python: remove TaintStepFromSummary

as it should be covered by `SummarizedCallableFromModel`

Also move things around, to look more like the Ruby code.
This commit is contained in:
Rasmus Lerchedahl Petersen
2024-02-08 12:48:15 +01:00
parent bcfce56ef6
commit 45bb4a0ee5
2 changed files with 27 additions and 45 deletions

View File

@@ -2,7 +2,6 @@
private import python
private import semmle.python.dataflow.new.DataFlow
private import semmle.python.frameworks.data.ModelsAsData
private import semmle.python.ApiGraphs
private import internal.FlowSummaryImpl as Impl
private import internal.DataFlowUtil
@@ -11,6 +10,7 @@ private import internal.DataFlowPrivate
// import all instances below
private module Summaries {
private import semmle.python.Frameworks
private import semmle.python.frameworks.data.ModelsAsData
}
deprecated class SummaryComponent = Impl::Private::SummaryComponent;
@@ -36,32 +36,3 @@ abstract class SummarizedCallable extends LibraryCallable, Impl::Public::Summari
}
deprecated class RequiredSummaryComponentStack = Impl::Private::RequiredSummaryComponentStack;
private class SummarizedCallableFromModel extends SummarizedCallable {
string type;
string path;
SummarizedCallableFromModel() {
ModelOutput::relevantSummaryModel(type, path, _, _, _) and
this = type + ";" + path
}
override CallCfgNode getACall() { ModelOutput::resolvedSummaryBase(type, path, result) }
override ArgumentNode getACallback() {
exists(API::Node base |
ModelOutput::resolvedSummaryRefBase(type, path, base) and
result = base.getAValueReachableFromSource()
)
}
override predicate propagatesFlow(string input, string output, boolean preservesValue) {
exists(string kind | ModelOutput::relevantSummaryModel(type, path, input, output, kind) |
kind = "value" and
preservesValue = true
or
kind = "taint" and
preservesValue = false
)
}
}