hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-02 04:05:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Python: Attribute access API

Browse Source
This commit is contained in:
Taus Brock-Nannestad
2020-10-06 16:36:29 +02:00
parent 7e6fa7b4be
commit b905a3d5e3
4 changed files with 289 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

70
python/ql/test/experimental/dataflow/typetracking/attribute_tests.py
View File

@@ -29,3 +29,73 @@ def test_incompatible_types():
expects_int(x) # $int=field $f+:str=field
x.field = str("Hello") # $f+:int=field $str=field $f+:int $str
expects_string(x) # $f+:int=field $str=field
# Attributes assigned statically to a class
class MyClass: # $tracked=field
field = tracked # $tracked
lookup = MyClass.field # $tracked $tracked=field
instance = MyClass() # $tracked=field
lookup2 = instance.field # $f-:tracked
## Dynamic attribute access
# Via `getattr`/`setattr`
def setattr_immediate_write():
x = SomeClass() # $tracked=foo
setattr(x,"foo", tracked) # $tracked $tracked=foo
y = x.foo # $tracked $tracked=foo
do_stuff(y) # $tracked
def getattr_immediate_read():
x = SomeClass() # $tracked=foo
x.foo = tracked # $tracked $tracked=foo
y = getattr(x,"foo") # $tracked $tracked=foo
do_stuff(y) # $tracked
def setattr_indirect_write():
attr = "foo"
x = SomeClass() # $tracked=foo
setattr(x, attr, tracked) # $tracked $tracked=foo
y = x.foo # $tracked $tracked=foo
do_stuff(y) # $tracked
def getattr_indirect_read():
attr = "foo"
x = SomeClass() # $tracked=foo
x.foo = tracked # $tracked $tracked=foo
y = getattr(x, attr) #$tracked $tracked=foo
do_stuff(y) # $tracked
# Via `__dict__` -- not currently implemented.
def dunder_dict_immediate_write():
x = SomeClass() # $f-:tracked=foo
x.__dict__["foo"] = tracked # $tracked $f-:tracked=foo
y = x.foo # $f-:tracked $f-:tracked=foo
do_stuff(y) # $f-:tracked
def dunder_dict_immediate_read():
x = SomeClass() # $tracked=foo
x.foo = tracked # $tracked $tracked=foo
y = x.__dict__["foo"] # $f-:tracked $tracked=foo
do_stuff(y) # $f-:tracked
def dunder_dict_indirect_write():
attr = "foo"
x = SomeClass() # $f-:tracked=foo
x.__dict__[attr] = tracked # $tracked $f-:tracked=foo
y = x.foo # $f-:tracked $f-:tracked=foo
do_stuff(y) # $f-:tracked
def dunder_dict_indirect_read():
attr = "foo"
x = SomeClass() # $tracked=foo
x.foo = tracked # $tracked $tracked=foo
y = x.__dict__[attr] # $f-:tracked $tracked=foo
do_stuff(y) # $f-:tracked