Attribute() | tarslip.py:39:17:39:21 | ControlFlowNode for entry | This file extraction depends on a $@. | tarslip.py:35:7:35:39 | ControlFlowNode for Attribute() | potentially untrusted source |
-| tarslip.py:43:24:43:26 | ControlFlowNode for tar | tarslip.py:42:7:42:39 | ControlFlowNode for Attribute() | tarslip.py:43:24:43:26 | ControlFlowNode for tar | This file extraction depends on a $@. | tarslip.py:42:7:42:39 | ControlFlowNode for Attribute() | potentially untrusted source |
-| tarslip.py:61:21:61:25 | ControlFlowNode for entry | tarslip.py:58:7:58:39 | ControlFlowNode for Attribute() | tarslip.py:61:21:61:25 | ControlFlowNode for entry | This file extraction depends on a $@. | tarslip.py:58:7:58:39 | ControlFlowNode for Attribute() | potentially untrusted source |
-| tarslip.py:91:1:91:3 | ControlFlowNode for tar | tarslip.py:90:7:90:39 | ControlFlowNode for Attribute() | tarslip.py:91:1:91:3 | ControlFlowNode for tar | This file extraction depends on a $@. | tarslip.py:90:7:90:39 | ControlFlowNode for Attribute() | potentially untrusted source |
-| tarslip.py:96:17:96:21 | ControlFlowNode for entry | tarslip.py:94:7:94:39 | ControlFlowNode for Attribute() | tarslip.py:96:17:96:21 | ControlFlowNode for entry | This file extraction depends on a $@. | tarslip.py:94:7:94:39 | ControlFlowNode for Attribute() | potentially untrusted source |
-| tarslip.py:110:1:110:3 | ControlFlowNode for tar | tarslip.py:109:7:109:39 | ControlFlowNode for Attribute() | tarslip.py:110:1:110:3 | ControlFlowNode for tar | This file extraction depends on a $@. | tarslip.py:109:7:109:39 | ControlFlowNode for Attribute() | potentially untrusted source |
-| tarslip.py:113:24:113:26 | ControlFlowNode for tar | tarslip.py:112:7:112:39 | ControlFlowNode for Attribute() | tarslip.py:113:24:113:26 | ControlFlowNode for tar | This file extraction depends on a $@. | tarslip.py:112:7:112:39 | ControlFlowNode for Attribute() | potentially untrusted source |
+| tarslip.py:15:1:15:3 | tar | tarslip.py:14:7:14:39 | After Attribute() | tarslip.py:15:1:15:3 | tar | This file extraction depends on a $@. | tarslip.py:14:7:14:39 | After Attribute() | potentially untrusted source |
+| tarslip.py:20:17:20:21 | entry | tarslip.py:18:7:18:39 | After Attribute() | tarslip.py:20:17:20:21 | entry | This file extraction depends on a $@. | tarslip.py:18:7:18:39 | After Attribute() | potentially untrusted source |
+| tarslip.py:39:17:39:21 | entry | tarslip.py:35:7:35:39 | After Attribute() | tarslip.py:39:17:39:21 | entry | This file extraction depends on a $@. | tarslip.py:35:7:35:39 | After Attribute() | potentially untrusted source |
+| tarslip.py:43:24:43:26 | tar | tarslip.py:42:7:42:39 | After Attribute() | tarslip.py:43:24:43:26 | tar | This file extraction depends on a $@. | tarslip.py:42:7:42:39 | After Attribute() | potentially untrusted source |
+| tarslip.py:61:21:61:25 | entry | tarslip.py:58:7:58:39 | After Attribute() | tarslip.py:61:21:61:25 | entry | This file extraction depends on a $@. | tarslip.py:58:7:58:39 | After Attribute() | potentially untrusted source |
+| tarslip.py:91:1:91:3 | tar | tarslip.py:90:7:90:39 | After Attribute() | tarslip.py:91:1:91:3 | tar | This file extraction depends on a $@. | tarslip.py:90:7:90:39 | After Attribute() | potentially untrusted source |
+| tarslip.py:96:17:96:21 | entry | tarslip.py:94:7:94:39 | After Attribute() | tarslip.py:96:17:96:21 | entry | This file extraction depends on a $@. | tarslip.py:94:7:94:39 | After Attribute() | potentially untrusted source |
+| tarslip.py:110:1:110:3 | tar | tarslip.py:109:7:109:39 | After Attribute() | tarslip.py:110:1:110:3 | tar | This file extraction depends on a $@. | tarslip.py:109:7:109:39 | After Attribute() | potentially untrusted source |
+| tarslip.py:113:24:113:26 | tar | tarslip.py:112:7:112:39 | After Attribute() | tarslip.py:113:24:113:26 | tar | This file extraction depends on a $@. | tarslip.py:112:7:112:39 | After Attribute() | potentially untrusted source |
diff --git a/python/ql/test/query-tests/Security/CWE-918-ServerSideRequestForgery/FullServerSideRequestForgery.expected b/python/ql/test/query-tests/Security/CWE-918-ServerSideRequestForgery/FullServerSideRequestForgery.expected
diff --git a/python/ql/test/query-tests/Security/CWE-918-ServerSideRequestForgery/PartialServerSideRequestForgery.expected b/python/ql/test/query-tests/Security/CWE-918-ServerSideRequestForgery/PartialServerSideRequestForgery.expected

Original file line number	Diff line number	Diff line change
`@@ -3,6 +3,7 @@`
`3`	`3`	`import python`
`4`	`4`	`import semmle.python.dataflow.new.DataFlow`
`5`	`5`	`private import semmle.python.ApiGraphs`
	`6`	`+private import semmle.python.controlflow.internal.Cfg as Cfg`
`6`	`7`
`7`	`8`	`/**`
`8`	`9`	`* INTERNAL: Do not use.`
`@@ -29,7 +30,7 @@ private class TracebackFunctionCall extends ExceptionInfo, DataFlow::CallCfgNode`
`29`	`30`	`private class CaughtException extends ExceptionInfo {`
`30`	`31`	`CaughtException() {`
`31`	`32`	`this.asExpr() = any(ExceptStmt s).getName() and`
`32`		`- this.asCfgNode() = any(EssaNodeDefinition def).getDefiningNode()`
	`33`	`+ this.asCfgNode().(Cfg::NameNode).defines(_)`
`33`	`34`	`}`
`34`	`35`	`}`
`35`	`36`