Merge branch 'main' into import-refined

python/ql/test/experimental/dataflow/TestUtil/DataFlowConsistency.qll

@@ -20,15 +20,6 @@ private class MyConsistencyConfiguration extends ConsistencyConfiguration {
     n instanceof SynthDictSplatParameterNode
   }
 
-  override predicate uniqueParameterNodeAtPositionExclude(
-    DataFlowCallable c, ParameterPosition pos, Node p
-  ) {
-    // TODO: This can be removed once we solve the overlap of dictionary splat parameters
-    c.getParameter(pos) = p and
-    pos.isDictSplat() and
-    not exists(p.getLocation().getFile().getRelativePath())
-  }
-
   override predicate uniqueParameterNodePositionExclude(
     DataFlowCallable c, ParameterPosition pos, Node p
   ) {
@@ -44,4 +35,8 @@ private class MyConsistencyConfiguration extends ConsistencyConfiguration {
       param = func.getArgByName(_)
     )
   }
+
+  override predicate uniqueCallEnclosingCallableExclude(DataFlowCall call) {
+    not exists(call.getLocation().getFile().getRelativePath())
+  }
 }

python/ql/test/experimental/dataflow/basic/dataflow-consistency.expected

@@ -1,4 +1,5 @@
 uniqueEnclosingCallable
+uniqueCallEnclosingCallable
 uniqueType
 uniqueNodeLocation
 missingLocation

python/ql/test/experimental/dataflow/callgraph_crosstalk/dataflow-consistency.expected

@@ -1,4 +1,5 @@
 uniqueEnclosingCallable
+uniqueCallEnclosingCallable
 uniqueType
 uniqueNodeLocation
 missingLocation

python/ql/test/experimental/dataflow/calls/dataflow-consistency.expected

@@ -1,4 +1,9 @@
 uniqueEnclosingCallable
+uniqueCallEnclosingCallable
+| new_cls_param.py:14:6:14:16 | classmethod() | Call should have one enclosing callable but has 0. |
+| test.py:21:6:21:17 | staticmethod() | Call should have one enclosing callable but has 0. |
+| test.py:25:6:25:16 | classmethod() | Call should have one enclosing callable but has 0. |
+| test.py:29:6:29:16 | classmethod() | Call should have one enclosing callable but has 0. |
 uniqueType
 uniqueNodeLocation
 missingLocation

python/ql/test/experimental/dataflow/consistency/dataflow-consistency.expected

@@ -1,4 +1,5 @@
 uniqueEnclosingCallable
+uniqueCallEnclosingCallable
 uniqueType
 uniqueNodeLocation
 missingLocation

python/ql/test/experimental/dataflow/coverage/argumentPassing.py

@@ -204,6 +204,18 @@ def test_mixed():
     mixed(**args)
 
 
+def kwargs_same_name_as_positional_only(a, /, **kwargs):
+    SINK1(a)
+    SINK2(kwargs["a"])
+
+@expects(2*2)
+def test_kwargs_same_name_as_positional_only():
+    kwargs_same_name_as_positional_only(arg1, a=arg2) # $ arg1 SPURIOUS: bad1="arg2" MISSING: arg2
+
+    kwargs = {"a": arg2} # $ func=kwargs_same_name_as_positional_only SPURIOUS: bad1="arg2" MISSING: arg2
+    kwargs_same_name_as_positional_only(arg1, **kwargs) # $ arg1
+
+
 def starargs_only(*args):
     SINK1(args[0])
     SINK2(args[1])

python/ql/test/experimental/dataflow/coverage/dataflow-consistency.expected

@@ -1,4 +1,7 @@
 uniqueEnclosingCallable
+uniqueCallEnclosingCallable
+| datamodel.py:71:6:71:16 | classmethod() | Call should have one enclosing callable but has 0. |
+| datamodel.py:76:6:76:17 | staticmethod() | Call should have one enclosing callable but has 0. |
 uniqueType
 uniqueNodeLocation
 missingLocation

python/ql/test/experimental/dataflow/exceptions/dataflow-consistency.expected

@@ -1,4 +1,5 @@
 uniqueEnclosingCallable
+uniqueCallEnclosingCallable
 uniqueType
 uniqueNodeLocation
 missingLocation

python/ql/test/experimental/dataflow/fieldflow/dataflow-consistency.expected

@@ -1,4 +1,5 @@
 uniqueEnclosingCallable
+uniqueCallEnclosingCallable
 uniqueType
 uniqueNodeLocation
 missingLocation

python/ql/test/experimental/dataflow/global-flow/dataflow-consistency.expected

@@ -1,4 +1,5 @@
 uniqueEnclosingCallable
+uniqueCallEnclosingCallable
 uniqueType
 uniqueNodeLocation
 missingLocation

python/ql/test/experimental/dataflow/match/dataflow-consistency.expected

@@ -1,4 +1,5 @@
 uniqueEnclosingCallable
+uniqueCallEnclosingCallable
 uniqueType
 uniqueNodeLocation
 missingLocation

python/ql/test/experimental/dataflow/pep_328/dataflow-consistency.expected

@@ -1,4 +1,5 @@
 uniqueEnclosingCallable
+uniqueCallEnclosingCallable
 uniqueType
 uniqueNodeLocation
 missingLocation

python/ql/test/experimental/dataflow/regression/dataflow-consistency.expected

@@ -1,4 +1,5 @@
 uniqueEnclosingCallable
+uniqueCallEnclosingCallable
 uniqueType
 uniqueNodeLocation
 missingLocation

python/ql/test/experimental/dataflow/strange-essaflow/dataflow-consistency.expected

