From f9c002e4417fe552b1d0e5ad73382ff54717ee76 Mon Sep 17 00:00:00 2001
From: Taus Brock-Nannestad <taus@semmle.com>
Date: Thu, 22 Aug 2019 14:52:48 +0200
Subject: [PATCH] Python: Support short mode flags (e.g. `re.M`) in regexes.

---
 .../ql/src/semmle/python/types/Extensions.qll | 19 +++++++++++++++++--
 .../ql/test/library-tests/regex/Mode.expected |  1 +
 python/ql/test/library-tests/regex/test.py    |  2 ++
 3 files changed, 20 insertions(+), 2 deletions(-)

diff --git a/python/ql/src/semmle/python/types/Extensions.qll b/python/ql/src/semmle/python/types/Extensions.qll
index 8c9219adf4b..dc8abc6c784 100644
--- a/python/ql/src/semmle/python/types/Extensions.qll
+++ b/python/ql/src/semmle/python/types/Extensions.qll
@@ -128,6 +128,20 @@ class BottleRoutePointToExtension extends PointsToExtension {
 
 /* Python 3.6+ regex module constants */
 
+string short_flag(string flag) {
+    (flag = "ASCII" or
+     flag = "IGNORECASE" or
+     flag = "LOCALE" or
+     flag = "UNICODE" or
+     flag = "MULTILINE" or
+     flag = "TEMPLATE")
+    and result = flag.prefix(1)
+    or
+    flag = "DOTALL" and result = "S"
+    or
+    flag = "VERBOSE" and result = "X"
+}
+
 class ReModulePointToExtension extends PointsToExtension {
 
     string name;
@@ -139,9 +153,10 @@ class ReModulePointToExtension extends PointsToExtension {
     }
 
     override predicate pointsTo(Context context, ObjectInternal value, ControlFlowNode origin) {
-        exists(ModuleObjectInternal sre_constants, CfgOrigin orig |
+        exists(ModuleObjectInternal sre_constants, CfgOrigin orig, string flag |
+            (name = flag or name = short_flag(flag)) and
             sre_constants.getName() = "sre_constants" and
-            sre_constants.attribute("SRE_FLAG_" + name, value, orig) and
+            sre_constants.attribute("SRE_FLAG_" + flag, value, orig) and
             origin = orig.asCfgNodeOrHere(this)
         )
         and pointsTo_helper(context)
diff --git a/python/ql/test/library-tests/regex/Mode.expected b/python/ql/test/library-tests/regex/Mode.expected
index 617912d63a3..6e7cf5f31c4 100644
--- a/python/ql/test/library-tests/regex/Mode.expected
+++ b/python/ql/test/library-tests/regex/Mode.expected
@@ -7,3 +7,4 @@
 | 50 | VERBOSE |
 | 51 | UNICODE |
 | 52 | UNICODE |
+| 64 | MULTILINE |
diff --git a/python/ql/test/library-tests/regex/test.py b/python/ql/test/library-tests/regex/test.py
index 6e57b9f7c71..8666bfd3912 100644
--- a/python/ql/test/library-tests/regex/test.py
+++ b/python/ql/test/library-tests/regex/test.py
@@ -60,3 +60,5 @@ re.compile(r'(?:(?P<n1>^(?:|x)))')
 
 #Misparsed on LGTM
 re.compile(r"\[(?P<txt>[^[]*)\]\((?P<uri>[^)]*)")
+
+re.compile("", re.M) # ODASA-8056