hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-29 18:55:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Python points-to: Track 'unknown' value through simple iteration.

Browse Source
This commit is contained in:
Mark Shannon
2019-04-09 17:09:50 +01:00
parent 9af7071131
commit 03159bb31c
3 changed files with 42 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
python/ql/src/semmle/python/pointsto/PointsTo.qll
View File

@@ -409,8 +409,8 @@ cached module PointsToInternal {
scope_entry_points_to(def, context, value, origin)
or
InterModulePointsTo::implicit_submodule_points_to(def, context, value, origin)
// or
// iteration_definition_points_to(def, context, value, origin)
or
iteration_definition_points_to(def, context, value, origin)
/*
* No points-to for non-local function entry definitions yet.
*/
@@ -564,6 +564,11 @@ cached module PointsToInternal {
)
}
private predicate iteration_definition_points_to(IterationDefinition def, PointsToContext context, ObjectInternal value, ControlFlowNode origin) {
pointsTo(def.getSequence(), context, ObjectInternal::unknown(), _) and
value = ObjectInternal::unknown() and origin = def.getDefiningNode()
}
/** Holds if `f` is an expression node `tval if cond else fval` and points to `(value, origin)`. */
private predicate if_exp_points_to(IfExprNode f, PointsToContext context, ObjectInternal value, ControlFlowNode origin) {
pointsTo(f.getAnOperand(), context, value, origin)