Python: Replace '.prefix'/'.suffix' with '.matches'.

2026-04-30 19:26:02 +02:00 · 2021-10-13 13:19:58 +01:00
parent f3bb0a676e
commit a80860cdc6
7 changed files with 8 additions and 8 deletions
--- a/python/ql/lib/semmle/python/templates/PyxlTags.qll
+++ b/python/ql/lib/semmle/python/templates/PyxlTags.qll
@@ -29,7 +29,7 @@ private predicate pyxl_tag(Call c, string name) {
 }

 class PyxlHtmlTag extends PyxlTag {
-  PyxlHtmlTag() { this.getPyxlTagName().prefix(2) = "x_" }
+  PyxlHtmlTag() { this.getPyxlTagName().matches("x\\_%") }

  string getTagName() { result = this.getPyxlTagName().suffix(2) }

--- a/python/ql/lib/semmle/python/web/Http.qll
+++ b/python/ql/lib/semmle/python/web/Http.qll
@@ -33,7 +33,7 @@ class WsgiEnvironment extends TaintKind {
      (
        text = "QUERY_STRING" or
        text = "PATH_INFO" or
-        text.prefix(5) = "HTTP_"
+        text.matches("HTTP\\_%")
      )
    )
  }
--- a/python/ql/src/Security/CWE-798/HardcodedCredentials.ql
+++ b/python/ql/src/Security/CWE-798/HardcodedCredentials.ql
@@ -88,7 +88,7 @@ class CredentialSink extends TaintSink {
  CredentialSink() {
    exists(string name |
      name.regexpMatch(getACredentialRegex()) and
-      not name.suffix(name.length() - 4) = "file"
+      not name.matches("%file")
    |
      any(FunctionValue func).getNamedArgumentForCall(_, name) = this
      or
--- a/python/ql/src/analysis/Consistency.ql
+++ b/python/ql/src/analysis/Consistency.ql
@@ -141,7 +141,7 @@ predicate builtin_object_consistency(string clsname, string problem, string what
    or
    not exists(o.toString()) and
    problem = "no toString" and
-    not exists(string name | name.prefix(7) = "_semmle" | py_special_objects(o, name)) and
+    not exists(string name | name.matches("\\_semmle%") | py_special_objects(o, name)) and
    not o = unknownValue()
  )
 }
--- a/python/ql/test/library-tests/PointsTo/customise/test.ql
+++ b/python/ql/test/library-tests/PointsTo/customise/test.ql
@@ -11,7 +11,7 @@ class HasTypeFact extends CustomPointsToOriginFact {
    exists(FunctionObject func, string name |
      func.getACall() = this and
      name = func.getName() and
-      name.prefix("has_type_".length()) = "has_type_"
+      name.matches("has\\_type\\_%")
    )
  }

@@ -19,7 +19,7 @@ class HasTypeFact extends CustomPointsToOriginFact {
    exists(FunctionObject func, string name |
      func.getACall() = this and
      name = func.getName() and
-      name.prefix("has_type_".length()) = "has_type_"
+      name.matches("has\\_type\\_%")
    |
      cls.getName() = name.suffix("has_type_".length())
    ) and
--- a/python/ql/test/library-tests/PointsTo/new/Consistency.ql
+++ b/python/ql/test/library-tests/PointsTo/new/Consistency.ql
@@ -104,7 +104,7 @@ predicate ssa_consistency(string clsname, string problem, string what) {
  or
  exists(EssaDefinition def |
    clsname = def.getAQlClass() and
-    clsname.prefix(4) = "Essa" and
+    clsname.matches("Essa%") and
    what = " at " + def.getLocation() and
    problem = "not covered by Python-specific subclass."
  )
--- a/python/ql/test/library-tests/taint/extensions/ExtensionsLib.qll
+++ b/python/ql/test/library-tests/taint/extensions/ExtensionsLib.qll
@@ -28,7 +28,7 @@ class SimpleSource extends TaintSource {

 predicate visit_call(CallNode call, FunctionObject func) {
  exists(AttrNode attr, ClassObject cls, string name |
-    name.prefix(6) = "visit_" and
+    name.matches("visit\\_%") and
    func = cls.lookupAttribute(name) and
    attr.getObject("visit").refersTo(_, cls, _) and
    attr = call.getFunction()