Python: More implicit this

2026-03-17 04:56:58 +01:00 · 2021-10-13 13:31:27 +00:00
parent a9c8163ab3
commit a6115687aa
5 changed files with 14 additions and 12 deletions
--- a/python/ql/lib/semmle/python/essa/Definitions.qll
+++ b/python/ql/lib/semmle/python/essa/Definitions.qll
@@ -225,9 +225,9 @@ class ModuleVariable extends SsaSourceVariable {
  }

  override ControlFlowNode getAnImplicitUse() {
-    result = global_variable_callnode()
+    result = this.global_variable_callnode()
    or
-    result = global_variable_import()
+    result = this.global_variable_import()
    or
    exists(ImportTimeScope scope | scope.entryEdge(result, _) |
      this = scope.getOuterVariable(_) or
--- a/python/ql/lib/semmle/python/essa/Essa.qll
+++ b/python/ql/lib/semmle/python/essa/Essa.qll
@@ -41,7 +41,7 @@ class EssaVariable extends TEssaDefinition {
   */
  ControlFlowNode getASourceUse() {
    exists(SsaSourceVariable var |
-      result = use_for_var(var) and
+      result = this.use_for_var(var) and
      result = var.getASourceUse()
    )
  }
@@ -258,7 +258,7 @@ class PhiFunction extends EssaDefinition, TPhiFunction {
  /** Gets another definition of the same source variable that reaches this definition. */
  private EssaDefinition reachingDefinition(BasicBlock pred) {
    result.getScope() = this.getScope() and
-    result.getSourceVariable() = pred_var(pred) and
+    result.getSourceVariable() = this.pred_var(pred) and
    result.reachesEndOfBlock(pred)
  }

--- a/python/ql/lib/semmle/python/frameworks/Django.qll
+++ b/python/ql/lib/semmle/python/frameworks/Django.qll
@@ -1844,11 +1844,13 @@ private module PrivateDjango {
      t.start() and
      result.asCfgNode().(CallNode).getFunction() = this.asViewRef().asCfgNode()
      or
-      exists(DataFlow::TypeTracker t2 | result = asViewResult(t2).track(t2, t))
+      exists(DataFlow::TypeTracker t2 | result = this.asViewResult(t2).track(t2, t))
    }

    /** Gets a reference to the result of calling the `as_view` classmethod of this class. */
-    DataFlow::Node asViewResult() { asViewResult(DataFlow::TypeTracker::end()).flowsTo(result) }
+    DataFlow::Node asViewResult() {
+      this.asViewResult(DataFlow::TypeTracker::end()).flowsTo(result)
+    }
  }

  /** A class that we consider a django View class. */
@@ -1944,10 +1946,10 @@ private module PrivateDjango {
    abstract DataFlow::Node getViewArg();

    final override DjangoRouteHandler getARequestHandler() {
-      poorMansFunctionTracker(result) = getViewArg()
+      poorMansFunctionTracker(result) = this.getViewArg()
      or
      exists(DjangoViewClass vc |
-        getViewArg() = vc.asViewResult() and
+        this.getViewArg() = vc.asViewResult() and
        result = vc.getARequestHandler()
      )
    }
--- a/python/ql/lib/semmle/python/frameworks/Flask.qll
+++ b/python/ql/lib/semmle/python/frameworks/Flask.qll
@@ -292,12 +292,12 @@ module Flask {

    override Function getARequestHandler() {
      exists(DataFlow::LocalSourceNode func_src |
-        func_src.flowsTo(getViewArg()) and
+        func_src.flowsTo(this.getViewArg()) and
        func_src.asExpr().(CallableExpr) = result.getDefinition()
      )
      or
      exists(FlaskViewClass vc |
-        getViewArg() = vc.asViewResult().getAUse() and
+        this.getViewArg() = vc.asViewResult().getAUse() and
        result = vc.getARequestHandler()
      )
    }
--- a/python/ql/lib/semmle/python/frameworks/Stdlib.qll
+++ b/python/ql/lib/semmle/python/frameworks/Stdlib.qll
@@ -397,8 +397,8 @@ private module StdlibPrivate {
      result = this.get_executable_arg()
      or
      exists(DataFlow::Node arg_args, boolean shell |
-        arg_args = get_args_arg() and
-        shell = get_shell_arg_value()
+        arg_args = this.get_args_arg() and
+        shell = this.get_shell_arg_value()
      |
        // When "executable" argument is set, and "shell" argument is `False`, the
        // "args" argument will only be used to set the program name and arguments to