Python: Show import resolution is a bit generous with exported value

2026-05-02 12:15:17 +02:00 · 2023-02-23 00:50:01 +01:00
parent 96c0d95b10
commit b7bdc551d5
3 changed files with 40 additions and 0 deletions
--- a/python/ql/test/experimental/import-resolution/ModuleExport.expected
+++ b/python/ql/test/experimental/import-resolution/ModuleExport.expected
@@ -47,6 +47,20 @@
 | foo | exit | foo.py:14:1:14:4 | ControlFlowNode for exit |
 | foo | foo_attr | foo.py:5:1:5:8 | GSSA Variable foo_attr |
 | foo | globals | foo.py:12:71:12:77 | ControlFlowNode for globals |
+| generous_export | Exception | generous_export.py:16:11:16:19 | ControlFlowNode for Exception |
+| generous_export | SOURCE | generous_export.py:15:11:15:16 | ControlFlowNode for SOURCE |
+| generous_export | SOURCE | generous_export.py:20:25:20:30 | ControlFlowNode for SOURCE |
+| generous_export | __file__ | generous_export.py:22:6:22:13 | ControlFlowNode for __file__ |
+| generous_export | __name__ | generous_export.py:0:0:0:0 | GSSA Variable __name__ |
+| generous_export | __package__ | generous_export.py:0:0:0:0 | GSSA Variable __package__ |
+| generous_export | check | generous_export.py:20:1:20:5 | ControlFlowNode for check |
+| generous_export | enter | generous_export.py:2:1:2:5 | ControlFlowNode for enter |
+| generous_export | eval | generous_export.py:10:4:10:7 | ControlFlowNode for eval |
+| generous_export | exit | generous_export.py:22:1:22:4 | ControlFlowNode for exit |
+| generous_export | globals | generous_export.py:20:33:20:39 | ControlFlowNode for globals |
+| generous_export | object | generous_export.py:4:14:4:19 | ControlFlowNode for object |
+| generous_export | print | generous_export.py:15:5:15:9 | ControlFlowNode for print |
+| generous_export | staticmethod | generous_export.py:0:0:0:0 | GSSA Variable staticmethod |
 | has_defined_all | __all__ | has_defined_all.py:7:1:7:7 | GSSA Variable __all__ |
 | has_defined_all | __file__ | has_defined_all.py:9:6:9:13 | ControlFlowNode for __file__ |
 | has_defined_all | __name__ | has_defined_all.py:0:0:0:0 | GSSA Variable __name__ |
--- a/python/ql/test/experimental/import-resolution/generous_export.py
+++ b/python/ql/test/experimental/import-resolution/generous_export.py
@@ -0,0 +1,22 @@
+from trace import *
+enter(__file__)
+
+class SOURCE(object):
+    @staticmethod
+    def block_flow(): pass
+
+check("SOURCE", SOURCE, SOURCE, globals()) #$ prints=SOURCE
+
+if eval("False"):
+    # With our current import resolution, this value for SOURCE will be considered to be
+    # a valid value at the end of this module, because it's the end of a use-use flow.
+    # This is clearly wrong, so our import resolution is a bit too generous on what is
+    # exported
+    print(SOURCE)
+    raise Exception()
+
+SOURCE.block_flow()
+
+check("SOURCE", SOURCE, SOURCE, globals())
+
+exit(__file__)
--- a/python/ql/test/experimental/import-resolution/main.py
+++ b/python/ql/test/experimental/import-resolution/main.py
@@ -154,6 +154,10 @@ check("simplistic_reexport.baz_attr", simplistic_reexport.baz_attr, "overwritten
 import block_flow_check #$ imports=block_flow_check as=block_flow_check
 check("block_flow_check.SOURCE", block_flow_check.SOURCE, block_flow_check.SOURCE, globals())

+# show that import resolution is a bit too generous with definitions
+import generous_export #$ imports=generous_export as=generous_export
+check("generous_export.SOURCE", generous_export.SOURCE, generous_export.SOURCE, globals()) #$ SPURIOUS: prints=SOURCE
+
 exit(__file__)

 print()