From 85eb3fa4607001f70dcf84fc36d4212afbeaea5a Mon Sep 17 00:00:00 2001 From: Taus Date: Mon, 16 Oct 2023 14:28:47 +0000 Subject: [PATCH] Python: auto model Just the missing sinks suite. --- .../internal/auto-aiohttp_xmlrpc.model.yml | 9 ++++++++ .../data/internal/auto-bleach.model.yml | 3 +++ .../data/internal/auto-boto.model.yml | 3 +++ .../data/internal/auto-defusedxml.model.yml | 9 ++++++++ .../data/internal/auto-docx.model.yml | 9 ++++++++ .../data/internal/auto-docxtpl.model.yml | 9 ++++++++ .../data/internal/auto-feedgen.model.yml | 9 ++++++++ .../internal/auto-flask_apscheduler.model.yml | 9 ++++++++ .../data/internal/auto-geocoder.model.yml | 21 +++++++++++++++++++ .../data/internal/auto-gpxpy.model.yml | 3 +++ .../data/internal/auto-gvm.model.yml | 15 +++++++++++++ .../data/internal/auto-html5lib.model.yml | 3 +++ .../auto-label_studio_converter.model.yml | 9 ++++++++ .../auto-label_studio_tools.model.yml | 9 ++++++++ .../data/internal/auto-lxml.model.yml | 15 +++++++++++++ .../data/internal/auto-mffpy.model.yml | 6 ++++++ .../data/internal/auto-pandas.model.yml | 3 +++ .../data/internal/auto-pikepdf.model.yml | 3 +++ .../data/internal/auto-pip.model.yml | 3 +++ .../data/internal/auto-pptx.model.yml | 9 ++++++++ .../data/internal/auto-psutil.model.yml | 3 +++ .../data/internal/auto-pyquery.model.yml | 9 ++++++++ .../data/internal/auto-qrcode.model.yml | 9 ++++++++ .../data/internal/auto-rdflib.model.yml | 3 +++ .../auto-rest_framework_simplejwt.model.yml | 12 +++++++++++ .../data/internal/auto-svglib.model.yml | 9 ++++++++ .../data/internal/auto-xml2rfc.model.yml | 21 +++++++++++++++++++ 27 files changed, 225 insertions(+) create mode 100644 python/ql/lib/semmle/python/frameworks/data/internal/auto-aiohttp_xmlrpc.model.yml create mode 100644 python/ql/lib/semmle/python/frameworks/data/internal/auto-defusedxml.model.yml create mode 100644 python/ql/lib/semmle/python/frameworks/data/internal/auto-docxtpl.model.yml create mode 100644 python/ql/lib/semmle/python/frameworks/data/internal/auto-feedgen.model.yml create mode 100644 python/ql/lib/semmle/python/frameworks/data/internal/auto-flask_apscheduler.model.yml create mode 100644 python/ql/lib/semmle/python/frameworks/data/internal/auto-geocoder.model.yml create mode 100644 python/ql/lib/semmle/python/frameworks/data/internal/auto-gvm.model.yml create mode 100644 python/ql/lib/semmle/python/frameworks/data/internal/auto-label_studio_converter.model.yml create mode 100644 python/ql/lib/semmle/python/frameworks/data/internal/auto-label_studio_tools.model.yml create mode 100644 python/ql/lib/semmle/python/frameworks/data/internal/auto-lxml.model.yml create mode 100644 python/ql/lib/semmle/python/frameworks/data/internal/auto-pyquery.model.yml create mode 100644 python/ql/lib/semmle/python/frameworks/data/internal/auto-svglib.model.yml create mode 100644 python/ql/lib/semmle/python/frameworks/data/internal/auto-xml2rfc.model.yml diff --git a/python/ql/lib/semmle/python/frameworks/data/internal/auto-aiohttp_xmlrpc.model.yml b/python/ql/lib/semmle/python/frameworks/data/internal/auto-aiohttp_xmlrpc.model.yml new file mode 100644 index 00000000000..c4c60035284 --- /dev/null +++ b/python/ql/lib/semmle/python/frameworks/data/internal/auto-aiohttp_xmlrpc.model.yml @@ -0,0 +1,9 @@ +# process-mrva-results 0.0.1 +extensions: +- addsTo: + extensible: typeModel + pack: codeql/python-all + data: + - - lxml.etree~Alias + - aiohttp_xmlrpc + - Member[client].Member[etree] diff --git a/python/ql/lib/semmle/python/frameworks/data/internal/auto-bleach.model.yml b/python/ql/lib/semmle/python/frameworks/data/internal/auto-bleach.model.yml index 71046cb880e..e68ab68651f 100644 --- a/python/ql/lib/semmle/python/frameworks/data/internal/auto-bleach.model.yml +++ b/python/ql/lib/semmle/python/frameworks/data/internal/auto-bleach.model.yml @@ -10,6 +10,9 @@ extensions: - - io.StringIO~Subclass - bleach - Member[_vendor].Member[html5lib].Member[_inputstream].Member[StringIO] + - - lxml.etree~Alias + - bleach + - Member[_vendor].Member[html5lib].Member[treewalkers].Member[etree_lxml].Member[etree] - - xml.etree.ElementTree~Subclass - bleach - Member[_vendor].Member[html5lib].Member[_utils].Member[default_etree] diff --git a/python/ql/lib/semmle/python/frameworks/data/internal/auto-boto.model.yml b/python/ql/lib/semmle/python/frameworks/data/internal/auto-boto.model.yml index 9a6bebea7b0..d8a4327be99 100644 --- a/python/ql/lib/semmle/python/frameworks/data/internal/auto-boto.model.yml +++ b/python/ql/lib/semmle/python/frameworks/data/internal/auto-boto.model.yml @@ -40,3 +40,6 @@ extensions: - - io.StringIO~Subclass - boto - Member[vendored].Member[six].Member[StringIO] + - - lxml.etree~Alias + - boto + - Member[mturk].Member[question].Member[etree] diff --git a/python/ql/lib/semmle/python/frameworks/data/internal/auto-defusedxml.model.yml b/python/ql/lib/semmle/python/frameworks/data/internal/auto-defusedxml.model.yml new file mode 100644 index 00000000000..2ffc20dd6df --- /dev/null +++ b/python/ql/lib/semmle/python/frameworks/data/internal/auto-defusedxml.model.yml @@ -0,0 +1,9 @@ +# process-mrva-results 0.0.1 +extensions: +- addsTo: + extensible: typeModel + pack: codeql/python-all + data: + - - lxml.etree~Alias + - defusedxml + - Member[lxml].Member[etree] diff --git a/python/ql/lib/semmle/python/frameworks/data/internal/auto-docx.model.yml b/python/ql/lib/semmle/python/frameworks/data/internal/auto-docx.model.yml index 712293421ed..024409edae2 100644 --- a/python/ql/lib/semmle/python/frameworks/data/internal/auto-docx.model.yml +++ b/python/ql/lib/semmle/python/frameworks/data/internal/auto-docx.model.yml @@ -13,3 +13,12 @@ extensions: - - io.StringIO~Subclass - docx - Member[image].Member[jpeg].Member[BytesIO] + - - lxml.etree~Alias + - docx + - Member[opc].Member[oxml].Member[etree] + - - lxml.etree~Alias + - docx + - Member[oxml].Member[etree] + - - lxml.etree~Alias + - docx + - Member[oxml].Member[xmlchemy].Member[etree] diff --git a/python/ql/lib/semmle/python/frameworks/data/internal/auto-docxtpl.model.yml b/python/ql/lib/semmle/python/frameworks/data/internal/auto-docxtpl.model.yml new file mode 100644 index 00000000000..b3ee6da82db --- /dev/null +++ b/python/ql/lib/semmle/python/frameworks/data/internal/auto-docxtpl.model.yml @@ -0,0 +1,9 @@ +# process-mrva-results 0.0.1 +extensions: +- addsTo: + extensible: typeModel + pack: codeql/python-all + data: + - - lxml.etree~Alias + - docxtpl + - Member[etree] diff --git a/python/ql/lib/semmle/python/frameworks/data/internal/auto-feedgen.model.yml b/python/ql/lib/semmle/python/frameworks/data/internal/auto-feedgen.model.yml new file mode 100644 index 00000000000..dd92a888f5a --- /dev/null +++ b/python/ql/lib/semmle/python/frameworks/data/internal/auto-feedgen.model.yml @@ -0,0 +1,9 @@ +# process-mrva-results 0.0.1 +extensions: +- addsTo: + extensible: typeModel + pack: