Python: Cleanup "first" type-tracking predicate to be private

Since it's exposed nicely in the version that doesn't have a `DataFlow::TypeTracker` parameter, these should be private. Also found one instance where I had accidentially used DataFlow::Node instead of LocalSourceNode
2025-12-20 10:46:30 +01:00 · 2021-03-23 16:40:56 +01:00
parent a43bb1fb6d
commit 1f5e52e822
5 changed files with 12 additions and 10 deletions
--- a/python/ql/src/semmle/python/Concepts.qll
+++ b/python/ql/src/semmle/python/Concepts.qll
@@ -563,7 +563,9 @@ module Cryptography {
    /** Provides classes for modeling new key-pair generation APIs. */
    module KeyGeneration {
      /** Gets a back-reference to the keysize argument `arg` that was used to generate a new key-pair. */
-      DataFlow::LocalSourceNode keysizeBacktracker(DataFlow::TypeBackTracker t, DataFlow::Node arg) {
+      private DataFlow::LocalSourceNode keysizeBacktracker(
+        DataFlow::TypeBackTracker t, DataFlow::Node arg
+      ) {
        t.start() and
        arg = any(KeyGeneration::Range r).getKeySizeArg() and
        result = arg.getALocalSource()
--- a/python/ql/src/semmle/python/dataflow/new/TypeTracker.qll
+++ b/python/ql/src/semmle/python/dataflow/new/TypeTracker.qll
@@ -180,7 +180,7 @@ private newtype TTypeTracker = MkTypeTracker(Boolean hasCall, OptionalAttributeN
 * It is recommended that all uses of this type are written in the following form,
 * for tracking some type `myType`:
 * ```
- * DataFlow::LocalSourceNode myType(DataFlow::TypeTracker t) {
+ * private DataFlow::LocalSourceNode myType(DataFlow::TypeTracker t) {
 *   t.start() and
 *   result = < source of myType >
 *   or
@@ -341,7 +341,7 @@ private newtype TTypeBackTracker = MkTypeBackTracker(Boolean hasReturn, Optional
 * for back-tracking some callback type `myCallback`:
 *
 * ```
- * DataFlow::LocalSourceNode myCallback(DataFlow::TypeBackTracker t) {
+ * private DataFlow::LocalSourceNode myCallback(DataFlow::TypeBackTracker t) {
 *   t.start() and
 *   result = (< some API call >).getArgument(< n >).getALocalSource()
 *   or
--- a/python/ql/src/semmle/python/frameworks/Cryptography.qll
+++ b/python/ql/src/semmle/python/frameworks/Cryptography.qll
@@ -76,7 +76,7 @@ private module CryptographyModel {
    }

    /** Gets a reference to a predefined curve class instance with a specific key size (in bits), as well as the origin of the class. */
-    private DataFlow::Node curveClassInstanceWithKeySize(
+    private DataFlow::LocalSourceNode curveClassInstanceWithKeySize(
      DataFlow::TypeTracker t, int keySize, DataFlow::Node origin
    ) {
      t.start() and