Merge branch 'main' of github.com:github/codeql into SharedDataflow_FieldFlow

python/ql/test/experimental/dataflow/basic/globalStep.expected

@@ -1,5 +1,7 @@
 | test.py:1:1:1:21 | ControlFlowNode for FunctionExpr | test.py:1:5:1:17 | GSSA Variable obfuscated_id |
 | test.py:1:1:1:21 | ControlFlowNode for FunctionExpr | test.py:1:5:1:17 | GSSA Variable obfuscated_id |
+| test.py:1:1:1:21 | ControlFlowNode for FunctionExpr | test.py:7:5:7:17 | ControlFlowNode for obfuscated_id |
+| test.py:1:1:1:21 | ControlFlowNode for FunctionExpr | test.py:7:5:7:17 | ControlFlowNode for obfuscated_id |
 | test.py:1:5:1:17 | GSSA Variable obfuscated_id | test.py:7:5:7:17 | ControlFlowNode for obfuscated_id |
 | test.py:1:5:1:17 | GSSA Variable obfuscated_id | test.py:7:5:7:17 | ControlFlowNode for obfuscated_id |
 | test.py:1:19:1:19 | SSA variable x | test.py:2:3:2:3 | SSA variable y |
@@ -70,6 +72,10 @@
 | test.py:6:1:6:1 | GSSA Variable a | test.py:7:19:7:19 | ControlFlowNode for a |
 | test.py:6:5:6:6 | ControlFlowNode for IntegerLiteral | test.py:6:1:6:1 | GSSA Variable a |
 | test.py:6:5:6:6 | ControlFlowNode for IntegerLiteral | test.py:6:1:6:1 | GSSA Variable a |
+| test.py:6:5:6:6 | ControlFlowNode for IntegerLiteral | test.py:7:5:7:20 | GSSA Variable a |
+| test.py:6:5:6:6 | ControlFlowNode for IntegerLiteral | test.py:7:5:7:20 | GSSA Variable a |
+| test.py:6:5:6:6 | ControlFlowNode for IntegerLiteral | test.py:7:19:7:19 | ControlFlowNode for a |
+| test.py:6:5:6:6 | ControlFlowNode for IntegerLiteral | test.py:7:19:7:19 | ControlFlowNode for a |
 | test.py:7:5:7:20 | ControlFlowNode for obfuscated_id() | test.py:7:1:7:1 | GSSA Variable b |
 | test.py:7:5:7:20 | ControlFlowNode for obfuscated_id() | test.py:7:1:7:1 | GSSA Variable b |
 | test.py:7:19:7:19 | ControlFlowNode for a | test.py:1:19:1:19 | SSA variable x |

python/ql/test/experimental/dataflow/basic/local.expected

@@ -3,8 +3,11 @@
 | test.py:0:0:0:0 | GSSA Variable b | test.py:0:0:0:0 | GSSA Variable b |
 | test.py:0:0:0:0 | SSA variable $ | test.py:0:0:0:0 | SSA variable $ |
 | test.py:1:1:1:21 | ControlFlowNode for FunctionExpr | test.py:1:1:1:21 | ControlFlowNode for FunctionExpr |
+| test.py:1:1:1:21 | ControlFlowNode for FunctionExpr | test.py:1:5:1:17 | GSSA Variable obfuscated_id |
+| test.py:1:1:1:21 | ControlFlowNode for FunctionExpr | test.py:7:5:7:17 | ControlFlowNode for obfuscated_id |
 | test.py:1:5:1:17 | ControlFlowNode for obfuscated_id | test.py:1:5:1:17 | ControlFlowNode for obfuscated_id |
 | test.py:1:5:1:17 | GSSA Variable obfuscated_id | test.py:1:5:1:17 | GSSA Variable obfuscated_id |
+| test.py:1:5:1:17 | GSSA Variable obfuscated_id | test.py:7:5:7:17 | ControlFlowNode for obfuscated_id |
 | test.py:1:19:1:19 | ControlFlowNode for x | test.py:1:19:1:19 | ControlFlowNode for x |
 | test.py:1:19:1:19 | SSA variable x | test.py:1:19:1:19 | SSA variable x |
 | test.py:1:19:1:19 | SSA variable x | test.py:2:3:2:3 | SSA variable y |
@@ -31,10 +34,16 @@
 | test.py:4:10:4:10 | ControlFlowNode for z | test.py:4:10:4:10 | ControlFlowNode for z |
 | test.py:6:1:6:1 | ControlFlowNode for a | test.py:6:1:6:1 | ControlFlowNode for a |
 | test.py:6:1:6:1 | GSSA Variable a | test.py:6:1:6:1 | GSSA Variable a |
+| test.py:6:1:6:1 | GSSA Variable a | test.py:7:5:7:20 | GSSA Variable a |
+| test.py:6:1:6:1 | GSSA Variable a | test.py:7:19:7:19 | ControlFlowNode for a |
+| test.py:6:5:6:6 | ControlFlowNode for IntegerLiteral | test.py:6:1:6:1 | GSSA Variable a |
 | test.py:6:5:6:6 | ControlFlowNode for IntegerLiteral | test.py:6:5:6:6 | ControlFlowNode for IntegerLiteral |
+| test.py:6:5:6:6 | ControlFlowNode for IntegerLiteral | test.py:7:5:7:20 | GSSA Variable a |
+| test.py:6:5:6:6 | ControlFlowNode for IntegerLiteral | test.py:7:19:7:19 | ControlFlowNode for a |
 | test.py:7:1:7:1 | ControlFlowNode for b | test.py:7:1:7:1 | ControlFlowNode for b |
 | test.py:7:1:7:1 | GSSA Variable b | test.py:7:1:7:1 | GSSA Variable b |
 | test.py:7:5:7:17 | ControlFlowNode for obfuscated_id | test.py:7:5:7:17 | ControlFlowNode for obfuscated_id |
+| test.py:7:5:7:20 | ControlFlowNode for obfuscated_id() | test.py:7:1:7:1 | GSSA Variable b |
 | test.py:7:5:7:20 | ControlFlowNode for obfuscated_id() | test.py:7:5:7:20 | ControlFlowNode for obfuscated_id() |
 | test.py:7:5:7:20 | GSSA Variable a | test.py:7:5:7:20 | GSSA Variable a |
 | test.py:7:19:7:19 | ControlFlowNode for a | test.py:7:19:7:19 | ControlFlowNode for a |

python/ql/test/experimental/dataflow/basic/localStep.expected

@@ -1,5 +1,11 @@
+| test.py:1:1:1:21 | ControlFlowNode for FunctionExpr | test.py:1:5:1:17 | GSSA Variable obfuscated_id |
+| test.py:1:5:1:17 | GSSA Variable obfuscated_id | test.py:7:5:7:17 | ControlFlowNode for obfuscated_id |
 | test.py:1:19:1:19 | SSA variable x | test.py:2:7:2:7 | ControlFlowNode for x |
 | test.py:2:3:2:3 | SSA variable y | test.py:3:7:3:7 | ControlFlowNode for y |
 | test.py:2:7:2:7 | ControlFlowNode for x | test.py:2:3:2:3 | SSA variable y |
 | test.py:3:3:3:3 | SSA variable z | test.py:4:10:4:10 | ControlFlowNode for z |
 | test.py:3:7:3:7 | ControlFlowNode for y | test.py:3:3:3:3 | SSA variable z |
+| test.py:6:1:6:1 | GSSA Variable a | test.py:7:5:7:20 | GSSA Variable a |
+| test.py:6:1:6:1 | GSSA Variable a | test.py:7:19:7:19 | ControlFlowNode for a |
+| test.py:6:5:6:6 | ControlFlowNode for IntegerLiteral | test.py:6:1:6:1 | GSSA Variable a |
+| test.py:7:5:7:20 | ControlFlowNode for obfuscated_id() | test.py:7:1:7:1 | GSSA Variable b |

python/ql/test/experimental/dataflow/basic/maximalFlowsConfig.qll

@@ -1,4 +1,5 @@
 import experimental.dataflow.DataFlow
+private import experimental.dataflow.internal.DataFlowPrivate as DataFlowPrivate
 
 /**
  * A configuration to find all "maximal" flows.
@@ -15,7 +16,7 @@ class MaximalFlowsConfig extends DataFlow::Configuration {
   }
 
   override predicate isSink(DataFlow::Node node) {
-    node instanceof DataFlow::ReturnNode
+    node instanceof DataFlowPrivate::ReturnNode
     or
     node instanceof DataFlow::EssaNode and
     not exists(node.(DataFlow::EssaNode).getVar().getASourceUse())

python/ql/test/experimental/dataflow/callGraphConfig.qll

@@ -1,5 +1,6 @@
 private import python
 import experimental.dataflow.DataFlow
+private import experimental.dataflow.internal.DataFlowPrivate as DataFlowPrivate
 
 /**
  * A configuration to find the call graph edges.
@@ -8,13 +9,13 @@ class CallGraphConfig extends DataFlow::Configuration {
   CallGraphConfig() { this = "CallGraphConfig" }
 
   override predicate isSource(DataFlow::Node node) {
-    node instanceof DataFlow::ReturnNode
+    node instanceof DataFlowPrivate::ReturnNode
     or
-    node instanceof DataFlow::ArgumentNode
+    node instanceof DataFlowPrivate::ArgumentNode
   }
 
   override predicate isSink(DataFlow::Node node) {
-    node instanceof DataFlow::OutNode
+    node instanceof DataFlowPrivate::OutNode
     or
     node instanceof DataFlow::ParameterNode
   }

