hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity

Python: Update globalVariableAttrPathAtDepth base case

Browse Source
This commit is contained in:
Napalys Klicius
2025-08-07 14:55:50 +00:00
parent 6133f01c81
commit 8393ccf39d
2 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll
View File

@@ -604,7 +604,7 @@ predicate globalVariableAttrPathAtDepth(
) {
// Base case: Direct global variable access (depth 0)
depth = 0 and
node in [globalVar.getARead(), globalVar.getAWrite()] and
node in [globalVar.getARead(), globalVar.getAWrite(), globalVar] and
accessPath = ""
or
exists(Node obj, string attrName, string parentAccessPath, int parentDepth |

4
python/ql/test/library-tests/dataflow/fieldflow/test.py
View File

@@ -301,12 +301,12 @@ def set_to_source():
@expects(4) # $ unresolved_call=expects(..) unresolved_call=expects(..)(..)
def test_global_flow_to_class_attribute():
inst = WithTuple2()
SINK_F(WithTuple2.my_tuple[0])
SINK_F(WithTuple2.my_tuple[0]) # $ SPURIOUS: flow="SOURCE, l:-5 -> WithTuple2.my_tuple[0]"
SINK_F(inst.my_tuple[0])
set_to_source()
SINK(WithTuple2.my_tuple[0]) # $ MISSING: flow="SOURCE, l:-10 -> WithTuple2.my_tuple[0]"
SINK(WithTuple2.my_tuple[0]) # $ flow="SOURCE, l:-10 -> WithTuple2.my_tuple[0]"
SINK(inst.my_tuple[0]) # $ MISSING: flow="SOURCE, l:-11 -> inst.my_tuple[0]"