codeql/python-all + data: + - - lxml.etree~Alias + - feedgen + - Member[feed].Member[etree] diff --git a/python/ql/lib/semmle/python/frameworks/data/internal/auto-flask_apscheduler.model.yml b/python/ql/lib/semmle/python/frameworks/data/internal/auto-flask_apscheduler.model.yml new file mode 100644 index 00000000000..9384ce3107a --- /dev/null +++ b/python/ql/lib/semmle/python/frameworks/data/internal/auto-flask_apscheduler.model.yml @@ -0,0 +1,9 @@ +# process-mrva-results 0.0.1 +extensions: +- addsTo: + extensible: typeModel + pack: codeql/python-all + data: + - - flask.Response~Subclass + - flask_apscheduler + - Member[api].Member[Response] diff --git a/python/ql/lib/semmle/python/frameworks/data/internal/auto-geocoder.model.yml b/python/ql/lib/semmle/python/frameworks/data/internal/auto-geocoder.model.yml new file mode 100644 index 00000000000..9422352488b --- /dev/null +++ b/python/ql/lib/semmle/python/frameworks/data/internal/auto-geocoder.model.yml @@ -0,0 +1,21 @@ +# process-mrva-results 0.0.1 +extensions: +- addsTo: + extensible: typeModel + pack: codeql/python-all + data: + - - io.StringIO~Subclass + - geocoder + - Member[base].Member[StringIO] + - - io.StringIO~Subclass + - geocoder + - Member[bing_batch].Member[csv_io] + - - io.StringIO~Subclass + - geocoder + - Member[bing_batch_forward].Member[csv_io] + - - io.StringIO~Subclass + - geocoder + - Member[bing_batch_reverse].Member[csv_io] + - - io.StringIO~Subclass + - geocoder + - Member[uscensus_batch].Member[csv_io] diff --git a/python/ql/lib/semmle/python/frameworks/data/internal/auto-gpxpy.model.yml b/python/ql/lib/semmle/python/frameworks/data/internal/auto-gpxpy.model.yml index edc417db5e9..f6e9e1cba2f 100644 --- a/python/ql/lib/semmle/python/frameworks/data/internal/auto-gpxpy.model.yml +++ b/python/ql/lib/semmle/python/frameworks/data/internal/auto-gpxpy.model.yml @@ -4,6 +4,9 @@ extensions: extensible: typeModel pack: codeql/python-all data: + - - lxml.etree~Alias + - gpxpy + - Member[parser].Member[mod_etree] - - xml.etree.ElementTree~Subclass - gpxpy - Member[parser].Member[mod_etree] diff --git a/python/ql/lib/semmle/python/frameworks/data/internal/auto-gvm.model.yml b/python/ql/lib/semmle/python/frameworks/data/internal/auto-gvm.model.yml new file mode 100644 index 00000000000..39726d881cb --- /dev/null +++ b/python/ql/lib/semmle/python/frameworks/data/internal/auto-gvm.model.yml @@ -0,0 +1,15 @@ +# process-mrva-results 0.0.1 +extensions: +- addsTo: + extensible: typeModel + pack: codeql/python-all + data: + - - lxml.etree~Alias + - gvm + - Member[connections].Member[etree] + - - lxml.etree~Alias + - gvm + - Member[transforms].Member[etree] + - - lxml.etree~Alias + - gvm + - Member[utils].Member[etree] diff --git a/python/ql/lib/semmle/python/frameworks/data/internal/auto-html5lib.model.yml b/python/ql/lib/semmle/python/frameworks/data/internal/auto-html5lib.model.yml index 2e403ae46b2..e978172d9aa 100644 --- a/python/ql/lib/semmle/python/frameworks/data/internal/auto-html5lib.model.yml +++ b/python/ql/lib/semmle/python/frameworks/data/internal/auto-html5lib.model.yml @@ -10,6 +10,9 @@ extensions: - - io.StringIO~Subclass - html5lib - Member[_inputstream].Member[StringIO] + - - lxml.etree~Alias + - html5lib + - Member[treewalkers].Member[etree_lxml].Member[etree] - - xml.etree.ElementTree~Subclass - html5lib - Member[_utils].Member[default_etree] diff --git a/python/ql/lib/semmle/python/frameworks/data/internal/auto-label_studio_converter.model.yml