python/ql/test/experimental/dataflow/consistency/dataflow-consistency.expected

@@ -1,103 +1,4 @@
 uniqueEnclosingCallable
-| module.py:1:1:1:9 | GSSA Variable dangerous | Node should have one enclosing callable but has 0. |
-| module.py:1:13:1:18 | ControlFlowNode for SOURCE | Node should have one enclosing callable but has 0. |
-| module.py:2:1:2:4 | GSSA Variable safe | Node should have one enclosing callable but has 0. |
-| module.py:2:8:2:13 | ControlFlowNode for Str | Node should have one enclosing callable but has 0. |
-| module.py:5:1:5:21 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
-| module.py:5:5:5:18 | GSSA Variable dangerous_func | Node should have one enclosing callable but has 0. |
-| module.py:9:9:9:14 | ControlFlowNode for SOURCE | Node should have one enclosing callable but has 0. |
-| module.py:10:1:10:5 | GSSA Variable safe2 | Node should have one enclosing callable but has 0. |
-| module.py:10:9:10:14 | ControlFlowNode for Str | Node should have one enclosing callable but has 0. |
-| test.py:6:1:6:12 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
-| test.py:6:5:6:9 | GSSA Variable test1 | Node should have one enclosing callable but has 0. |
-| test.py:9:1:9:12 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
-| test.py:9:5:9:9 | GSSA Variable test2 | Node should have one enclosing callable but has 0. |
-| test.py:13:1:13:13 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
-| test.py:13:5:13:10 | GSSA Variable source | Node should have one enclosing callable but has 0. |
-| test.py:16:1:16:14 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
-| test.py:16:5:16:8 | GSSA Variable sink | Node should have one enclosing callable but has 0. |
-| test.py:19:1:19:12 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
-| test.py:19:5:19:9 | GSSA Variable test3 | Node should have one enclosing callable but has 0. |
-| test.py:23:1:23:12 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
-| test.py:23:5:23:9 | GSSA Variable test4 | Node should have one enclosing callable but has 0. |
-| test.py:27:1:27:12 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
-| test.py:27:5:27:9 | GSSA Variable test5 | Node should have one enclosing callable but has 0. |
-| test.py:31:1:31:16 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
-| test.py:31:5:31:9 | GSSA Variable test6 | Node should have one enclosing callable but has 0. |
-| test.py:39:1:39:16 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
-| test.py:39:5:39:9 | GSSA Variable test7 | Node should have one enclosing callable but has 0. |
-| test.py:47:1:47:17 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
-| test.py:47:5:47:11 | GSSA Variable source2 | Node should have one enclosing callable but has 0. |
-| test.py:50:1:50:15 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
-| test.py:50:5:50:9 | GSSA Variable sink2 | Node should have one enclosing callable but has 0. |
-| test.py:53:1:53:21 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
-| test.py:53:5:53:9 | GSSA Variable sink3 | Node should have one enclosing callable but has 0. |
-| test.py:57:1:57:16 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
-| test.py:57:5:57:9 | GSSA Variable test8 | Node should have one enclosing callable but has 0. |
-| test.py:62:1:62:16 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
-| test.py:62:5:62:9 | GSSA Variable test9 | Node should have one enclosing callable but has 0. |
-| test.py:69:1:69:17 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
-| test.py:69:5:69:10 | GSSA Variable test10 | Node should have one enclosing callable but has 0. |
-| test.py:76:1:76:13 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
-| test.py:76:5:76:7 | GSSA Variable hub | Node should have one enclosing callable but has 0. |
-| test.py:79:1:79:13 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
-| test.py:79:5:79:10 | GSSA Variable test11 | Node should have one enclosing callable but has 0. |
-| test.py:84:1:84:13 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
-| test.py:84:5:84:10 | GSSA Variable test12 | Node should have one enclosing callable but has 0. |
-| test.py:89:8:89:13 | ControlFlowNode for ImportExpr | Node should have one enclosing callable but has 0. |
-| test.py:89:8:89:13 | GSSA Variable module | Node should have one enclosing callable but has 0. |
-| test.py:91:1:91:13 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
-| test.py:91:5:91:10 | GSSA Variable test13 | Node should have one enclosing callable but has 0. |
-| test.py:95:1:95:13 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
-| test.py:95:5:95:10 | GSSA Variable test14 | Node should have one enclosing callable but has 0. |
-| test.py:99:1:99:13 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
-| test.py:99:5:99:10 | GSSA Variable test15 | Node should have one enclosing callable but has 0. |
-| test.py:103:1:103:13 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
-| test.py:103:5:103:10 | GSSA Variable test16 | Node should have one enclosing callable but has 0. |
-| test.py:107:1:107:16 | ControlFlowNode for ClassExpr | Node should have one enclosing callable but has 0. |
-| test.py:107:7:107:7 | GSSA Variable C | Node should have one enclosing callable but has 0. |
-| test.py:109:1:109:16 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
-| test.py:109:5:109:10 | GSSA Variable x_sink | Node should have one enclosing callable but has 0. |
-| test.py:112:1:112:13 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
-| test.py:112:5:112:10 | GSSA Variable test17 | Node should have one enclosing callable but has 0. |
-| test.py:117:1:117:13 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
-| test.py:117:5:117:10 | GSSA Variable test18 | Node should have one enclosing callable but has 0. |
-| test.py:123:1:123:13 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
-| test.py:123:5:123:10 | GSSA Variable test19 | Node should have one enclosing callable but has 0. |
-| test.py:128:1:128:17 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
-| test.py:128:5:128:10 | GSSA Variable test20 | Node should have one enclosing callable but has 0. |
-| test.py:138:1:138:17 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
-| test.py:138:5:138:10 | GSSA Variable test21 | Node should have one enclosing callable but has 0. |
-| test.py:148:1:148:17 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
-| test.py:148:5:148:10 | GSSA Variable test22 | Node should have one enclosing callable but has 0. |
-| test.py:159:20:159:38 | ControlFlowNode for ImportMember | Node should have one enclosing callable but has 0. |
-| test.py:159:33:159:38 | GSSA Variable unsafe | Node should have one enclosing callable but has 0. |
-| test.py:160:1:160:12 | GSSA Variable unsafe | Node should have one enclosing callable but has 0. |
-| test.py:160:6:160:11 | ControlFlowNode for unsafe | Node should have one enclosing callable but has 0. |
-| test.py:162:1:162:13 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
-| test.py:162:5:162:10 | GSSA Variable test23 | Node should have one enclosing callable but has 0. |
-| test.py:166:1:166:13 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
-| test.py:166:5:166:10 | GSSA Variable test24 | Node should have one enclosing callable but has 0. |
-| test.py:171:1:171:29 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
-| test.py:171:5:171:22 | GSSA Variable test_update_extend | Node should have one enclosing callable but has 0. |
-| test.py:181:1:181:17 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
-| test.py:181:5:181:14 | GSSA Variable test_truth | Node should have one enclosing callable but has 0. |
-| test.py:192:1:192:22 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
-| test.py:192:5:192:19 | GSSA Variable test_early_exit | Node should have one enclosing callable but has 0. |
-| test.py:198:1:198:41 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
-| test.py:198:5:198:38 | GSSA Variable flow_through_type_test_if_no_class | Node should have one enclosing callable but has 0. |
-| test.py:205:1:205:24 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
-| test.py:205:5:205:21 | GSSA Variable flow_in_iteration | Node should have one enclosing callable but has 0. |
-| test.py:211:1:211:24 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
-| test.py:211:5:211:21 | GSSA Variable flow_in_generator | Node should have one enclosing callable but has 0. |
-| test.py:216:1:216:26 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
-| test.py:216:5:216:23 | GSSA Variable flow_from_generator | Node should have one enclosing callable but has 0. |
-| test.py:220:1:220:28 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
-| test.py:220:5:220:25 | GSSA Variable const_eq_clears_taint | Node should have one enclosing callable but has 0. |
-| test.py:226:1:226:29 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
-| test.py:226:5:226:26 | GSSA Variable const_eq_clears_taint2 | Node should have one enclosing callable but has 0. |
-| test.py:232:1:232:36 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
-| test.py:232:5:232:32 | GSSA Variable non_const_eq_preserves_taint | Node should have one enclosing callable but has 0. |
 uniqueType
 uniqueNodeLocation
 missingLocation

python/ql/test/experimental/dataflow/coverage/argumentRouting1.ql

@@ -1,5 +1,6 @@
 import python
 import experimental.dataflow.DataFlow
+private import experimental.dataflow.internal.DataFlowPrivate as DataFlowPrivate
 
 /**
  * A configuration to check routing of arguments through magic methods.
@@ -8,7 +9,7 @@ class ArgumentRoutingConfig extends DataFlow::Configuration {
   ArgumentRoutingConfig() { this = "ArgumentRoutingConfig" }
 
   override predicate isSource(DataFlow::Node node) {
-    exists(AssignmentDefinition def, DataFlow::DataFlowCall call |
+    exists(AssignmentDefinition def, DataFlowPrivate::DataFlowCall call |
       def.getVariable() = node.(DataFlow::EssaNode).getVar() and
       def.getValue() = call.getNode() and
       call.getNode().(CallNode).getNode().(Call).toString().matches("With\\_%") // TODO: Do not rely on toString

python/ql/test/experimental/dataflow/coverage/classesCallGraph.ql

@@ -1,4 +1,5 @@
 import experimental.dataflow.DataFlow
+private import experimental.dataflow.internal.DataFlowPrivate as DataFlowPrivate
 
 /**
  * A configuration to find the call graph edges.
@@ -7,18 +8,18 @@ class CallGraphConfig extends DataFlow::Configuration {
   CallGraphConfig() { this = "CallGraphConfig" }
 
   override predicate isSource(DataFlow::Node node) {
-    node instanceof DataFlow::ReturnNode
+    node instanceof DataFlowPrivate::ReturnNode
     or
     // These sources should allow for the non-standard call syntax
-    node instanceof DataFlow::ArgumentNode
+    node instanceof DataFlowPrivate::ArgumentNode
   }
 
   override predicate isSink(DataFlow::Node node) {
-    node instanceof DataFlow::OutNode
+    node instanceof DataFlowPrivate::OutNode
     or
     node instanceof DataFlow::ParameterNode and
     // exclude parameters to the SINK-functions
-    not exists(DataFlow::DataFlowCallable c |
+    not exists(DataFlowPrivate::DataFlowCallable c |
       node.(DataFlow::ParameterNode).isParameterOf(c, _) and
       c.getName().matches("SINK_")
     )

