Merge pull request #21590 from github/tausbn/python-improve-bind-all-interfaces-query

Python: Improve "bind all interfaces" query

python/ql/lib/semmle/python/frameworks/Eventlet.model.yml

@@ -0,0 +1,9 @@
+extensions:
+  - addsTo:
+      pack: codeql/python-all
+      extensible: typeModel
+    data:
+      # See https://eventlet.readthedocs.io/en/latest/patching.html
+      - ['socket.socket', 'eventlet', 'Member[green].Member[socket].Member[socket].ReturnValue']
+      # eventlet also re-exports as eventlet.socket for convenience
+      - ['socket.socket', 'eventlet', 'Member[socket].Member[socket].ReturnValue']

python/ql/lib/semmle/python/frameworks/Gevent.model.yml

@@ -0,0 +1,7 @@
+extensions:
+  - addsTo:
+      pack: codeql/python-all
+      extensible: typeModel
+    data:
+      # See https://www.gevent.org/api/gevent.socket.html
+      - ['socket.socket', 'gevent', 'Member[socket].Member[socket].ReturnValue']

python/ql/lib/semmle/python/frameworks/Stdlib.model.yml

@@ -27,6 +27,8 @@ extensions:
       extensible: sinkModel
     data:
       - ["zipfile.ZipFile","Member[extractall].Argument[0,path:]", "path-injection"]
+      # See https://docs.python.org/3/library/socket.html#socket.socket.bind
+      - ["socket.socket", "Member[bind].Argument[0,address:]", "bind-socket-all-interfaces"]
 
   - addsTo:
       pack: codeql/python-all
@@ -184,6 +186,8 @@ extensions:
       pack: codeql/python-all
       extensible: typeModel
     data:
+      # See https://docs.python.org/3/library/socket.html#socket.socket
+      - ['socket.socket', 'socket', 'Member[socket].ReturnValue']
       # See https://docs.python.org/3/library/urllib.parse.html#urllib.parse.urlparse
       - ["urllib.parse.ParseResult~Subclass", 'urllib', 'Member[parse].Member[urlparse]']