hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-14 19:29:28 +02:00
Code Issues Packages Projects Releases Wiki Activity

Python: Port ModuleImportsItself.ql

Browse Source 
Uses the existing machinery in ImportResolution.qll, after adding a few
convenience predicates.

The new modelling actually manages to find a result that the old
points-to analysis did not. Apart from that there are no test changes.
This commit is contained in:
Taus
2026-02-25 16:01:10 +00:00
parent e2eb69ce8d
commit 603d37cd60
3 changed files with 39 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
python/ql/src/Imports/ModuleImportsItself.ql
View File

@@ -12,19 +12,19 @@
*/
import python
private import LegacyPointsTo
import semmle.python.dataflow.new.DataFlow
private import semmle.python.dataflow.new.internal.ImportResolution
predicate modules_imports_itself(ImportingStmt i, ModuleValue m) {
i.getEnclosingModule() = m.getScope() and
m =
max(string s, ModuleValue m_ |
s = i.getAnImportedModuleName() and
m_.importedAs(s)
|
m_ order by s.length()
)
predicate modules_imports_itself(ImportingStmt i, Module m) {
m = i.getEnclosingModule() and
ImportResolution::importedBy(i, m) and
// Exclude `from m import submodule` where the imported member is a submodule of m
not exists(ImportMember im | im = i.(Import).getAName().getValue() |
ImportResolution::getImmediateModuleReference(m).asExpr() = im.getModule() and
ImportResolution::importedBy(i, any(Module sub | sub != m))
)
}
from ImportingStmt i, ModuleValue m
from ImportingStmt i, Module m
where modules_imports_itself(i, m)
select i, "The module '" + m.getName() + "' imports itself."
select i, "The module '" + ImportResolution::moduleName(m) + "' imports itself."