python/ql/test/experimental/dataflow/coverage/dataflow.expected

@@ -1,23 +1,58 @@
 edges
-| datamodel.py:13:1:13:6 | GSSA Variable SOURCE | datamodel.py:38:6:38:17 | GSSA Variable SOURCE |
-| datamodel.py:13:1:13:6 | GSSA Variable SOURCE | datamodel.py:38:8:38:13 | ControlFlowNode for SOURCE |
+| datamodel.py:0:0:0:0 | ModuleVariableNode for Global Variable SOURCE in Module datamodel | datamodel.py:152:14:152:19 | ControlFlowNode for SOURCE |
+| datamodel.py:13:1:13:6 | GSSA Variable SOURCE | datamodel.py:0:0:0:0 | ModuleVariableNode for Global Variable SOURCE in Module datamodel |
 | datamodel.py:13:10:13:17 | ControlFlowNode for Str | datamodel.py:13:1:13:6 | GSSA Variable SOURCE |
-| datamodel.py:38:6:38:17 | GSSA Variable SOURCE | datamodel.py:71:6:71:24 | GSSA Variable SOURCE |
-| datamodel.py:38:6:38:17 | GSSA Variable SOURCE | datamodel.py:71:15:71:20 | ControlFlowNode for SOURCE |
+| datamodel.py:13:10:13:17 | ControlFlowNode for Str | datamodel.py:38:8:38:13 | ControlFlowNode for SOURCE |
+| datamodel.py:13:10:13:17 | ControlFlowNode for Str | datamodel.py:71:15:71:20 | ControlFlowNode for SOURCE |
+| datamodel.py:13:10:13:17 | ControlFlowNode for Str | datamodel.py:72:18:72:23 | ControlFlowNode for SOURCE |
+| datamodel.py:13:10:13:17 | ControlFlowNode for Str | datamodel.py:80:20:80:25 | ControlFlowNode for SOURCE |
+| datamodel.py:13:10:13:17 | ControlFlowNode for Str | datamodel.py:81:20:81:25 | ControlFlowNode for SOURCE |
 | datamodel.py:38:8:38:13 | ControlFlowNode for SOURCE | datamodel.py:38:6:38:17 | ControlFlowNode for f() |
-| datamodel.py:71:6:71:24 | GSSA Variable SOURCE | datamodel.py:72:18:72:23 | ControlFlowNode for SOURCE |
-| datamodel.py:71:6:71:24 | GSSA Variable SOURCE | datamodel.py:80:6:80:26 | GSSA Variable SOURCE |
-| datamodel.py:71:6:71:24 | GSSA Variable SOURCE | datamodel.py:80:20:80:25 | ControlFlowNode for SOURCE |
+| datamodel.py:38:8:38:13 | ControlFlowNode for SOURCE | datamodel.py:71:15:71:20 | ControlFlowNode for SOURCE |
+| datamodel.py:38:8:38:13 | ControlFlowNode for SOURCE | datamodel.py:72:18:72:23 | ControlFlowNode for SOURCE |
+| datamodel.py:38:8:38:13 | ControlFlowNode for SOURCE | datamodel.py:80:20:80:25 | ControlFlowNode for SOURCE |
+| datamodel.py:38:8:38:13 | ControlFlowNode for SOURCE | datamodel.py:81:20:81:25 | ControlFlowNode for SOURCE |
 | datamodel.py:71:15:71:20 | ControlFlowNode for SOURCE | datamodel.py:71:6:71:24 | ControlFlowNode for Attribute() |
+| datamodel.py:71:15:71:20 | ControlFlowNode for SOURCE | datamodel.py:72:18:72:23 | ControlFlowNode for SOURCE |
+| datamodel.py:71:15:71:20 | ControlFlowNode for SOURCE | datamodel.py:80:20:80:25 | ControlFlowNode for SOURCE |
+| datamodel.py:71:15:71:20 | ControlFlowNode for SOURCE | datamodel.py:81:20:81:25 | ControlFlowNode for SOURCE |
 | datamodel.py:72:18:72:23 | ControlFlowNode for SOURCE | datamodel.py:72:6:72:27 | ControlFlowNode for Attribute() |
-| datamodel.py:80:6:80:26 | GSSA Variable SOURCE | datamodel.py:81:20:81:25 | ControlFlowNode for SOURCE |
+| datamodel.py:72:18:72:23 | ControlFlowNode for SOURCE | datamodel.py:80:20:80:25 | ControlFlowNode for SOURCE |
+| datamodel.py:72:18:72:23 | ControlFlowNode for SOURCE | datamodel.py:81:20:81:25 | ControlFlowNode for SOURCE |
+| datamodel.py:73:18:73:23 | ControlFlowNode for SOURCE | datamodel.py:80:20:80:25 | ControlFlowNode for SOURCE |
+| datamodel.py:73:18:73:23 | ControlFlowNode for SOURCE | datamodel.py:81:20:81:25 | ControlFlowNode for SOURCE |
 | datamodel.py:80:20:80:25 | ControlFlowNode for SOURCE | datamodel.py:80:6:80:26 | ControlFlowNode for Attribute() |
+| datamodel.py:80:20:80:25 | ControlFlowNode for SOURCE | datamodel.py:81:20:81:25 | ControlFlowNode for SOURCE |
 | datamodel.py:81:20:81:25 | ControlFlowNode for SOURCE | datamodel.py:81:6:81:26 | ControlFlowNode for Attribute() |
 | datamodel.py:152:5:152:8 | [post store] ControlFlowNode for self [Attribute b] | datamodel.py:155:14:155:25 | ControlFlowNode for Customized() [Attribute b] |
 | datamodel.py:152:14:152:19 | ControlFlowNode for SOURCE | datamodel.py:152:5:152:8 | [post store] ControlFlowNode for self [Attribute b] |
-| datamodel.py:155:1:155:10 | GSSA Variable customized [Attribute b] | datamodel.py:159:6:159:15 | ControlFlowNode for customized [Attribute b] |
-| datamodel.py:155:14:155:25 | ControlFlowNode for Customized() [Attribute b] | datamodel.py:155:1:155:10 | GSSA Variable customized [Attribute b] |
+| datamodel.py:155:14:155:25 | ControlFlowNode for Customized() [Attribute b] | datamodel.py:159:6:159:15 | ControlFlowNode for customized [Attribute b] |
 | datamodel.py:159:6:159:15 | ControlFlowNode for customized [Attribute b] | datamodel.py:159:6:159:17 | ControlFlowNode for Attribute |
+| test.py:0:0:0:0 | ModuleVariableNode for Global Variable SOURCE in Module test | test.py:36:21:36:26 | ControlFlowNode for SOURCE |
+| test.py:0:0:0:0 | ModuleVariableNode for Global Variable SOURCE in Module test | test.py:50:9:50:14 | ControlFlowNode for SOURCE |
+| test.py:0:0:0:0 | ModuleVariableNode for Global Variable SOURCE in Module test | test.py:84:10:84:15 | ControlFlowNode for SOURCE |
+| test.py:0:0:0:0 | ModuleVariableNode for Global Variable SOURCE in Module test | test.py:91:10:91:15 | ControlFlowNode for SOURCE |
+| test.py:0:0:0:0 | ModuleVariableNode for Global Variable SOURCE in Module test | test.py:101:10:101:15 | ControlFlowNode for SOURCE |
+| test.py:0:0:0:0 | ModuleVariableNode for Global Variable SOURCE in Module test | test.py:106:22:106:27 | ControlFlowNode for SOURCE |
+| test.py:0:0:0:0 | ModuleVariableNode for Global Variable SOURCE in Module test | test.py:111:10:111:15 | ControlFlowNode for SOURCE |
+| test.py:0:0:0:0 | ModuleVariableNode for Global Variable SOURCE in Module test | test.py:124:10:124:15 | ControlFlowNode for SOURCE |
+| test.py:0:0:0:0 | ModuleVariableNode for Global Variable SOURCE in Module test | test.py:129:10:129:15 | ControlFlowNode for SOURCE |
+| test.py:0:0:0:0 | ModuleVariableNode for Global Variable SOURCE in Module test | test.py:134:22:134:27 | ControlFlowNode for SOURCE |
+| test.py:0:0:0:0 | ModuleVariableNode for Global Variable SOURCE in Module test | test.py:139:10:139:15 | ControlFlowNode for SOURCE |
+| test.py:0:0:0:0 | ModuleVariableNode for Global Variable SOURCE in Module test | test.py:152:15:152:20 | ControlFlowNode for SOURCE |
+| test.py:0:0:0:0 | ModuleVariableNode for Global Variable SOURCE in Module test | test.py:157:15:157:20 | ControlFlowNode for SOURCE |
+| test.py:0:0:0:0 | ModuleVariableNode for Global Variable SOURCE in Module test | test.py:184:23:184:28 | ControlFlowNode for SOURCE |
+| test.py:0:0:0:0 | ModuleVariableNode for Global Variable SOURCE in Module test | test.py:189:25:189:30 | ControlFlowNode for SOURCE |
+| test.py:0:0:0:0 | ModuleVariableNode for Global Variable SOURCE in Module test | test.py:200:34:200:39 | ControlFlowNode for SOURCE |
+| test.py:0:0:0:0 | ModuleVariableNode for Global Variable SOURCE in Module test | test.py:344:11:344:16 | ControlFlowNode for SOURCE |
+| test.py:0:0:0:0 | ModuleVariableNode for Global Variable SOURCE in Module test | test.py:348:11:348:16 | ControlFlowNode for SOURCE |
+| test.py:0:0:0:0 | ModuleVariableNode for Global Variable SOURCE in Module test | test.py:352:16:352:21 | ControlFlowNode for SOURCE |
+| test.py:0:0:0:0 | ModuleVariableNode for Global Variable SOURCE in Module test | test.py:375:28:375:33 | ControlFlowNode for SOURCE |
+| test.py:0:0:0:0 | ModuleVariableNode for Global Variable SOURCE in Module test | test.py:457:12:457:17 | ControlFlowNode for SOURCE |
+| test.py:0:0:0:0 | ModuleVariableNode for Global Variable SOURCE in Module test | test.py:462:28:462:33 | ControlFlowNode for SOURCE |
+| test.py:0:0:0:0 | ModuleVariableNode for Global Variable SOURCE in Module test | test.py:504:9:504:14 | ControlFlowNode for SOURCE |
+| test.py:14:1:14:6 | GSSA Variable SOURCE | test.py:0:0:0:0 | ModuleVariableNode for Global Variable SOURCE in Module test |
+| test.py:14:10:14:17 | ControlFlowNode for Str | test.py:14:1:14:6 | GSSA Variable SOURCE |
 | test.py:36:10:36:26 | ControlFlowNode for Tuple [Tuple element at index 1] | test.py:37:9:37:9 | ControlFlowNode for x [Tuple element at index 1] |
 | test.py:36:21:36:26 | ControlFlowNode for SOURCE | test.py:36:10:36:26 | ControlFlowNode for Tuple [Tuple element at index 1] |
 | test.py:37:9:37:9 | ControlFlowNode for x [Tuple element at index 1] | test.py:37:9:37:12 | ControlFlowNode for Subscript |
@@ -117,27 +152,28 @@ edges
 | test.py:504:9:504:14 | ControlFlowNode for SOURCE | test.py:506:10:506:10 | ControlFlowNode for a |
 | test.py:504:9:504:14 | ControlFlowNode for SOURCE | test.py:511:10:511:10 | ControlFlowNode for b |
 nodes
+| datamodel.py:0:0:0:0 | ModuleVariableNode for Global Variable SOURCE in Module datamodel | semmle.label | ModuleVariableNode for Global Variable SOURCE in Module datamodel |
 | datamodel.py:13:1:13:6 | GSSA Variable SOURCE | semmle.label | GSSA Variable SOURCE |
 | datamodel.py:13:10:13:17 | ControlFlowNode for Str | semmle.label | ControlFlowNode for Str |
 | datamodel.py:38:6:38:17 | ControlFlowNode for f() | semmle.label | ControlFlowNode for f() |
-| datamodel.py:38:6:38:17 | GSSA Variable SOURCE | semmle.label | GSSA Variable SOURCE |
 | datamodel.py:38:8:38:13 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
 | datamodel.py:71:6:71:24 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
-| datamodel.py:71:6:71:24 | GSSA Variable SOURCE | semmle.label | GSSA Variable SOURCE |
 | datamodel.py:71:15:71:20 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
 | datamodel.py:72:6:72:27 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
 | datamodel.py:72:18:72:23 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
+| datamodel.py:73:18:73:23 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
 | datamodel.py:80:6:80:26 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
-| datamodel.py:80:6:80:26 | GSSA Variable SOURCE | semmle.label | GSSA Variable SOURCE |
 | datamodel.py:80:20:80:25 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
 | datamodel.py:81:6:81:26 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
 | datamodel.py:81:20:81:25 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
 | datamodel.py:152:5:152:8 | [post store] ControlFlowNode for self [Attribute b] | semmle.label | [post store] ControlFlowNode for self [Attribute b] |
 | datamodel.py:152:14:152:19 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
-| datamodel.py:155:1:155:10 | GSSA Variable customized [Attribute b] | semmle.label | GSSA Variable customized [Attribute b] |
 | datamodel.py:155:14:155:25 | ControlFlowNode for Customized() [Attribute b] | semmle.label | ControlFlowNode for Customized() [Attribute b] |
 | datamodel.py:159:6:159:15 | ControlFlowNode for customized [Attribute b] | semmle.label | ControlFlowNode for customized [Attribute b] |
 | datamodel.py:159:6:159:17 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
+| test.py:0:0:0:0 | ModuleVariableNode for Global Variable SOURCE in Module test | semmle.label | ModuleVariableNode for Global Variable SOURCE in Module test |
+| test.py:14:1:14:6 | GSSA Variable SOURCE | semmle.label | GSSA Variable SOURCE |
+| test.py:14:10:14:17 | ControlFlowNode for Str | semmle.label | ControlFlowNode for Str |
 | test.py:36:10:36:26 | ControlFlowNode for Tuple [Tuple element at index 1] | semmle.label | ControlFlowNode for Tuple [Tuple element at index 1] |
 | test.py:36:21:36:26 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
 | test.py:37:9:37:9 | ControlFlowNode for x [Tuple element at index 1] | semmle.label | ControlFlowNode for x [Tuple element at index 1] |
@@ -267,39 +303,76 @@ nodes
 | datamodel.py:38:6:38:17 | ControlFlowNode for f() | datamodel.py:13:10:13:17 | ControlFlowNode for Str | datamodel.py:38:6:38:17 | ControlFlowNode for f() | <message> |
 | datamodel.py:38:6:38:17 | ControlFlowNode for f() | datamodel.py:38:8:38:13 | ControlFlowNode for SOURCE | datamodel.py:38:6:38:17 | ControlFlowNode for f() | <message> |
 | datamodel.py:71:6:71:24 | ControlFlowNode for Attribute() | datamodel.py:13:10:13:17 | ControlFlowNode for Str | datamodel.py:71:6:71:24 | ControlFlowNode for Attribute() | <message> |
+| datamodel.py:71:6:71:24 | ControlFlowNode for Attribute() | datamodel.py:38:8:38:13 | ControlFlowNode for SOURCE | datamodel.py:71:6:71:24 | ControlFlowNode for Attribute() | <message> |
 | datamodel.py:71:6:71:24 | ControlFlowNode for Attribute() | datamodel.py:71:15:71:20 | ControlFlowNode for SOURCE | datamodel.py:71:6:71:24 | ControlFlowNode for Attribute() | <message> |