b/python/ql/lib/semmle/python/frameworks/data/internal/auto-label_studio_converter.model.yml new file mode 100644 index 00000000000..8662f917654 --- /dev/null +++ b/python/ql/lib/semmle/python/frameworks/data/internal/auto-label_studio_converter.model.yml @@ -0,0 +1,9 @@ +# process-mrva-results 0.0.1 +extensions: +- addsTo: + extensible: typeModel + pack: codeql/python-all + data: + - - lxml.etree~Alias + - label_studio_converter + - Member[utils].Member[etree] diff --git a/python/ql/lib/semmle/python/frameworks/data/internal/auto-label_studio_tools.model.yml b/python/ql/lib/semmle/python/frameworks/data/internal/auto-label_studio_tools.model.yml new file mode 100644 index 00000000000..333d45cae84 --- /dev/null +++ b/python/ql/lib/semmle/python/frameworks/data/internal/auto-label_studio_tools.model.yml @@ -0,0 +1,9 @@ +# process-mrva-results 0.0.1 +extensions: +- addsTo: + extensible: typeModel + pack: codeql/python-all + data: + - - lxml.etree~Alias + - label_studio_tools + - Member[core].Member[label_config].Member[etree] diff --git a/python/ql/lib/semmle/python/frameworks/data/internal/auto-lxml.model.yml b/python/ql/lib/semmle/python/frameworks/data/internal/auto-lxml.model.yml new file mode 100644 index 00000000000..a53a1a7bbed --- /dev/null +++ b/python/ql/lib/semmle/python/frameworks/data/internal/auto-lxml.model.yml @@ -0,0 +1,15 @@ +# process-mrva-results 0.0.1 +extensions: +- addsTo: + extensible: typeModel + pack: codeql/python-all + data: + - - lxml.etree~Alias + - lxml + - Member[ElementInclude].Member[etree] + - - lxml.etree~Alias + - lxml + - Member[html].Member[html5parser].Member[etree] + - - lxml.etree~Alias + - lxml + - Member[sax].Member[etree] diff --git a/python/ql/lib/semmle/python/frameworks/data/internal/auto-mffpy.model.yml b/python/ql/lib/semmle/python/frameworks/data/internal/auto-mffpy.model.yml index 1ec293f3748..5b35f60b25e 100644 --- a/python/ql/lib/semmle/python/frameworks/data/internal/auto-mffpy.model.yml +++ b/python/ql/lib/semmle/python/frameworks/data/internal/auto-mffpy.model.yml @@ -7,3 +7,9 @@ extensions: - - io.StringIO~Subclass - mffpy - Member[bin_writer].Member[BytesIO] + - - lxml.etree~Alias + - mffpy + - Member[xml_files].Member[ET] + - - lxml.etree~Alias + - mffpy + - Member[xml_files].Member[etree] diff --git a/python/ql/lib/semmle/python/frameworks/data/internal/auto-pandas.model.yml b/python/ql/lib/semmle/python/frameworks/data/internal/auto-pandas.model.yml index e2507e64dbb..bb6f7a45f06 100644 --- a/python/ql/lib/semmle/python/frameworks/data/internal/auto-pandas.model.yml +++ b/python/ql/lib/semmle/python/frameworks/data/internal/auto-pandas.model.yml @@ -46,3 +46,6 @@ extensions: - - io.StringIO~Subclass - pandas - Member[io].Member[stata].Member[BytesIO] + - - lxml.etree~Alias + - pandas + - Member[io].Member[xml].Member[etree] diff --git a/python/ql/lib/semmle/python/frameworks/data/internal/auto-pikepdf.model.yml b/python/ql/lib/semmle/python/frameworks/data/internal/auto-pikepdf.model.yml index 553d51d1659..ebabb2059af 100644 --- a/python/ql/lib/semmle/python/frameworks/data/internal/auto-pikepdf.model.yml +++ b/python/ql/lib/semmle/python/frameworks/data/internal/auto-pikepdf.model.yml @@ -10,3 +10,6 @@ extensions: - - io.StringIO~Subclass - pikepdf - Member[models].Member[metadata].Member[BytesIO] + - - lxml.etree~Alias + - pikepdf + - Member[models].Member[metadata].Member[etree] diff --git a/python/ql/lib/semmle/python/frameworks/data/internal/auto-pip.model.yml b/python/ql/lib/semmle/python/frameworks/data/internal/auto-pip.model.yml index d5ce0a09dc0..6e30844c630 100644 --- a/python/ql/lib/semmle/python/frameworks/data/internal/auto-pip.model.yml +++ b/python/ql/lib/semmle/python/frameworks/data/internal/auto-pip.model.yml @@ -7,6 +7,9 @@ extensions: - - http.client.HTTPConnection~Subclass - pip - Member[_vendor].Member[distlib].Member[util].Member[HTTPSConnection] + - - http.client.HTTPResponse~Subclass + - pip + - Member[_vendor].Member[cachecontrol].Member[filewrapper].Member[HTTPResponse] - - io.StringIO~Subclass - pip - Member[_internal].Member[utils].Member[misc].Member[StreamWrapper] diff --git a/python/ql/lib/semmle/python/frameworks/data/internal/auto-pptx.model.yml b/python/ql/lib/semmle/python/frameworks/data/internal/auto-pptx.model.yml index 37056783a23..63b76f54bcd 100644 --- a/python/ql/lib/semmle/python/frameworks/data/internal/auto-pptx.model.yml +++ b/python/ql/lib/semmle/python/frameworks/data/internal/auto-pptx.model.yml @@ -19,3 +19,12 @@ extensions: - - io.StringIO~Subclass - pptx - Member[shapes].Member[shapetree].Member[BytesIO] + - - lxml.etree~Alias + - pptx + - Member[opc].Member[oxml].Member[etree] + - - lxml.etree~Alias + - pptx + - Member[oxml].Member[etree] + - - lxml.etree~Alias + - pptx + - Member[oxml].Member[xmlchemy].Member[etree] diff --git a/python/ql/lib/semmle/python/frameworks/data/internal/auto-psutil.model.yml b/python/ql/lib/semmle/python/frameworks/data/internal/auto-psutil.model.yml index 814e2202965..150f65d8555 100644 --- a/python/ql/lib/semmle/python/frameworks/data/internal/auto-psutil.model.yml +++ b/python/ql/lib/semmle/python/frameworks/data/internal/auto-psutil.model.yml @@ -7,3 +7,6 @@ extensions: - - xml.etree.ElementTree~Subclass - psutil - Member[_psbsd].Member[ET] + - - xml.etree.ElementTree~Subclass + - psutil + - Member[_psbsd].Member[ElementTree] diff --git a/python/ql/lib/semmle/python/frameworks/data/internal/auto-pyquery.model.yml b/python/ql/lib/semmle/python/frameworks/data/internal/auto-pyquery.model.yml new file mode 100644 index 00000000000..04e2167015d --- /dev/null +++ b/python/ql/lib/semmle/python/frameworks/data/internal/auto-pyquery.model.yml @@ -0,0 +1,9 @@ +# process-mrva-results 0.0.1 +extensions: +- addsTo: + extensible: typeModel + pack: codeql/python-all + data: + - - lxml.etree~Alias + - pyquery + - Member[pyquery].Member[etree] diff --git a/python/ql/lib/semmle/python/frameworks/data/internal/auto-qrcode.model.yml b/python/ql/lib/semmle/python/frameworks/data/internal/auto-qrcode.model.yml index b32b97f50a6..ecf3e94a113 100644 --- a/python/ql/lib/semmle/python/frameworks/data/internal/auto-qrcode.model.yml +++ b/python/ql/lib/semmle/python/frameworks/data/internal/auto-qrcode.model.yml @@ -4,6 +4,15 @@ extensions: extensible: typeModel pack: codeql/python-all data: + - - lxml.etree~Alias + - qrcode + - Member[compat].Member[etree].Member[ET] + - - lxml.etree~Alias + - qrcode + - Member[image].Member[styles].Member[moduledrawers].Member[svg].Member[ET] + - - lxml.etree~Alias + - qrcode + - Member[image].Member[svg].Member[ET] - - xml.etree.ElementTree~Subclass - qrcode - Member[compat].Member[etree].Member[ET] diff --git a/python/ql/lib/semmle/python/frameworks/data/internal/auto-rdflib.model.yml b/python/ql/lib/semmle/python/frameworks/data/internal/auto-rdflib.model.yml