hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 03:05:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #8732 from RasmusWL/dataflow-imports

Browse Source 
Python: Don't re-export `python` under `DataFlow::`
This commit is contained in:
yoff
2022-05-02 12:08:28 +02:00
committed by GitHub
parent 231def026f 888a38c060
commit 1d44694280
9 changed files with 26 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
python/ql/lib/change-notes/2022-04-20-export-python-under-DataFlow.md Normal file
View File

@@ -0,0 +1,4 @@
---
category: breaking
---
* The imports made available from `import python` are no longer exposed under `DataFlow::` after doing `import semmle.python.dataflow.new.DataFlow`, for example using `DataFlow::Add` will now cause a compile error.

2
python/ql/lib/semmle/python/SpecialMethods.qll
View File

@@ -8,7 +8,7 @@
* Extend `SpecialMethod::Potential` to capture more cases.
*/
import python
private import python
/** A control flow node which might correspond to a special method call. */
class PotentialSpecialMethodCallNode extends ControlFlowNode {

6
python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImplSpecific.qll
View File

@@ -1,9 +1,15 @@
/**
* Provides Python-specific definitions for use in the data flow library.
*/
// we need to export `Unit` for the DataFlowImpl* files
private import python as Python
module Private {
import DataFlowPrivate
// import DataFlowDispatch
class Unit = Python::Unit;
}
module Public {

1
python/ql/lib/semmle/python/dataflow/new/internal/DataFlowUtil.qll
View File

@@ -2,6 +2,7 @@
* Contains utility functions for writing data flow queries
*/
private import python
private import DataFlowPrivate
import DataFlowPublic

2
python/ql/lib/semmle/python/dataflow/new/internal/LocalSources.qll
View File

@@ -6,7 +6,7 @@
* local tracking within a function.
*/
import python
private import python
import DataFlowPublic
private import DataFlowPrivate
private import semmle.python.internal.CachedStages

3
python/ql/test/experimental/dataflow/qll-private-imports/README.md Normal file
View File

@@ -0,0 +1,3 @@
Sometimes we accidentally re-export too much from `DataFlow` such that for example we can access `Add` from `DataFlow::Add` :disappointed:
This test should always FAIL to compile!

1
python/ql/test/experimental/dataflow/qll-private-imports/Test.expected Normal file
View File

@@ -0,0 +1 @@
ERROR: Could not resolve type DataFlow::Add (Test.ql:7,6-19)

8
python/ql/test/experimental/dataflow/qll-private-imports/Test.ql Normal file
View File

@@ -0,0 +1,8 @@
import python
private import semmle.python.dataflow.new.DataFlow
// Sometimes we accidentally re-export too much from `DataFlow` such that for example we can access `Add` from `DataFlow::Add` :(
//
// This test should always FAIL to compile!
from DataFlow::Add this_should_not_work
select this_should_not_work

1
python/ql/test/experimental/dataflow/qll-private-imports/test.py Normal file
View File

@@ -0,0 +1 @@
1+1