 | datamodel.py:72:6:72:27 | ControlFlowNode for Attribute() | datamodel.py:13:10:13:17 | ControlFlowNode for Str | datamodel.py:72:6:72:27 | ControlFlowNode for Attribute() | <message> |
+| datamodel.py:72:6:72:27 | ControlFlowNode for Attribute() | datamodel.py:38:8:38:13 | ControlFlowNode for SOURCE | datamodel.py:72:6:72:27 | ControlFlowNode for Attribute() | <message> |
+| datamodel.py:72:6:72:27 | ControlFlowNode for Attribute() | datamodel.py:71:15:71:20 | ControlFlowNode for SOURCE | datamodel.py:72:6:72:27 | ControlFlowNode for Attribute() | <message> |
 | datamodel.py:72:6:72:27 | ControlFlowNode for Attribute() | datamodel.py:72:18:72:23 | ControlFlowNode for SOURCE | datamodel.py:72:6:72:27 | ControlFlowNode for Attribute() | <message> |
 | datamodel.py:80:6:80:26 | ControlFlowNode for Attribute() | datamodel.py:13:10:13:17 | ControlFlowNode for Str | datamodel.py:80:6:80:26 | ControlFlowNode for Attribute() | <message> |
+| datamodel.py:80:6:80:26 | ControlFlowNode for Attribute() | datamodel.py:38:8:38:13 | ControlFlowNode for SOURCE | datamodel.py:80:6:80:26 | ControlFlowNode for Attribute() | <message> |
+| datamodel.py:80:6:80:26 | ControlFlowNode for Attribute() | datamodel.py:71:15:71:20 | ControlFlowNode for SOURCE | datamodel.py:80:6:80:26 | ControlFlowNode for Attribute() | <message> |
+| datamodel.py:80:6:80:26 | ControlFlowNode for Attribute() | datamodel.py:72:18:72:23 | ControlFlowNode for SOURCE | datamodel.py:80:6:80:26 | ControlFlowNode for Attribute() | <message> |
+| datamodel.py:80:6:80:26 | ControlFlowNode for Attribute() | datamodel.py:73:18:73:23 | ControlFlowNode for SOURCE | datamodel.py:80:6:80:26 | ControlFlowNode for Attribute() | <message> |
 | datamodel.py:80:6:80:26 | ControlFlowNode for Attribute() | datamodel.py:80:20:80:25 | ControlFlowNode for SOURCE | datamodel.py:80:6:80:26 | ControlFlowNode for Attribute() | <message> |
 | datamodel.py:81:6:81:26 | ControlFlowNode for Attribute() | datamodel.py:13:10:13:17 | ControlFlowNode for Str | datamodel.py:81:6:81:26 | ControlFlowNode for Attribute() | <message> |
+| datamodel.py:81:6:81:26 | ControlFlowNode for Attribute() | datamodel.py:38:8:38:13 | ControlFlowNode for SOURCE | datamodel.py:81:6:81:26 | ControlFlowNode for Attribute() | <message> |
+| datamodel.py:81:6:81:26 | ControlFlowNode for Attribute() | datamodel.py:71:15:71:20 | ControlFlowNode for SOURCE | datamodel.py:81:6:81:26 | ControlFlowNode for Attribute() | <message> |
+| datamodel.py:81:6:81:26 | ControlFlowNode for Attribute() | datamodel.py:72:18:72:23 | ControlFlowNode for SOURCE | datamodel.py:81:6:81:26 | ControlFlowNode for Attribute() | <message> |
+| datamodel.py:81:6:81:26 | ControlFlowNode for Attribute() | datamodel.py:73:18:73:23 | ControlFlowNode for SOURCE | datamodel.py:81:6:81:26 | ControlFlowNode for Attribute() | <message> |
+| datamodel.py:81:6:81:26 | ControlFlowNode for Attribute() | datamodel.py:80:20:80:25 | ControlFlowNode for SOURCE | datamodel.py:81:6:81:26 | ControlFlowNode for Attribute() | <message> |
 | datamodel.py:81:6:81:26 | ControlFlowNode for Attribute() | datamodel.py:81:20:81:25 | ControlFlowNode for SOURCE | datamodel.py:81:6:81:26 | ControlFlowNode for Attribute() | <message> |
+| datamodel.py:159:6:159:17 | ControlFlowNode for Attribute | datamodel.py:13:10:13:17 | ControlFlowNode for Str | datamodel.py:159:6:159:17 | ControlFlowNode for Attribute | <message> |
 | datamodel.py:159:6:159:17 | ControlFlowNode for Attribute | datamodel.py:152:14:152:19 | ControlFlowNode for SOURCE | datamodel.py:159:6:159:17 | ControlFlowNode for Attribute | <message> |
+| test.py:38:10:38:10 | ControlFlowNode for y | test.py:14:10:14:17 | ControlFlowNode for Str | test.py:38:10:38:10 | ControlFlowNode for y | <message> |
 | test.py:38:10:38:10 | ControlFlowNode for y | test.py:36:21:36:26 | ControlFlowNode for SOURCE | test.py:38:10:38:10 | ControlFlowNode for y | <message> |
+| test.py:51:10:51:10 | ControlFlowNode for x | test.py:14:10:14:17 | ControlFlowNode for Str | test.py:51:10:51:10 | ControlFlowNode for x | <message> |
 | test.py:51:10:51:10 | ControlFlowNode for x | test.py:50:9:50:14 | ControlFlowNode for SOURCE | test.py:51:10:51:10 | ControlFlowNode for x | <message> |
 | test.py:58:10:58:10 | ControlFlowNode for x | test.py:57:9:57:16 | ControlFlowNode for Str | test.py:58:10:58:10 | ControlFlowNode for x | <message> |
 | test.py:63:10:63:10 | ControlFlowNode for x | test.py:62:9:62:17 | ControlFlowNode for Str | test.py:63:10:63:10 | ControlFlowNode for x | <message> |
 | test.py:68:10:68:10 | ControlFlowNode for x | test.py:67:9:67:10 | ControlFlowNode for IntegerLiteral | test.py:68:10:68:10 | ControlFlowNode for x | <message> |
 | test.py:73:10:73:10 | ControlFlowNode for x | test.py:72:9:72:12 | ControlFlowNode for FloatLiteral | test.py:73:10:73:10 | ControlFlowNode for x | <message> |
+| test.py:85:10:85:10 | ControlFlowNode for x | test.py:14:10:14:17 | ControlFlowNode for Str | test.py:85:10:85:10 | ControlFlowNode for x | <message> |
 | test.py:85:10:85:10 | ControlFlowNode for x | test.py:84:10:84:15 | ControlFlowNode for SOURCE | test.py:85:10:85:10 | ControlFlowNode for x | <message> |
+| test.py:92:10:92:13 | ControlFlowNode for Subscript | test.py:14:10:14:17 | ControlFlowNode for Str | test.py:92:10:92:13 | ControlFlowNode for Subscript | <message> |
 | test.py:92:10:92:13 | ControlFlowNode for Subscript | test.py:91:10:91:15 | ControlFlowNode for SOURCE | test.py:92:10:92:13 | ControlFlowNode for Subscript | <message> |
+| test.py:102:10:102:13 | ControlFlowNode for Subscript | test.py:14:10:14:17 | ControlFlowNode for Str | test.py:102:10:102:13 | ControlFlowNode for Subscript | <message> |
 | test.py:102:10:102:13 | ControlFlowNode for Subscript | test.py:101:10:101:15 | ControlFlowNode for SOURCE | test.py:102:10:102:13 | ControlFlowNode for Subscript | <message> |
+| test.py:107:10:107:13 | ControlFlowNode for Subscript | test.py:14:10:14:17 | ControlFlowNode for Str | test.py:107:10:107:13 | ControlFlowNode for Subscript | <message> |
 | test.py:107:10:107:13 | ControlFlowNode for Subscript | test.py:106:22:106:27 | ControlFlowNode for SOURCE | test.py:107:10:107:13 | ControlFlowNode for Subscript | <message> |
+| test.py:113:10:113:13 | ControlFlowNode for Subscript | test.py:14:10:14:17 | ControlFlowNode for Str | test.py:113:10:113:13 | ControlFlowNode for Subscript | <message> |
 | test.py:113:10:113:13 | ControlFlowNode for Subscript | test.py:111:10:111:15 | ControlFlowNode for SOURCE | test.py:113:10:113:13 | ControlFlowNode for Subscript | <message> |
+| test.py:125:10:125:16 | ControlFlowNode for Attribute() | test.py:14:10:14:17 | ControlFlowNode for Str | test.py:125:10:125:16 | ControlFlowNode for Attribute() | <message> |
 | test.py:125:10:125:16 | ControlFlowNode for Attribute() | test.py:124:10:124:15 | ControlFlowNode for SOURCE | test.py:125:10:125:16 | ControlFlowNode for Attribute() | <message> |
+| test.py:130:10:130:16 | ControlFlowNode for Attribute() | test.py:14:10:14:17 | ControlFlowNode for Str | test.py:130:10:130:16 | ControlFlowNode for Attribute() | <message> |
 | test.py:130:10:130:16 | ControlFlowNode for Attribute() | test.py:129:10:129:15 | ControlFlowNode for SOURCE | test.py:130:10:130:16 | ControlFlowNode for Attribute() | <message> |
+| test.py:135:10:135:16 | ControlFlowNode for Attribute() | test.py:14:10:14:17 | ControlFlowNode for Str | test.py:135:10:135:16 | ControlFlowNode for Attribute() | <message> |
 | test.py:135:10:135:16 | ControlFlowNode for Attribute() | test.py:134:22:134:27 | ControlFlowNode for SOURCE | test.py:135:10:135:16 | ControlFlowNode for Attribute() | <message> |
+| test.py:141:10:141:16 | ControlFlowNode for Attribute() | test.py:14:10:14:17 | ControlFlowNode for Str | test.py:141:10:141:16 | ControlFlowNode for Attribute() | <message> |
 | test.py:141:10:141:16 | ControlFlowNode for Attribute() | test.py:139:10:139:15 | ControlFlowNode for SOURCE | test.py:141:10:141:16 | ControlFlowNode for Attribute() | <message> |
+| test.py:153:10:153:15 | ControlFlowNode for Subscript | test.py:14:10:14:17 | ControlFlowNode for Str | test.py:153:10:153:15 | ControlFlowNode for Subscript | <message> |
 | test.py:153:10:153:15 | ControlFlowNode for Subscript | test.py:152:15:152:20 | ControlFlowNode for SOURCE | test.py:153:10:153:15 | ControlFlowNode for Subscript | <message> |
+| test.py:158:10:158:19 | ControlFlowNode for Attribute() | test.py:14:10:14:17 | ControlFlowNode for Str | test.py:158:10:158:19 | ControlFlowNode for Attribute() | <message> |
 | test.py:158:10:158:19 | ControlFlowNode for Attribute() | test.py:157:15:157:20 | ControlFlowNode for SOURCE | test.py:158:10:158:19 | ControlFlowNode for Attribute() | <message> |
+| test.py:185:10:185:13 | ControlFlowNode for Subscript | test.py:14:10:14:17 | ControlFlowNode for Str | test.py:185:10:185:13 | ControlFlowNode for Subscript | <message> |
 | test.py:185:10:185:13 | ControlFlowNode for Subscript | test.py:184:23:184:28 | ControlFlowNode for SOURCE | test.py:185:10:185:13 | ControlFlowNode for Subscript | <message> |
+| test.py:190:10:190:13 | ControlFlowNode for Subscript | test.py:14:10:14:17 | ControlFlowNode for Str | test.py:190:10:190:13 | ControlFlowNode for Subscript | <message> |
 | test.py:190:10:190:13 | ControlFlowNode for Subscript | test.py:189:25:189:30 | ControlFlowNode for SOURCE | test.py:190:10:190:13 | ControlFlowNode for Subscript | <message> |
+| test.py:201:10:201:13 | ControlFlowNode for Subscript | test.py:14:10:14:17 | ControlFlowNode for Str | test.py:201:10:201:13 | ControlFlowNode for Subscript | <message> |
 | test.py:201:10:201:13 | ControlFlowNode for Subscript | test.py:200:34:200:39 | ControlFlowNode for SOURCE | test.py:201:10:201:13 | ControlFlowNode for Subscript | <message> |
+| test.py:344:10:344:21 | ControlFlowNode for Subscript | test.py:14:10:14:17 | ControlFlowNode for Str | test.py:344:10:344:21 | ControlFlowNode for Subscript | <message> |
 | test.py:344:10:344:21 | ControlFlowNode for Subscript | test.py:344:11:344:16 | ControlFlowNode for SOURCE | test.py:344:10:344:21 | ControlFlowNode for Subscript | <message> |
+| test.py:348:10:348:20 | ControlFlowNode for Subscript | test.py:14:10:14:17 | ControlFlowNode for Str | test.py:348:10:348:20 | ControlFlowNode for Subscript | <message> |
 | test.py:348:10:348:20 | ControlFlowNode for Subscript | test.py:348:11:348:16 | ControlFlowNode for SOURCE | test.py:348:10:348:20 | ControlFlowNode for Subscript | <message> |
+| test.py:352:10:352:27 | ControlFlowNode for Subscript | test.py:14:10:14:17 | ControlFlowNode for Str | test.py:352:10:352:27 | ControlFlowNode for Subscript | <message> |
 | test.py:352:10:352:27 | ControlFlowNode for Subscript | test.py:352:16:352:21 | ControlFlowNode for SOURCE | test.py:352:10:352:27 | ControlFlowNode for Subscript | <message> |
+| test.py:375:10:375:34 | ControlFlowNode for second() | test.py:14:10:14:17 | ControlFlowNode for Str | test.py:375:10:375:34 | ControlFlowNode for second() | <message> |
 | test.py:375:10:375:34 | ControlFlowNode for second() | test.py:375:28:375:33 | ControlFlowNode for SOURCE | test.py:375:10:375:34 | ControlFlowNode for second() | <message> |
+| test.py:457:10:457:18 | ControlFlowNode for f() | test.py:14:10:14:17 | ControlFlowNode for Str | test.py:457:10:457:18 | ControlFlowNode for f() | <message> |
 | test.py:457:10:457:18 | ControlFlowNode for f() | test.py:457:12:457:17 | ControlFlowNode for SOURCE | test.py:457:10:457:18 | ControlFlowNode for f() | <message> |
+| test.py:462:10:462:34 | ControlFlowNode for second() | test.py:14:10:14:17 | ControlFlowNode for Str | test.py:462:10:462:34 | ControlFlowNode for second() | <message> |
 | test.py:462:10:462:34 | ControlFlowNode for second() | test.py:462:28:462:33 | ControlFlowNode for SOURCE | test.py:462:10:462:34 | ControlFlowNode for second() | <message> |
+| test.py:506:10:506:10 | ControlFlowNode for a | test.py:14:10:14:17 | ControlFlowNode for Str | test.py:506:10:506:10 | ControlFlowNode for a | <message> |
 | test.py:506:10:506:10 | ControlFlowNode for a | test.py:504:9:504:14 | ControlFlowNode for SOURCE | test.py:506:10:506:10 | ControlFlowNode for a | <message> |
+| test.py:511:10:511:10 | ControlFlowNode for b | test.py:14:10:14:17 | ControlFlowNode for Str | test.py:511:10:511:10 | ControlFlowNode for b | <message> |
 | test.py:511:10:511:10 | ControlFlowNode for b | test.py:504:9:504:14 | ControlFlowNode for SOURCE | test.py:511:10:511:10 | ControlFlowNode for b | <message> |