@@ -1,4 +1,5 @@
 uniqueEnclosingCallable
+uniqueCallEnclosingCallable
 uniqueType
 uniqueNodeLocation
 missingLocation

python/ql/test/experimental/dataflow/tainttracking/basic/dataflow-consistency.expected

@@ -1,4 +1,5 @@
 uniqueEnclosingCallable
+uniqueCallEnclosingCallable
 uniqueType
 uniqueNodeLocation
 missingLocation

python/ql/test/experimental/dataflow/tainttracking/commonSanitizer/dataflow-consistency.expected

@@ -1,4 +1,5 @@
 uniqueEnclosingCallable
+uniqueCallEnclosingCallable
 uniqueType
 uniqueNodeLocation
 missingLocation

python/ql/test/experimental/dataflow/tainttracking/customSanitizer/dataflow-consistency.expected

@@ -1,4 +1,5 @@
 uniqueEnclosingCallable
+uniqueCallEnclosingCallable
 uniqueType
 uniqueNodeLocation
 missingLocation

python/ql/test/experimental/dataflow/tainttracking/defaultAdditionalTaintStep-py3/dataflow-consistency.expected

@@ -1,4 +1,5 @@
 uniqueEnclosingCallable
+uniqueCallEnclosingCallable
 uniqueType
 uniqueNodeLocation
 missingLocation

python/ql/test/experimental/dataflow/tainttracking/defaultAdditionalTaintStep/dataflow-consistency.expected

@@ -1,4 +1,5 @@
 uniqueEnclosingCallable
+uniqueCallEnclosingCallable
 uniqueType
 uniqueNodeLocation
 missingLocation

python/ql/test/experimental/dataflow/tainttracking/generator-flow/dataflow-consistency.expected

@@ -1,4 +1,5 @@
 uniqueEnclosingCallable
+uniqueCallEnclosingCallable
 uniqueType
 uniqueNodeLocation
 missingLocation

python/ql/test/experimental/dataflow/tainttracking/unwanted-global-flow/dataflow-consistency.expected

@@ -1,4 +1,5 @@
 uniqueEnclosingCallable
+uniqueCallEnclosingCallable
 uniqueType
 uniqueNodeLocation
 missingLocation

python/ql/test/experimental/dataflow/typetracking/dataflow-consistency.expected

@@ -1,4 +1,5 @@
 uniqueEnclosingCallable
+uniqueCallEnclosingCallable
 uniqueType
 uniqueNodeLocation
 missingLocation

python/ql/test/experimental/dataflow/variable-capture/collections.py

@@ -0,0 +1,64 @@
+# Here we test the case where a captured variable is being read.
+
+# All functions starting with "test_" should run and execute `print("OK")` exactly once.
+# This can be checked by running validTest.py.
+
+import sys
+import os
+
+sys.path.append(os.path.dirname(os.path.dirname((__file__))))
+from testlib import expects
+
+# These are defined so that we can evaluate the test code.
+NONSOURCE = "not a source"
+SOURCE = "source"
+
+def is_source(x):
+    return x == "source" or x == b"source" or x == 42 or x == 42.0 or x == 42j
+
+
+def SINK(x):
+    if is_source(x):
+        print("OK")
+    else:
+        print("Unexpected flow", x)
+
+
+def SINK_F(x):
+    if is_source(x):
+        print("Unexpected flow", x)
+    else:
+        print("OK")
+
+l = [NONSOURCE]
+SINK_F(l_mod[0])
+
+l_mod = [SOURCE for x in l]
+SINK(l_mod[0]) #$ captured
+
+l_mod_lambda = [(lambda a : SOURCE)(x) for x in l]
+SINK(l_mod_lambda[0]) #$ captured
+
+def mod(x):
+    return SOURCE
+
+l_mod_function = [mod(x) for x in l]
+SINK(l_mod_function[0]) #$ captured
+
+def mod_list(l):
+    def mod_local(x):
+        return SOURCE
+
+    return [mod_local(x) for x in l]
+
+l_modded = mod_list(l)
+SINK(l_modded[0]) #$ MISSING: captured
+
+def mod_list_first(l):
+    def mod_local(x):
+        return SOURCE
+
+    return [mod_local(l[0])]
+
+l_modded_first = mod_list_first(l)
+SINK(l_modded_first[0]) #$ captured

python/ql/test/experimental/dataflow/variable-capture/dataflow-consistency.expected

@@ -1,4 +1,5 @@
 uniqueEnclosingCallable
+uniqueCallEnclosingCallable
 uniqueType
 uniqueNodeLocation
 missingLocation