Python: adjust expectations

2026-04-28 02:05:14 +02:00 · 2022-09-12 22:43:03 +02:00
parent e3280c8a3e
commit bf16e220a0
9 changed files with 141 additions and 0 deletions
--- a/python/ql/lib/semmle/python/dataflow/new/TestSummaries.qll
+++ b/python/ql/lib/semmle/python/dataflow/new/TestSummaries.qll
@@ -0,0 +1,123 @@
+private import python
+private import semmle.python.dataflow.new.FlowSummary
+private import semmle.python.ApiGraphs
+
+/** This module ensures that the `callStep` predicate in
+ * our type tracker implelemtation does not refer to the
+ * `getACall` predicate on `SummarizedCallable`.
+ */
+module RecursionGuard {
+  private import semmle.python.dataflow.new.internal.TypeTrackerSpecific as TT
+
+  private class RecursionGuard extends SummarizedCallable {
+    RecursionGuard() { this = "RecursionGuard" }
+
+    override CallNode getACall() {
+      result.getFunction().(NameNode).getId() = this and
+      (TT::callStep(_, _) implies any())
+    }
+
+    override DataFlow::ArgumentNode getACallback() { result.asExpr().(Name).getId() = this }
+  }
+}
+
+private class SummarizedCallableIdentity extends SummarizedCallable {
+  SummarizedCallableIdentity() { this = "identity" }
+
+  override CallNode getACall() { result.getFunction().(NameNode).getId() = this }
+
+  override DataFlow::ArgumentNode getACallback() { result.asExpr().(Name).getId() = this }
+
+  override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+    input = "Argument[0]" and
+    output = "ReturnValue" and
+    preservesValue = true
+  }
+}
+
+// For lambda flow to work, implement lambdaCall and lambdaCreation
+private class SummarizedCallableApplyLambda extends SummarizedCallable {
+  SummarizedCallableApplyLambda() { this = "apply_lambda" }
+
+  override CallNode getACall() { result.getFunction().(NameNode).getId() = this }
+
+  override DataFlow::ArgumentNode getACallback() { result.asExpr().(Name).getId() = this }
+
+  override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+    input = "Argument[1]" and
+    output = "Argument[0].Parameter[0]" and
+    preservesValue = true
+    or
+    input = "Argument[0].ReturnValue" and
+    output = "ReturnValue" and
+    preservesValue = true
+  }
+}
+
+private class SummarizedCallableReversed extends SummarizedCallable {
+  SummarizedCallableReversed() { this = "reversed" }
+
+  override CallNode getACall() { result.getFunction().(NameNode).getId() = this }
+
+  override DataFlow::ArgumentNode getACallback() { result.asExpr().(Name).getId() = this }
+
+  override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+    input = "Argument[0].ListElement" and
+    output = "ReturnValue.ListElement" and
+    preservesValue = true
+  }
+}
+
+private class SummarizedCallableMap extends SummarizedCallable {
+  SummarizedCallableMap() { this = "map" }
+
+  override CallNode getACall() { result.getFunction().(NameNode).getId() = this }
+
+  override DataFlow::ArgumentNode getACallback() { result.asExpr().(Name).getId() = this }
+
+  override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+    input = "Argument[1].ListElement" and
+    output = "Argument[0].Parameter[0]" and
+    preservesValue = true
+    or
+    input = "Argument[0].ReturnValue" and
+    output = "ReturnValue.ListElement" and
+    preservesValue = true
+  }
+}
+
+private class SummarizedCallableAppend extends SummarizedCallable {
+  SummarizedCallableAppend() { this = "append_to_list" }
+
+  override CallNode getACall() { result.getFunction().(NameNode).getId() = this }
+
+  override DataFlow::ArgumentNode getACallback() { result.asExpr().(Name).getId() = this }
+
+  override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+    input = "Argument[0]" and
+    output = "ReturnValue" and
+    preservesValue = false
+    or
+    input = "Argument[1]" and
+    output = "ReturnValue.ListElement" and
+    preservesValue = true
+  }
+}
+
+private class SummarizedCallableJsonLoads extends SummarizedCallable {
+  SummarizedCallableJsonLoads() { this = "json.loads" }
+
+  override CallNode getACall() {
+    result = API::moduleImport("json").getMember("loads").getACall().getNode()
+  }
+
+  override DataFlow::ArgumentNode getACallback() {
+    result = API::moduleImport("json").getMember("loads").getAValueReachableFromSource()
+  }
+
+  override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
+    input = "Argument[0]" and
+    output = "ReturnValue.ListElement" and
+    preservesValue = true
+  }
+}
--- a/python/ql/test/experimental/dataflow/basic/callGraphSinks.expected
+++ b/python/ql/test/experimental/dataflow/basic/callGraphSinks.expected
@@ -1,2 +1,3 @@
+| file://:0:0:0:0 | parameter 0 of builtins.reversed |
 | test.py:1:19:1:19 | ControlFlowNode for x |