python/ql/test/experimental/dataflow/coverage/localFlow.expected

@@ -1,8 +1,13 @@
+| test.py:35:1:35:33 | GSSA Variable NONSOURCE | test.py:36:10:36:18 | ControlFlowNode for NONSOURCE |
+| test.py:35:1:35:33 | GSSA Variable SINK | test.py:38:5:38:8 | ControlFlowNode for SINK |
+| test.py:35:1:35:33 | GSSA Variable SOURCE | test.py:36:21:36:26 | ControlFlowNode for SOURCE |
 | test.py:36:5:36:5 | SSA variable x | test.py:37:9:37:9 | ControlFlowNode for x |
 | test.py:36:10:36:26 | ControlFlowNode for Tuple | test.py:36:5:36:5 | SSA variable x |
 | test.py:37:5:37:5 | SSA variable y | test.py:38:5:38:11 | SSA variable y |
 | test.py:37:5:37:5 | SSA variable y | test.py:38:10:38:10 | ControlFlowNode for y |
 | test.py:37:9:37:12 | ControlFlowNode for Subscript | test.py:37:5:37:5 | SSA variable y |
+| test.py:188:1:188:53 | GSSA Variable SINK | test.py:190:5:190:8 | ControlFlowNode for SINK |
+| test.py:188:1:188:53 | GSSA Variable SOURCE | test.py:189:25:189:30 | ControlFlowNode for SOURCE |
 | test.py:189:5:189:5 | SSA variable x | test.py:190:10:190:10 | ControlFlowNode for x |
 | test.py:189:9:189:68 | ControlFlowNode for ListComp | test.py:189:5:189:5 | SSA variable x |
 | test.py:189:9:189:68 | SSA variable u | test.py:189:9:189:68 | SSA variable u |

python/ql/test/experimental/dataflow/fieldflow/allLocalFlow.expected

@@ -1,25 +1,46 @@
+| test.py:0:0:0:0 | GSSA Variable SINK | test.py:1:1:1:66 | GSSA Variable SINK |
+| test.py:0:0:0:0 | GSSA Variable SINK_F | test.py:1:1:1:66 | GSSA Variable SINK_F |
+| test.py:0:0:0:0 | GSSA Variable SOURCE | test.py:1:1:1:66 | GSSA Variable SOURCE |
+| test.py:0:0:0:0 | GSSA Variable __name__ | test.py:1:1:1:66 | GSSA Variable __name__ |
+| test.py:0:0:0:0 | GSSA Variable __package__ | test.py:1:1:1:66 | GSSA Variable __package__ |
+| test.py:0:0:0:0 | GSSA Variable object | test.py:1:1:1:66 | GSSA Variable object |
+| test.py:0:0:0:0 | GSSA Variable object | test.py:6:13:6:18 | ControlFlowNode for object |
 | test.py:0:0:0:0 | SSA variable $ | test.py:1:1:1:66 | SSA variable $ |
 | test.py:0:0:0:0 | SSA variable * | test.py:1:1:1:66 | SSA variable * |
+| test.py:6:1:6:20 | ControlFlowNode for ClassExpr | test.py:6:7:6:11 | GSSA Variable MyObj |
 | test.py:6:13:6:18 | ControlFlowNode for object | test.py:12:17:12:22 | ControlFlowNode for object |
 | test.py:8:5:8:28 | ControlFlowNode for FunctionExpr | test.py:8:9:8:16 | SSA variable __init__ |
 | test.py:8:18:8:21 | SSA variable self | test.py:9:9:9:12 | ControlFlowNode for self |
 | test.py:8:18:8:21 | SSA variable self | test.py:9:9:9:16 | SSA variable self |
 | test.py:8:24:8:26 | SSA variable foo | test.py:9:20:9:22 | ControlFlowNode for foo |
+| test.py:12:1:12:24 | ControlFlowNode for ClassExpr | test.py:12:7:12:15 | GSSA Variable NestedObj |
 | test.py:14:5:14:23 | ControlFlowNode for FunctionExpr | test.py:14:9:14:16 | SSA variable __init__ |
+| test.py:14:5:14:23 | GSSA Variable MyObj | test.py:15:20:15:24 | ControlFlowNode for MyObj |
 | test.py:14:18:14:21 | SSA variable self | test.py:15:9:15:12 | ControlFlowNode for self |
 | test.py:14:18:14:21 | SSA variable self | test.py:15:9:15:16 | SSA variable self |
 | test.py:17:5:17:21 | ControlFlowNode for FunctionExpr | test.py:17:9:17:14 | SSA variable getObj |
 | test.py:17:16:17:19 | SSA variable self | test.py:18:16:18:19 | ControlFlowNode for self |
+| test.py:21:1:21:19 | ControlFlowNode for FunctionExpr | test.py:21:5:21:10 | GSSA Variable setFoo |
+| test.py:21:1:21:19 | GSSA Variable SINK_F | test.py:22:5:22:10 | ControlFlowNode for SINK_F |
 | test.py:21:12:21:14 | SSA variable obj | test.py:22:12:22:14 | ControlFlowNode for obj |
 | test.py:21:12:21:14 | SSA variable obj | test.py:23:5:23:11 | SSA variable obj |
 | test.py:21:17:21:17 | SSA variable x | test.py:23:15:23:15 | ControlFlowNode for x |
 | test.py:22:12:22:14 | ControlFlowNode for obj | test.py:23:5:23:7 | ControlFlowNode for obj |
 | test.py:22:12:22:14 | [post read] ControlFlowNode for obj | test.py:23:5:23:7 | ControlFlowNode for obj |
+| test.py:26:1:26:20 | ControlFlowNode for FunctionExpr | test.py:26:5:26:17 | GSSA Variable test_example1 |
+| test.py:26:1:26:20 | GSSA Variable MyObj | test.py:27:13:27:17 | ControlFlowNode for MyObj |
+| test.py:26:1:26:20 | GSSA Variable SINK | test.py:30:5:30:8 | ControlFlowNode for SINK |
+| test.py:26:1:26:20 | GSSA Variable SOURCE | test.py:29:19:29:24 | ControlFlowNode for SOURCE |
+| test.py:26:1:26:20 | GSSA Variable setFoo | test.py:29:5:29:10 | ControlFlowNode for setFoo |
 | test.py:27:5:27:9 | SSA variable myobj | test.py:29:5:29:25 | SSA variable myobj |
 | test.py:27:5:27:9 | SSA variable myobj | test.py:29:12:29:16 | ControlFlowNode for myobj |
 | test.py:27:13:27:23 | ControlFlowNode for MyObj() | test.py:27:5:27:9 | SSA variable myobj |
 | test.py:29:12:29:16 | ControlFlowNode for myobj | test.py:30:10:30:14 | ControlFlowNode for myobj |
 | test.py:29:12:29:16 | [post arg] ControlFlowNode for myobj | test.py:30:10:30:14 | ControlFlowNode for myobj |
+| test.py:33:1:33:20 | ControlFlowNode for FunctionExpr | test.py:33:5:33:17 | GSSA Variable test_example2 |
+| test.py:33:1:33:20 | GSSA Variable NestedObj | test.py:36:9:36:17 | ControlFlowNode for NestedObj |
+| test.py:33:1:33:20 | GSSA Variable SINK | test.py:41:5:41:8 | ControlFlowNode for SINK |
+| test.py:33:1:33:20 | GSSA Variable SOURCE | test.py:34:9:34:14 | ControlFlowNode for SOURCE |
 | test.py:34:5:34:5 | SSA variable x | test.py:38:17:38:17 | ControlFlowNode for x |
 | test.py:34:9:34:14 | ControlFlowNode for SOURCE | test.py:34:5:34:5 | SSA variable x |
 | test.py:36:5:36:5 | SSA variable a | test.py:38:5:38:5 | ControlFlowNode for a |
@@ -30,11 +51,21 @@
 | test.py:38:17:38:17 | ControlFlowNode for x | test.py:39:22:39:22 | ControlFlowNode for x |
 | test.py:39:5:39:5 | ControlFlowNode for a | test.py:41:10:41:10 | ControlFlowNode for a |
 | test.py:39:5:39:5 | [post read] ControlFlowNode for a | test.py:41:10:41:10 | ControlFlowNode for a |
+| test.py:44:1:44:20 | ControlFlowNode for FunctionExpr | test.py:44:5:44:17 | GSSA Variable test_example3 |
+| test.py:44:1:44:20 | GSSA Variable MyObj | test.py:45:11:45:15 | ControlFlowNode for MyObj |
+| test.py:44:1:44:20 | GSSA Variable SINK | test.py:46:5:46:8 | ControlFlowNode for SINK |
+| test.py:44:1:44:20 | GSSA Variable SOURCE | test.py:45:17:45:22 | ControlFlowNode for SOURCE |
 | test.py:45:5:45:7 | SSA variable obj | test.py:46:10:46:12 | ControlFlowNode for obj |
 | test.py:45:11:45:23 | ControlFlowNode for MyObj() | test.py:45:5:45:7 | SSA variable obj |
+| test.py:49:1:49:30 | ControlFlowNode for FunctionExpr | test.py:49:5:49:26 | GSSA Variable fields_with_local_flow |
+| test.py:49:1:49:30 | GSSA Variable MyObj | test.py:50:11:50:15 | ControlFlowNode for MyObj |
 | test.py:49:28:49:28 | SSA variable x | test.py:50:11:50:18 | SSA variable x |
 | test.py:49:28:49:28 | SSA variable x | test.py:50:17:50:17 | ControlFlowNode for x |
 | test.py:50:5:50:7 | SSA variable obj | test.py:51:9:51:11 | ControlFlowNode for obj |
 | test.py:50:11:50:18 | ControlFlowNode for MyObj() | test.py:50:5:50:7 | SSA variable obj |
 | test.py:51:5:51:5 | SSA variable a | test.py:52:12:52:12 | ControlFlowNode for a |
 | test.py:51:9:51:15 | ControlFlowNode for Attribute | test.py:51:5:51:5 | SSA variable a |
+| test.py:55:1:55:18 | ControlFlowNode for FunctionExpr | test.py:55:5:55:15 | GSSA Variable test_fields |
+| test.py:55:1:55:18 | GSSA Variable SINK | test.py:56:5:56:8 | ControlFlowNode for SINK |
+| test.py:55:1:55:18 | GSSA Variable SOURCE | test.py:56:33:56:38 | ControlFlowNode for SOURCE |
+| test.py:55:1:55:18 | GSSA Variable fields_with_local_flow | test.py:56:10:56:31 | ControlFlowNode for fields_with_local_flow |

