python: various fixes

- compilation - alerts - some review comments
2026-05-02 20:25:13 +02:00 · 2022-05-11 12:28:58 +00:00
parent f67be52b99
commit 4445cf152a
4 changed files with 16 additions and 16 deletions
--- a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowDispatchPointsTo.qll
+++ b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowDispatchPointsTo.qll
@@ -507,7 +507,7 @@ class NonSpecialCall extends DataFlowSourceCall, TNonSpecialCall {
 abstract class NonLibraryDataFlowSourceCall extends NonSpecialCall {
  abstract Node getArg2(int n);

-  final override Node getArg(int n) { result = getArg2(n) }
+  final override Node getArg(int n) { result = this.getArg2(n) }

  abstract DataFlowCallable getCallable2();

@@ -522,10 +522,9 @@ abstract class NonLibraryDataFlowSourceCall extends NonSpecialCall {
 */
 class FunctionCall extends NonLibraryDataFlowSourceCall {
  NonLibraryDataFlowCallable callable;
-  FunctionValue f;

  FunctionCall() {
-    call = f.getAFunctionCall() and
+    call = any(FunctionValue f).getAFunctionCall() and
    call = callable.getACall()
  }

@@ -537,11 +536,10 @@ class FunctionCall extends NonLibraryDataFlowSourceCall {
 /** A call to a lambda. */
 class LambdaCall extends NonLibraryDataFlowSourceCall {
  NonLibraryDataFlowCallable callable;
-  Function f;

  LambdaCall() {
    call = callable.getACall() and
-    callable = TLambda(f)
+    callable = TLambda(any(Function f))
  }

  override Node getArg2(int n) { result = getArg(call, TNoShift(), callable.getCallableValue(), n) }
@@ -730,10 +728,8 @@ abstract class ReturnNode extends Node {

 /** A data flow node that represents a value returned by a callable. */
 class ReturnSourceNode extends ReturnNode, CfgNode {
-  Return ret;
-
  // See `TaintTrackingImplementation::returnFlowStep`
-  ReturnSourceNode() { node = ret.getValue().getAFlowNode() }
+  ReturnSourceNode() { node = any(Return ret).getValue().getAFlowNode() }

  override ReturnKind getKind() { any() }
 }
--- a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll
+++ b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll
@@ -160,7 +160,7 @@ module SyntheticPostUpdateNode {
    or
    call = any(ClassValue c | not c.isAbsent()).getACall()
    or
-    call = any(SpecialMethodCallNode special)
+    call instanceof SpecialMethodCallNode
  }

  /** Gets the pre-update node associated with a store. This is used for when an object might have its value changed after a store. */
@@ -936,12 +936,14 @@ predicate lambdaCreation(Node creation, LambdaCallKind kind, DataFlowCallable c)
  creation.asExpr() = c.(DataFlowLambda).getDefinition()
  or
  // normal function
+  // TODO: reconsider this code
  kind = kind and
  exists(Call call, Name f, FunctionDef def |
    f = call.getAnArg() and
    def.getDefinedFunction().getName() = f.getId() and
    // c.getCallableValue() = def.getDefinedFunction().getDefinition() and
-    c.getName() = f.getId()
+    c.getName() = f.getId() and
+    creation.asExpr() = call
  )
 }

--- a/python/ql/lib/semmle/python/dataflow/new/internal/FlowSummaryImplSpecific.qll
+++ b/python/ql/lib/semmle/python/dataflow/new/internal/FlowSummaryImplSpecific.qll
@@ -1,5 +1,5 @@
 /**
- * Provides Ruby specific classes and predicates for defining flow summaries.
+ * Provides Python specific classes and predicates for defining flow summaries.
 */

 private import python