In this case, I want to create a custom rule for Python in order to detect if the analyzed code contains an input() function. As you probably know, input() is not sanitized in Python 2.X, so you must use raw_input() instead. I have 2 issues to solve:
1. I’m ussing SSLR Python Toolkit 1.5 because later versions give a Java exception at opening it. I’ve tried to open it on Linux and Windows but it keep showing that exception. Screenshots below:
2. I’ve managed to write an Xpath query to detect the input() function, I’ve tested it and it works but I’m not sure if it’s the best way to do it. In screenshot below, you can see the Python code on the left side, the AST on the right side and the XPath query on the bottom. What I want is a XPath query which detects the input word and if there is a left parenthesis right next to it. The problem is that my XPath query points to both the left parenthesis and everything next to it instead of just the left parenthesis.