python/ql/test/experimental/dataflow/fieldflow/dataflow.expected

@@ -1,7 +1,21 @@
 edges
-| examples.py:41:1:41:3 | GSSA Variable obj [Attribute foo] | examples.py:42:6:42:8 | ControlFlowNode for obj [Attribute foo] |
-| examples.py:41:7:41:19 | ControlFlowNode for MyObj() [Attribute foo] | examples.py:41:1:41:3 | GSSA Variable obj [Attribute foo] |
+| examples.py:27:8:27:12 | [post arg] ControlFlowNode for myobj [Attribute foo] | examples.py:28:6:28:10 | ControlFlowNode for myobj [Attribute foo] |
+| examples.py:27:15:27:20 | ControlFlowNode for SOURCE | examples.py:27:8:27:12 | [post arg] ControlFlowNode for myobj [Attribute foo] |
+| examples.py:27:15:27:20 | ControlFlowNode for SOURCE | examples.py:35:13:35:13 | ControlFlowNode for x |
+| examples.py:27:15:27:20 | ControlFlowNode for SOURCE | examples.py:41:13:41:18 | ControlFlowNode for SOURCE |
+| examples.py:27:15:27:20 | ControlFlowNode for SOURCE | examples.py:50:29:50:34 | ControlFlowNode for SOURCE |
+| examples.py:28:6:28:10 | ControlFlowNode for myobj [Attribute foo] | examples.py:28:6:28:14 | ControlFlowNode for Attribute |
+| examples.py:31:5:31:10 | ControlFlowNode for SOURCE | examples.py:35:13:35:13 | ControlFlowNode for x |
+| examples.py:31:5:31:10 | ControlFlowNode for SOURCE | examples.py:41:13:41:18 | ControlFlowNode for SOURCE |
+| examples.py:31:5:31:10 | ControlFlowNode for SOURCE | examples.py:50:29:50:34 | ControlFlowNode for SOURCE |
+| examples.py:35:1:35:1 | [post read] ControlFlowNode for a [Attribute obj, Attribute foo] | examples.py:38:6:38:6 | ControlFlowNode for a [Attribute obj, Attribute foo] |
+| examples.py:35:1:35:5 | [post store] ControlFlowNode for Attribute [Attribute foo] | examples.py:35:1:35:1 | [post read] ControlFlowNode for a [Attribute obj, Attribute foo] |
+| examples.py:35:13:35:13 | ControlFlowNode for x | examples.py:35:1:35:5 | [post store] ControlFlowNode for Attribute [Attribute foo] |
+| examples.py:38:6:38:6 | ControlFlowNode for a [Attribute obj, Attribute foo] | examples.py:38:6:38:10 | ControlFlowNode for Attribute [Attribute foo] |
+| examples.py:38:6:38:10 | ControlFlowNode for Attribute [Attribute foo] | examples.py:38:6:38:14 | ControlFlowNode for Attribute |
+| examples.py:41:7:41:19 | ControlFlowNode for MyObj() [Attribute foo] | examples.py:42:6:42:8 | ControlFlowNode for obj [Attribute foo] |
 | examples.py:41:13:41:18 | ControlFlowNode for SOURCE | examples.py:41:7:41:19 | ControlFlowNode for MyObj() [Attribute foo] |
+| examples.py:41:13:41:18 | ControlFlowNode for SOURCE | examples.py:50:29:50:34 | ControlFlowNode for SOURCE |
 | examples.py:42:6:42:8 | ControlFlowNode for obj [Attribute foo] | examples.py:42:6:42:12 | ControlFlowNode for Attribute |
 | examples.py:50:29:50:34 | ControlFlowNode for SOURCE | examples.py:50:6:50:35 | ControlFlowNode for fields_with_local_flow() |
 | test.py:29:12:29:16 | [post arg] ControlFlowNode for myobj [Attribute foo] | test.py:30:10:30:14 | ControlFlowNode for myobj [Attribute foo] |
@@ -18,7 +32,17 @@ edges
 | test.py:46:10:46:12 | ControlFlowNode for obj [Attribute foo] | test.py:46:10:46:16 | ControlFlowNode for Attribute |
 | test.py:56:33:56:38 | ControlFlowNode for SOURCE | test.py:56:10:56:39 | ControlFlowNode for fields_with_local_flow() |
 nodes
-| examples.py:41:1:41:3 | GSSA Variable obj [Attribute foo] | semmle.label | GSSA Variable obj [Attribute foo] |
+| examples.py:27:8:27:12 | [post arg] ControlFlowNode for myobj [Attribute foo] | semmle.label | [post arg] ControlFlowNode for myobj [Attribute foo] |
+| examples.py:27:15:27:20 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
+| examples.py:28:6:28:10 | ControlFlowNode for myobj [Attribute foo] | semmle.label | ControlFlowNode for myobj [Attribute foo] |
+| examples.py:28:6:28:14 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
+| examples.py:31:5:31:10 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
+| examples.py:35:1:35:1 | [post read] ControlFlowNode for a [Attribute obj, Attribute foo] | semmle.label | [post read] ControlFlowNode for a [Attribute obj, Attribute foo] |
+| examples.py:35:1:35:5 | [post store] ControlFlowNode for Attribute [Attribute foo] | semmle.label | [post store] ControlFlowNode for Attribute [Attribute foo] |
+| examples.py:35:13:35:13 | ControlFlowNode for x | semmle.label | ControlFlowNode for x |
+| examples.py:38:6:38:6 | ControlFlowNode for a [Attribute obj, Attribute foo] | semmle.label | ControlFlowNode for a [Attribute obj, Attribute foo] |
+| examples.py:38:6:38:10 | ControlFlowNode for Attribute [Attribute foo] | semmle.label | ControlFlowNode for Attribute [Attribute foo] |
+| examples.py:38:6:38:14 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
 | examples.py:41:7:41:19 | ControlFlowNode for MyObj() [Attribute foo] | semmle.label | ControlFlowNode for MyObj() [Attribute foo] |
 | examples.py:41:13:41:18 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
 | examples.py:42:6:42:8 | ControlFlowNode for obj [Attribute foo] | semmle.label | ControlFlowNode for obj [Attribute foo] |
@@ -43,7 +67,15 @@ nodes
 | test.py:56:10:56:39 | ControlFlowNode for fields_with_local_flow() | semmle.label | ControlFlowNode for fields_with_local_flow() |
 | test.py:56:33:56:38 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
 #select
+| examples.py:28:6:28:14 | ControlFlowNode for Attribute | examples.py:27:15:27:20 | ControlFlowNode for SOURCE | examples.py:28:6:28:14 | ControlFlowNode for Attribute | <message> |
+| examples.py:38:6:38:14 | ControlFlowNode for Attribute | examples.py:27:15:27:20 | ControlFlowNode for SOURCE | examples.py:38:6:38:14 | ControlFlowNode for Attribute | <message> |
+| examples.py:38:6:38:14 | ControlFlowNode for Attribute | examples.py:31:5:31:10 | ControlFlowNode for SOURCE | examples.py:38:6:38:14 | ControlFlowNode for Attribute | <message> |
+| examples.py:42:6:42:12 | ControlFlowNode for Attribute | examples.py:27:15:27:20 | ControlFlowNode for SOURCE | examples.py:42:6:42:12 | ControlFlowNode for Attribute | <message> |
+| examples.py:42:6:42:12 | ControlFlowNode for Attribute | examples.py:31:5:31:10 | ControlFlowNode for SOURCE | examples.py:42:6:42:12 | ControlFlowNode for Attribute | <message> |
 | examples.py:42:6:42:12 | ControlFlowNode for Attribute | examples.py:41:13:41:18 | ControlFlowNode for SOURCE | examples.py:42:6:42:12 | ControlFlowNode for Attribute | <message> |
+| examples.py:50:6:50:35 | ControlFlowNode for fields_with_local_flow() | examples.py:27:15:27:20 | ControlFlowNode for SOURCE | examples.py:50:6:50:35 | ControlFlowNode for fields_with_local_flow() | <message> |
+| examples.py:50:6:50:35 | ControlFlowNode for fields_with_local_flow() | examples.py:31:5:31:10 | ControlFlowNode for SOURCE | examples.py:50:6:50:35 | ControlFlowNode for fields_with_local_flow() | <message> |
+| examples.py:50:6:50:35 | ControlFlowNode for fields_with_local_flow() | examples.py:41:13:41:18 | ControlFlowNode for SOURCE | examples.py:50:6:50:35 | ControlFlowNode for fields_with_local_flow() | <message> |
 | examples.py:50:6:50:35 | ControlFlowNode for fields_with_local_flow() | examples.py:50:29:50:34 | ControlFlowNode for SOURCE | examples.py:50:6:50:35 | ControlFlowNode for fields_with_local_flow() | <message> |
 | test.py:30:10:30:18 | ControlFlowNode for Attribute | test.py:29:19:29:24 | ControlFlowNode for SOURCE | test.py:30:10:30:18 | ControlFlowNode for Attribute | <message> |
 | test.py:41:10:41:18 | ControlFlowNode for Attribute | test.py:34:9:34:14 | ControlFlowNode for SOURCE | test.py:41:10:41:18 | ControlFlowNode for Attribute | <message> |