index 1ce1dc13f0e..13e0b261466 100644 --- a/python/ql/lib/semmle/python/frameworks/data/internal/auto-rdflib.model.yml +++ b/python/ql/lib/semmle/python/frameworks/data/internal/auto-rdflib.model.yml @@ -4,6 +4,9 @@ extensions: extensible: typeModel pack: codeql/python-all data: + - - lxml.etree~Alias + - rdflib + - Member[compat].Member[etree] - - xml.etree.ElementTree~Subclass - rdflib - Member[compat].Member[etree] diff --git a/python/ql/lib/semmle/python/frameworks/data/internal/auto-rest_framework_simplejwt.model.yml b/python/ql/lib/semmle/python/frameworks/data/internal/auto-rest_framework_simplejwt.model.yml index 4ca0492bf73..21badf19cc0 100644 --- a/python/ql/lib/semmle/python/frameworks/data/internal/auto-rest_framework_simplejwt.model.yml +++ b/python/ql/lib/semmle/python/frameworks/data/internal/auto-rest_framework_simplejwt.model.yml @@ -25,6 +25,9 @@ extensions: - - Django.Views.View~Subclass - rest_framework_simplejwt - Member[views].Member[TokenViewBase] + - - Django.db.models.Model~Subclass + - rest_framework_simplejwt + - Member[authentication].Member[AbstractBaseUser] - - Django.db.models.Model~Subclass - rest_framework_simplejwt - Member[serializers].Member[BlacklistedToken] @@ -34,6 +37,9 @@ extensions: - - Django.db.models.Model~Subclass - rest_framework_simplejwt - Member[token_blacklist].Member[models].Member[OutstandingToken] + - - Django.db.models.Model~Subclass + - rest_framework_simplejwt + - Member[tokens].Member[AbstractBaseUser] - - Django.db.models.Model~Subclass - rest_framework_simplejwt - Member[tokens].Member[BlacklistedToken] @@ -61,6 +67,12 @@ extensions: - - rest_framework.exceptions.APIException~Subclass - rest_framework_simplejwt - Member[views].Member[InvalidToken] + - - rest_framework.request.Request~Subclass + - rest_framework_simplejwt + - Member[authentication].Member[Request] + - - rest_framework.request.Request~Subclass + - rest_framework_simplejwt + - Member[views].Member[Request] - - rest_framework.response.Response~Subclass - rest_framework_simplejwt - Member[views].Member[Response] diff --git a/python/ql/lib/semmle/python/frameworks/data/internal/auto-svglib.model.yml b/python/ql/lib/semmle/python/frameworks/data/internal/auto-svglib.model.yml new file mode 100644 index 00000000000..9a95a8488c0 --- /dev/null +++ b/python/ql/lib/semmle/python/frameworks/data/internal/auto-svglib.model.yml @@ -0,0 +1,9 @@ +# process-mrva-results 0.0.1 +extensions: +- addsTo: + extensible: typeModel + pack: codeql/python-all + data: + - - lxml.etree~Alias + - svglib + - Member[svglib].Member[etree] diff --git a/python/ql/lib/semmle/python/frameworks/data/internal/auto-xml2rfc.model.yml b/python/ql/lib/semmle/python/frameworks/data/internal/auto-xml2rfc.model.yml new file mode 100644 index 00000000000..edc439e2788 --- /dev/null +++ b/python/ql/lib/semmle/python/frameworks/data/internal/auto-xml2rfc.model.yml @@ -0,0 +1,21 @@ +# process-mrva-results 0.0.1 +extensions: +- addsTo: + extensible: typeModel + pack: codeql/python-all + data: + - - lxml.etree~Alias + - xml2rfc + - Member[writers].Member[base].Member[etree] + - - lxml.etree~Alias + - xml2rfc + - Member[writers].Member[expand].Member[etree] + - - lxml.etree~Alias + - xml2rfc + - Member[writers].Member[preptool].Member[etree] + - - lxml.etree~Alias + - xml2rfc + - Member[writers].Member[text].Member[etree] + - - lxml.etree~Alias + - xml2rfc + - Member[writers].Member[unprep].Member[etree]