hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity

Python: add a flow summary

Browse Source 
we could consider adding non-value-preserving flow from input to output
This commit is contained in:
Rasmus Lerchedahl Petersen
2022-09-06 21:29:58 +02:00
parent f6d807aec0
commit b2fbbc6ac5
1 changed files with 24 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
python/ql/lib/semmle/python/frameworks/Builtins.qll Normal file
View File

@@ -0,0 +1,24 @@
/**
* Provides classes modeling security-relevant aspects of built-ins.
*/
import python
private import semmle.python.dataflow.new.FlowSummary
private import semmle.python.ApiGraphs
/** A flow summary for `reversed`. */
class ReversedSummary extends SummarizedCallable {
ReversedSummary() { this = "builtins.reversed" }
override CallNode getACall() { result = API::builtin("reversed").getACall().getNode() }
override DataFlow::ArgumentNode getACallback() {
result = API::builtin("reversed").getAValueReachableFromSource()
}
override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
input = "Argument[0].ListElement" and
output = "ReturnValue.ListElement" and
preservesValue = true
}
}