python/ql/test/experimental/dataflow/fieldflow/dataflowExplore.expected

@@ -1,7 +1,41 @@
 edges
+| examples.py:7:24:7:26 | SSA variable foo | examples.py:8:20:8:22 | ControlFlowNode for foo |
+| examples.py:8:20:8:22 | ControlFlowNode for foo | examples.py:8:9:8:12 | [post store] ControlFlowNode for self [Attribute foo] |
+| examples.py:21:17:21:17 | SSA variable x | examples.py:23:15:23:15 | ControlFlowNode for x |
+| examples.py:23:15:23:15 | ControlFlowNode for x | examples.py:23:5:23:7 | [post store] ControlFlowNode for obj [Attribute foo] |
+| examples.py:27:8:27:12 | [post arg] ControlFlowNode for myobj [Attribute foo] | examples.py:28:6:28:10 | ControlFlowNode for myobj [Attribute foo] |
+| examples.py:27:15:27:20 | ControlFlowNode for SOURCE | examples.py:21:17:21:17 | SSA variable x |
+| examples.py:27:15:27:20 | ControlFlowNode for SOURCE | examples.py:27:8:27:12 | [post arg] ControlFlowNode for myobj [Attribute foo] |
 | examples.py:27:15:27:20 | ControlFlowNode for SOURCE | examples.py:31:5:31:10 | ControlFlowNode for SOURCE |
+| examples.py:28:6:28:10 | ControlFlowNode for myobj [Attribute foo] | examples.py:28:6:28:14 | ControlFlowNode for Attribute |
+| examples.py:31:1:31:1 | GSSA Variable x | examples.py:35:13:35:13 | ControlFlowNode for x |
+| examples.py:31:5:31:10 | ControlFlowNode for SOURCE | examples.py:31:1:31:1 | GSSA Variable x |
 | examples.py:31:5:31:10 | ControlFlowNode for SOURCE | examples.py:41:13:41:18 | ControlFlowNode for SOURCE |
+| examples.py:35:1:35:1 | [post read] ControlFlowNode for a [Attribute obj, ... (2)] | examples.py:36:1:36:1 | ControlFlowNode for a [Attribute obj, ... (2)] |
+| examples.py:35:1:35:5 | [post store] ControlFlowNode for Attribute [Attribute foo] | examples.py:35:1:35:1 | [post read] ControlFlowNode for a [Attribute obj, ... (2)] |
+| examples.py:35:13:35:13 | ControlFlowNode for x | examples.py:35:1:35:5 | [post store] ControlFlowNode for Attribute [Attribute foo] |
+| examples.py:35:13:35:13 | ControlFlowNode for x | examples.py:36:18:36:18 | ControlFlowNode for x |
+| examples.py:36:1:36:1 | ControlFlowNode for a [Attribute obj, ... (2)] | examples.py:38:6:38:6 | ControlFlowNode for a [Attribute obj, ... (2)] |
+| examples.py:36:18:36:18 | ControlFlowNode for x | examples.py:36:1:36:10 | [post store] ControlFlowNode for Attribute() [Attribute foo] |
+| examples.py:38:6:38:6 | ControlFlowNode for a [Attribute obj, ... (2)] | examples.py:38:6:38:10 | ControlFlowNode for Attribute [Attribute foo] |
+| examples.py:38:6:38:10 | ControlFlowNode for Attribute [Attribute foo] | examples.py:38:6:38:14 | ControlFlowNode for Attribute |
+| examples.py:41:1:41:3 | GSSA Variable obj [Attribute foo] | examples.py:42:6:42:8 | ControlFlowNode for obj [Attribute foo] |
+| examples.py:41:7:41:19 | ControlFlowNode for MyObj() [Attribute foo] | examples.py:41:1:41:3 | GSSA Variable obj [Attribute foo] |
+| examples.py:41:13:41:18 | ControlFlowNode for SOURCE | examples.py:7:24:7:26 | SSA variable foo |
+| examples.py:41:13:41:18 | ControlFlowNode for SOURCE | examples.py:41:7:41:19 | ControlFlowNode for MyObj() [Attribute foo] |
 | examples.py:41:13:41:18 | ControlFlowNode for SOURCE | examples.py:50:29:50:34 | ControlFlowNode for SOURCE |
+| examples.py:42:6:42:8 | ControlFlowNode for obj [Attribute foo] | examples.py:42:6:42:12 | ControlFlowNode for Attribute |
+| examples.py:45:28:45:28 | SSA variable x | examples.py:46:9:46:16 | SSA variable x |
+| examples.py:45:28:45:28 | SSA variable x | examples.py:46:15:46:15 | ControlFlowNode for x |
+| examples.py:46:3:46:5 | SSA variable obj [Attribute foo] | examples.py:47:7:47:9 | ControlFlowNode for obj [Attribute foo] |
+| examples.py:46:9:46:16 | ControlFlowNode for MyObj() [Attribute foo] | examples.py:46:3:46:5 | SSA variable obj [Attribute foo] |
+| examples.py:46:15:46:15 | ControlFlowNode for x | examples.py:7:24:7:26 | SSA variable foo |
+| examples.py:46:15:46:15 | ControlFlowNode for x | examples.py:46:9:46:16 | ControlFlowNode for MyObj() [Attribute foo] |
+| examples.py:47:3:47:3 | SSA variable a | examples.py:48:10:48:10 | ControlFlowNode for a |
+| examples.py:47:7:47:9 | ControlFlowNode for obj [Attribute foo] | examples.py:47:7:47:13 | ControlFlowNode for Attribute |
+| examples.py:47:7:47:13 | ControlFlowNode for Attribute | examples.py:47:3:47:3 | SSA variable a |
+| examples.py:50:29:50:34 | ControlFlowNode for SOURCE | examples.py:45:28:45:28 | SSA variable x |
+| examples.py:50:29:50:34 | ControlFlowNode for SOURCE | examples.py:50:6:50:35 | ControlFlowNode for fields_with_local_flow() |
 | test.py:8:24:8:26 | SSA variable foo | test.py:9:20:9:22 | ControlFlowNode for foo |
 | test.py:9:20:9:22 | ControlFlowNode for foo | test.py:9:9:9:12 | [post store] ControlFlowNode for self [Attribute foo] |
 | test.py:21:17:21:17 | SSA variable x | test.py:23:15:23:15 | ControlFlowNode for x |

python/ql/test/experimental/dataflow/fieldflow/globalStep.expected

@@ -1,5 +1,11 @@
 | test.py:6:1:6:20 | ControlFlowNode for ClassExpr | test.py:6:7:6:11 | GSSA Variable MyObj |
 | test.py:6:1:6:20 | ControlFlowNode for ClassExpr | test.py:6:7:6:11 | GSSA Variable MyObj |
+| test.py:6:7:6:11 | GSSA Variable MyObj | test.py:0:0:0:0 | ModuleVariableNode for Global Variable MyObj in Module test |
+| test.py:6:7:6:11 | GSSA Variable MyObj | test.py:0:0:0:0 | ModuleVariableNode for Global Variable MyObj in Module test |
+| test.py:6:13:6:18 | ControlFlowNode for object | test.py:12:17:12:22 | ControlFlowNode for object |
+| test.py:6:13:6:18 | ControlFlowNode for object | test.py:12:17:12:22 | ControlFlowNode for object |
+| test.py:8:5:8:28 | ControlFlowNode for FunctionExpr | test.py:8:9:8:16 | SSA variable __init__ |
+| test.py:8:5:8:28 | ControlFlowNode for FunctionExpr | test.py:8:9:8:16 | SSA variable __init__ |
 | test.py:8:18:8:21 | SSA variable self | test.py:9:9:9:12 | ControlFlowNode for self |
 | test.py:8:18:8:21 | SSA variable self | test.py:9:9:9:12 | ControlFlowNode for self |
 | test.py:8:18:8:21 | SSA variable self | test.py:9:9:9:12 | ControlFlowNode for self |
@@ -28,6 +34,10 @@
 | test.py:9:20:9:22 | ControlFlowNode for foo | test.py:9:9:9:12 | [post store] ControlFlowNode for self [Attribute foo] |
 | test.py:12:1:12:24 | ControlFlowNode for ClassExpr | test.py:12:7:12:15 | GSSA Variable NestedObj |
 | test.py:12:1:12:24 | ControlFlowNode for ClassExpr | test.py:12:7:12:15 | GSSA Variable NestedObj |
+| test.py:12:7:12:15 | GSSA Variable NestedObj | test.py:0:0:0:0 | ModuleVariableNode for Global Variable NestedObj in Module test |
+| test.py:12:7:12:15 | GSSA Variable NestedObj | test.py:0:0:0:0 | ModuleVariableNode for Global Variable NestedObj in Module test |
+| test.py:14:5:14:23 | ControlFlowNode for FunctionExpr | test.py:14:9:14:16 | SSA variable __init__ |
+| test.py:14:5:14:23 | ControlFlowNode for FunctionExpr | test.py:14:9:14:16 | SSA variable __init__ |
 | test.py:14:5:14:23 | GSSA Variable MyObj | test.py:15:20:15:24 | ControlFlowNode for MyObj |
 | test.py:14:5:14:23 | GSSA Variable MyObj | test.py:15:20:15:24 | ControlFlowNode for MyObj |
 | test.py:14:18:14:21 | SSA variable self | test.py:15:9:15:12 | ControlFlowNode for self |
@@ -49,12 +59,16 @@
 | test.py:15:26:15:29 | ControlFlowNode for Str | test.py:8:24:8:26 | SSA variable foo |
 | test.py:15:26:15:29 | ControlFlowNode for Str | test.py:8:24:8:26 | SSA variable foo |
 | test.py:15:26:15:29 | ControlFlowNode for Str | test.py:15:20:15:30 | ControlFlowNode for MyObj() [Attribute foo] |
+| test.py:17:5:17:21 | ControlFlowNode for FunctionExpr | test.py:17:9:17:14 | SSA variable getObj |
+| test.py:17:5:17:21 | ControlFlowNode for FunctionExpr | test.py:17:9:17:14 | SSA variable getObj |
 | test.py:17:16:17:19 | SSA variable self | test.py:18:16:18:19 | ControlFlowNode for self |
 | test.py:17:16:17:19 | SSA variable self | test.py:18:16:18:19 | ControlFlowNode for self |
 | test.py:21:1:21:19 | ControlFlowNode for FunctionExpr | test.py:21:5:21:10 | GSSA Variable setFoo |
 | test.py:21:1:21:19 | ControlFlowNode for FunctionExpr | test.py:21:5:21:10 | GSSA Variable setFoo |
 | test.py:21:1:21:19 | GSSA Variable SINK_F | test.py:22:5:22:10 | ControlFlowNode for SINK_F |
 | test.py:21:1:21:19 | GSSA Variable SINK_F | test.py:22:5:22:10 | ControlFlowNode for SINK_F |
+| test.py:21:5:21:10 | GSSA Variable setFoo | test.py:0:0:0:0 | ModuleVariableNode for Global Variable setFoo in Module test |
+| test.py:21:5:21:10 | GSSA Variable setFoo | test.py:0:0:0:0 | ModuleVariableNode for Global Variable setFoo in Module test |
 | test.py:21:12:21:14 | SSA variable obj | test.py:22:12:22:14 | ControlFlowNode for obj |
 | test.py:21:12:21:14 | SSA variable obj | test.py:22:12:22:14 | ControlFlowNode for obj |
 | test.py:21:12:21:14 | SSA variable obj | test.py:22:12:22:14 | ControlFlowNode for obj |
@@ -141,8 +155,14 @@
 | test.py:33:1:33:20 | GSSA Variable NestedObj | test.py:36:9:36:17 | ControlFlowNode for NestedObj |
 | test.py:33:1:33:20 | GSSA Variable SINK | test.py:41:5:41:8 | ControlFlowNode for SINK |
 | test.py:33:1:33:20 | GSSA Variable SINK | test.py:41:5:41:8 | ControlFlowNode for SINK |
+| test.py:33:1:33:20 | GSSA Variable SOURCE | test.py:34:5:34:5 | SSA variable x |
+| test.py:33:1:33:20 | GSSA Variable SOURCE | test.py:34:5:34:5 | SSA variable x |
 | test.py:33:1:33:20 | GSSA Variable SOURCE | test.py:34:9:34:14 | ControlFlowNode for SOURCE |
 | test.py:33:1:33:20 | GSSA Variable SOURCE | test.py:34:9:34:14 | ControlFlowNode for SOURCE |
+| test.py:33:1:33:20 | GSSA Variable SOURCE | test.py:38:17:38:17 | ControlFlowNode for x |
+| test.py:33:1:33:20 | GSSA Variable SOURCE | test.py:38:17:38:17 | ControlFlowNode for x |
+| test.py:33:1:33:20 | GSSA Variable SOURCE | test.py:39:22:39:22 | ControlFlowNode for x |
+| test.py:33:1:33:20 | GSSA Variable SOURCE | test.py:39:22:39:22 | ControlFlowNode for x |
 | test.py:34:5:34:5 | SSA variable x | test.py:38:17:38:17 | ControlFlowNode for x |
 | test.py:34:5:34:5 | SSA variable x | test.py:38:17:38:17 | ControlFlowNode for x |
 | test.py:34:5:34:5 | SSA variable x | test.py:39:22:39:22 | ControlFlowNode for x |
@@ -249,6 +269,8 @@
 | test.py:49:1:49:30 | ControlFlowNode for FunctionExpr | test.py:49:5:49:26 | GSSA Variable fields_with_local_flow |
 | test.py:49:1:49:30 | GSSA Variable MyObj | test.py:50:11:50:15 | ControlFlowNode for MyObj |
 | test.py:49:1:49:30 | GSSA Variable MyObj | test.py:50:11:50:15 | ControlFlowNode for MyObj |
+| test.py:49:5:49:26 | GSSA Variable fields_with_local_flow | test.py:0:0:0:0 | ModuleVariableNode for Global Variable fields_with_local_flow in Module test |
+| test.py:49:5:49:26 | GSSA Variable fields_with_local_flow | test.py:0:0:0:0 | ModuleVariableNode for Global Variable fields_with_local_flow in Module test |
 | test.py:49:28:49:28 | SSA variable x | test.py:50:11:50:18 | SSA variable x |
 | test.py:49:28:49:28 | SSA variable x | test.py:50:11:50:18 | SSA variable x |
 | test.py:49:28:49:28 | SSA variable x | test.py:50:11:50:18 | SSA variable x |

python/ql/test/experimental/dataflow/fieldflow/localFlow.expected

@@ -1,9 +1,11 @@
+| examples.py:45:1:45:30 | GSSA Variable MyObj | examples.py:46:9:46:13 | ControlFlowNode for MyObj |
 | examples.py:45:28:45:28 | SSA variable x | examples.py:46:9:46:16 | SSA variable x |
 | examples.py:45:28:45:28 | SSA variable x | examples.py:46:15:46:15 | ControlFlowNode for x |
 | examples.py:46:3:46:5 | SSA variable obj | examples.py:47:7:47:9 | ControlFlowNode for obj |
 | examples.py:46:9:46:16 | ControlFlowNode for MyObj() | examples.py:46:3:46:5 | SSA variable obj |
 | examples.py:47:3:47:3 | SSA variable a | examples.py:48:10:48:10 | ControlFlowNode for a |
 | examples.py:47:7:47:13 | ControlFlowNode for Attribute | examples.py:47:3:47:3 | SSA variable a |
+| test.py:49:1:49:30 | GSSA Variable MyObj | test.py:50:11:50:15 | ControlFlowNode for MyObj |
 | test.py:49:28:49:28 | SSA variable x | test.py:50:11:50:18 | SSA variable x |
 | test.py:49:28:49:28 | SSA variable x | test.py:50:17:50:17 | ControlFlowNode for x |
 | test.py:50:5:50:7 | SSA variable obj | test.py:51:9:51:11 | ControlFlowNode for obj |