 | test.py:7:5:7:20 | ControlFlowNode for obfuscated_id() |
--- a/python/ql/test/experimental/dataflow/basic/callGraphSources.expected
+++ b/python/ql/test/experimental/dataflow/basic/callGraphSources.expected
@@ -1,2 +1,3 @@
+| file://:0:0:0:0 | [summary] to write: return (return) in builtins.reversed |
 | test.py:4:10:4:10 | ControlFlowNode for z |
 | test.py:7:19:7:19 | ControlFlowNode for a |
--- a/python/ql/test/experimental/dataflow/basic/global.expected
+++ b/python/ql/test/experimental/dataflow/basic/global.expected
@@ -1,3 +1,4 @@
+| file://:0:0:0:0 | [summary] read: argument 0.List element in builtins.reversed | file://:0:0:0:0 | [summary] to write: return (return).List element in builtins.reversed |
 | test.py:1:1:1:21 | ControlFlowNode for FunctionExpr | test.py:1:5:1:17 | GSSA Variable obfuscated_id |
 | test.py:1:1:1:21 | ControlFlowNode for FunctionExpr | test.py:7:5:7:17 | ControlFlowNode for obfuscated_id |
 | test.py:1:5:1:17 | GSSA Variable obfuscated_id | test.py:7:5:7:17 | ControlFlowNode for obfuscated_id |
--- a/python/ql/test/experimental/dataflow/basic/globalStep.expected
+++ b/python/ql/test/experimental/dataflow/basic/globalStep.expected
@@ -1,3 +1,4 @@
+| file://:0:0:0:0 | [summary] read: argument 0.List element in builtins.reversed | file://:0:0:0:0 | [summary] to write: return (return).List element in builtins.reversed |
 | test.py:1:1:1:21 | ControlFlowNode for FunctionExpr | test.py:1:5:1:17 | GSSA Variable obfuscated_id |
 | test.py:1:1:1:21 | ControlFlowNode for FunctionExpr | test.py:1:5:1:17 | GSSA Variable obfuscated_id |
 | test.py:1:1:1:21 | ControlFlowNode for FunctionExpr | test.py:7:5:7:17 | ControlFlowNode for obfuscated_id |
--- a/python/ql/test/experimental/dataflow/basic/local.expected
+++ b/python/ql/test/experimental/dataflow/basic/local.expected
@@ -1,3 +1,8 @@
+| file://:0:0:0:0 | [summary] read: argument 0.List element in builtins.reversed | file://:0:0:0:0 | [summary] read: argument 0.List element in builtins.reversed |
+| file://:0:0:0:0 | [summary] read: argument 0.List element in builtins.reversed | file://:0:0:0:0 | [summary] to write: return (return).List element in builtins.reversed |
+| file://:0:0:0:0 | [summary] to write: return (return) in builtins.reversed | file://:0:0:0:0 | [summary] to write: return (return) in builtins.reversed |
+| file://:0:0:0:0 | [summary] to write: return (return).List element in builtins.reversed | file://:0:0:0:0 | [summary] to write: return (return).List element in builtins.reversed |
+| file://:0:0:0:0 | parameter 0 of builtins.reversed | file://:0:0:0:0 | parameter 0 of builtins.reversed |
 | test.py:0:0:0:0 | GSSA Variable __name__ | test.py:0:0:0:0 | GSSA Variable __name__ |
 | test.py:0:0:0:0 | GSSA Variable __package__ | test.py:0:0:0:0 | GSSA Variable __package__ |
 | test.py:0:0:0:0 | GSSA Variable b | test.py:0:0:0:0 | GSSA Variable b |
--- a/python/ql/test/experimental/dataflow/basic/localStep.expected
+++ b/python/ql/test/experimental/dataflow/basic/localStep.expected
@@ -1,3 +1,4 @@
+| file://:0:0:0:0 | [summary] read: argument 0.List element in builtins.reversed | file://:0:0:0:0 | [summary] to write: return (return).List element in builtins.reversed |
 | test.py:1:1:1:21 | ControlFlowNode for FunctionExpr | test.py:1:5:1:17 | GSSA Variable obfuscated_id |
 | test.py:1:5:1:17 | GSSA Variable obfuscated_id | test.py:7:5:7:17 | ControlFlowNode for obfuscated_id |
 | test.py:1:19:1:19 | ControlFlowNode for x | test.py:1:19:1:19 | SSA variable x |
--- a/python/ql/test/experimental/dataflow/basic/sinks.expected
+++ b/python/ql/test/experimental/dataflow/basic/sinks.expected
@@ -1,3 +1,7 @@
+| file://:0:0:0:0 | [summary] read: argument 0.List element in builtins.reversed |
+| file://:0:0:0:0 | [summary] to write: return (return) in builtins.reversed |
+| file://:0:0:0:0 | [summary] to write: return (return).List element in builtins.reversed |
+| file://:0:0:0:0 | parameter 0 of builtins.reversed |
 | test.py:0:0:0:0 | GSSA Variable __name__ |
 | test.py:0:0:0:0 | GSSA Variable __package__ |
 | test.py:0:0:0:0 | GSSA Variable b |
--- a/python/ql/test/experimental/dataflow/basic/sources.expected
+++ b/python/ql/test/experimental/dataflow/basic/sources.expected
@@ -1,3 +1,7 @@
+| file://:0:0:0:0 | [summary] read: argument 0.List element in builtins.reversed |
+| file://:0:0:0:0 | [summary] to write: return (return) in builtins.reversed |
+| file://:0:0:0:0 | [summary] to write: return (return).List element in builtins.reversed |
+| file://:0:0:0:0 | parameter 0 of builtins.reversed |
 | test.py:0:0:0:0 | GSSA Variable __name__ |
 | test.py:0:0:0:0 | GSSA Variable __package__ |
 | test.py:0:0:0:0 | GSSA Variable b |