hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity

Python: Use new importNode

Browse Source
This commit is contained in:
Rasmus Wriedt Larsen
2020-10-14 10:49:38 +02:00
parent 7d600e4e8e
commit bfa5d18476
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
python/ql/src/experimental/semmle/python/frameworks/Stdlib.qll
View File

@@ -334,7 +334,7 @@ private module Stdlib {
/** Gets a reference to the `builtins` module (called `__builtin__` in Python 2). */
private DataFlow::Node builtins(DataFlow::TypeTracker t) {
t.start() and
result = DataFlow::importModule(["builtins", "__builtin__"])
result = DataFlow::importNode(["builtins", "__builtin__"])
or
exists(DataFlow::TypeTracker t2 | result = builtins(t2).track(t2, t))
}
@@ -350,10 +350,10 @@ private module Stdlib {
attr_name in ["exec", "eval", "compile"] and
(
t.start() and
result = DataFlow::importMember(["builtins", "__builtin__"], attr_name)
result = DataFlow::importNode(["builtins", "__builtin__"] + "." + attr_name)
or
t.startInAttr(attr_name) and
result = DataFlow::importModule(["builtins", "__builtin__"])
result = DataFlow::importNode(["builtins", "__builtin__"])
or
// special handling of builtins, that are in scope without any imports
// TODO: Take care of overrides, either `def eval: ...`, `eval = ...`, or `builtins.eval = ...`