python/ql/test/experimental/dataflow/global-flow/accesses.ql

@@ -0,0 +1,36 @@
+import python
+import experimental.dataflow.DataFlow
+import TestUtilities.InlineExpectationsTest
+
+class GlobalReadTest extends InlineExpectationsTest {
+  GlobalReadTest() { this = "GlobalReadTest" }
+
+  override string getARelevantTag() { result = "reads" }
+
+  override predicate hasActualResult(Location location, string element, string tag, string value) {
+    exists(DataFlow::ModuleVariableNode n, DataFlow::Node read |
+      read = n.getARead() and
+      value = n.getVariable().getId() and
+      value != "print" and
+      tag = "reads" and
+      location = read.getLocation() and
+      element = read.toString()
+    )
+  }
+}
+
+class GlobalWriteTest extends InlineExpectationsTest {
+  GlobalWriteTest() { this = "GlobalWriteTest" }
+
+  override string getARelevantTag() { result = "writes" }
+
+  override predicate hasActualResult(Location location, string element, string tag, string value) {
+    exists(DataFlow::ModuleVariableNode n, DataFlow::Node read |
+      read = n.getAWrite() and
+      value = n.getVariable().getId() and
+      tag = "writes" and
+      location = read.getLocation() and
+      element = read.toString()
+    )
+  }
+}

python/ql/test/experimental/dataflow/global-flow/known.py

@@ -0,0 +1 @@
+known_attr = [1000]

python/ql/test/experimental/dataflow/global-flow/test.py

@@ -0,0 +1,121 @@
+### Tests of global flow
+
+# Simple assignment
+
+g = [5] # $writes=g
+
+# Multiple assignment
+
+g1, g2 = [6], [7] # $writes=g1 $writes=g2
+
+# Assignment that's only referenced in this scope. This one will not give rise to a `ModuleVariableNode`.
+
+unreferenced_g = [8]
+print(unreferenced_g)
+
+# Testing modifications of globals
+
+# Modification by reassignment
+
+g_mod = []
+# This assignment does not produce any flow, since `g_mod` is immediately reassigned.
+
+# The following assignment should not be a `ModuleVariableNode`,
+# but currently our analysis thinks `g_mod` might be used in the `print` call
+g_mod = [10] # $f+:writes=g_mod
+print("foo")
+g_mod = [100] # $writes=g_mod
+
+# Modification by mutation
+
+g_ins = [50] # $writes=g_ins
+print(g_ins)
+g_ins.append(75)
+
+# A global with multiple potential definitions
+
+import unknown_module
+if unknown_module.attr:
+    g_mult = [200] # $writes=g_mult
+else:
+    g_mult = [300] # $writes=g_mult
+
+# A global variable that may be redefined depending on some unknown value
+
+g_redef = [400] # $writes=g_redef
+if unknown_module.attr:
+    g_redef = [500] # $writes=g_redef
+
+def global_access():
+    l = 5
+    print(g) # $reads=g
+    print(g1) # $reads=g1
+    print(g2) # $reads=g2
+    print(g_mod) # $reads=g_mod
+    print(g_ins) # $reads=g_ins
+    print(g_mult) # $reads=g_mult
+    print(g_redef) # $reads=g_redef
+
+def print_g_mod(): # $writes=print_g_mod
+    print(g_mod) # $reads=g_mod
+
+def global_mod():
+    global g_mod
+    g_mod += [150] # $reads,writes=g_mod
+    print_g_mod() # $reads=print_g_mod
+
+def global_inside_local_function():
+    def local_function():
+        print(g) # $reads=g
+    local_function()
+
+## Imports
+
+
+# Direct imports
+
+import foo_module # $writes=foo_module
+
+def use_foo():
+    print(foo_module.attr) # $reads=foo_module
+
+# Partial imports
+
+from bar import baz_attr, quux_attr # $writes=baz_attr $writes=quux_attr
+
+def use_partial_import():
+    print(baz_attr, quux_attr) # $reads=baz_attr $reads=quux_attr
+
+# Aliased imports
+
+from spam_module import ham_attr as eggs_attr # $writes=eggs_attr
+
+def use_aliased_import():
+    print(eggs_attr) # $reads=eggs_attr
+
+# Import star (unlikely to work unless we happen to extract/model the referenced module)
+
+# Unknown modules
+
+from unknown import *
+
+def secretly_use_unknown():
+    print(unknown_attr) # $reads=unknown_attr
+
+# Known modules
+
+from known import *
+
+def secretly_use_known():
+    print(known_attr) # $reads=known_attr
+
+# Local import in function
+
+def imports_locally():
+    import mod1
+
+# Global import hidden in function
+
+def imports_stuff():
+    global mod2
+    import mod2 # $writes=mod2

python/ql/test/experimental/dataflow/strange-essaflow/testFlow.expected

@@ -2,4 +2,5 @@ os_import
 | test.py:2:8:2:9 | GSSA Variable os |
 flowstep
 jumpStep
+| test.py:2:8:2:9 | GSSA Variable os | test.py:0:0:0:0 | ModuleVariableNode for Global Variable os in Module test |
 essaFlowStep

python/ql/test/experimental/dataflow/strange-essaflow/testFlow.ql

@@ -1,5 +1,6 @@
 import python
 import experimental.dataflow.DataFlow
+private import experimental.dataflow.internal.DataFlowPrivate as DataFlowPrivate
 
 /** Gets the EssaNode that holds the module imported by the fully qualified module name `name` */
 DataFlow::EssaNode module_import(string name) {
@@ -27,10 +28,10 @@ query predicate flowstep(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) {
 
 query predicate jumpStep(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) {
   os_import(nodeFrom) and
-  DataFlow::jumpStep(nodeFrom, nodeTo)
+  DataFlowPrivate::jumpStep(nodeFrom, nodeTo)
 }
 
 query predicate essaFlowStep(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) {
   os_import(nodeFrom) and
-  DataFlow::EssaFlow::essaFlowStep(nodeFrom, nodeTo)
+  DataFlowPrivate::EssaFlow::essaFlowStep(nodeFrom, nodeTo)
 }

python/ql/test/experimental/dataflow/tainttracking/TestTaintLib.qll

@@ -43,7 +43,7 @@ private string repr(Expr e) {
   result = repr(e.(Attribute).getObject()) + "." + e.(Attribute).getName()
 }
 
-query predicate test_taint(string arg_location, string test_res, string function_name, string repr) {
+query predicate test_taint(string arg_location, string test_res, string scope_name, string repr) {
   exists(Call call, Expr arg, boolean expected_taint, boolean has_taint |
     // only consider files that are extracted as part of the test
     exists(call.getLocation().getFile().getRelativePath()) and
@@ -68,7 +68,7 @@ query predicate test_taint(string arg_location, string test_res, string function
     // select
     arg_location = arg.getLocation().toString() and
     test_res = test_res and
-    function_name = call.getScope().(Function).getName() and
+    scope_name = call.getScope().getName() and
     repr = repr(arg)
   )
 }

python/ql/test/experimental/dataflow/tainttracking/basic/LocalTaintStep.expected

@@ -1,3 +1,7 @@
+| test.py:3:1:3:7 | GSSA Variable tainted | test.py:4:1:4:13 | GSSA Variable tainted |
+| test.py:3:1:3:7 | GSSA Variable tainted | test.py:4:6:4:12 | ControlFlowNode for tainted |
+| test.py:3:11:3:16 | ControlFlowNode for SOURCE | test.py:3:1:3:7 | GSSA Variable tainted |
+| test.py:6:1:6:11 | ControlFlowNode for FunctionExpr | test.py:6:5:6:8 | GSSA Variable func |
 | test.py:7:5:7:16 | SSA variable also_tainted | test.py:8:5:8:22 | SSA variable also_tainted |
 | test.py:7:5:7:16 | SSA variable also_tainted | test.py:8:10:8:21 | ControlFlowNode for also_tainted |
 | test.py:7:20:7:25 | ControlFlowNode for SOURCE | test.py:7:5:7:16 | SSA variable also_tainted |

python/ql/test/experimental/dataflow/tainttracking/taintlib.py

@@ -3,6 +3,8 @@ TAINTED_BYTES = b"TAINTED_BYTES"
 TAINTED_LIST = ["tainted-{}".format(i) for i in range(5)]
 TAINTED_DICT = {"name": TAINTED_STRING, "some key": "foo"}
 
+NOT_TAINTED = "NOT_TAINTED"
+
 def ensure_tainted(*args):
     print("- ensure_tainted")
     for i, arg in enumerate(args):

python/ql/test/experimental/dataflow/tainttracking/unwanted-global-flow/test.py

@@ -0,0 +1,54 @@
+import sys; import os; sys.path.append(os.path.dirname(os.path.dirname((__file__))))
+from taintlib import *
+
+# Various instances where flow is undesirable
+
+
+# A global variable that starts out being not tainted, but gets tainted through a later assignment.
+# In this case, we do not want flow from the tainting assignment back to the place where the value
+# was used in a potentially unsafe manner.
+
+tainted_later = NOT_TAINTED
+ensure_not_tainted(tainted_later)
+
+def write_global():
+    global tainted_later
+    tainted_later = TAINTED_STRING
+
+
+# A global variable that starts out tainted, and is subsequently reassigned to be untainted.
+# In this case we don't want flow from the first assignment to any of its uses.
+
+initially_tainted = TAINTED_STRING
+len(initially_tainted) # Some call that _could_ potentially modify `initially_tainted`
+initially_tainted = NOT_TAINTED
+ensure_not_tainted(initially_tainted)
+
+def use_of_initially_tainted():
+    ensure_not_tainted(initially_tainted) # FP
+
+
+# A very similar case to the above, but here we _do_ want taint flow, because the initially tainted
+# value is actually used before it gets reassigned to an untainted value. 
+
+def use_of_initially_tainted2():
+    ensure_tainted(initially_tainted2)
+
+initially_tainted2 = TAINTED_STRING
+use_of_initially_tainted2()
+initially_tainted2 = NOT_TAINTED
+ensure_not_tainted(initially_tainted2)
+
+
+# Flow via global assignment
+
+def write_tainted():
+    global g
+    g = TAINTED_STRING
+
+def sink_global():
+    ensure_tainted(g)
+
+write_global()
+write_tainted()
+sink_global()

python/ql/test/experimental/dataflow/tainttracking/unwanted-global-flow/testTaint.expected

@@ -0,0 +1,6 @@
+| test.py:12 | ok   | test | tainted_later |
+| test.py:25 | ok   | test | initially_tainted |
+| test.py:28 | fail | use_of_initially_tainted | initially_tainted |
+| test.py:35 | ok   | use_of_initially_tainted2 | initially_tainted2 |
+| test.py:40 | ok   | test | initially_tainted2 |
+| test.py:50 | ok   | sink_global | g |

python/ql/test/experimental/dataflow/tainttracking/unwanted-global-flow/testTaint.ql

@@ -0,0 +1 @@
+import experimental.dataflow.tainttracking.TestTaintLib

python/ql/test/experimental/dataflow/typetracking/test.py

@@ -38,10 +38,11 @@ def quux():
 g = None
 
 def write_g(x): # $tracked
+    global g
     g = x # $tracked
 
 def use_g():
-    do_stuff(g) # $f-:tracked // no global flow for now.
+    do_stuff(g) # $tracked
 
 def global_var_write_test():
     x = tracked # $tracked

python/ql/test/experimental/dataflow/typetracking/tracked.ql

@@ -18,6 +18,8 @@ class TrackedTest extends InlineExpectationsTest {
   override predicate hasActualResult(Location location, string element, string tag, string value) {
     exists(DataFlow::Node e, TypeTracker t |
       e = tracked(t) and
+      // Module variables have no sensible location, and hence can't be annotated.
+      not e instanceof DataFlow::ModuleVariableNode and
       tag = "tracked" and
       location = e.getLocation() and
       value = t.getAttr() and