hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-17 04:56:58 +01:00
Code Issues Packages Projects Releases Wiki Activity

Python points-to: Make sure that vararg tuples are only assigned to vararg parameters.

Browse Source
This commit is contained in:
Mark Shannon
2019-06-05 11:10:38 +01:00
parent de39f9208b
commit cd793091ca
4 changed files with 2 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
python/ql/src/semmle/python/pointsto/PointsTo.qll
View File

@@ -906,6 +906,7 @@ module InterProceduralPointsTo {
origin = def.getDefiningNode()
or
/* A tuple constructed from positional arguments for a `*` parameter. */
def.isVarargs() and
exists(CallNode call, Function scope, PointsToContext caller, int offset, int length |
varargs_tuple(call, caller, scope, context, offset, length) and
value = TVarargsTuple(call, caller, offset, length) and
@@ -914,6 +915,7 @@ module InterProceduralPointsTo {
origin = def.getDefiningNode()
or
/* A `*` parameter with no surplus positional arguments; an empty tuple */
def.isVarargs() and
exists(Function scope |
varargs_empty_tuple(scope, context) and
value = ObjectInternal::emptyTuple() and

2
python/ql/test/library-tests/PointsTo/new/PointsToWithContext.expected
View File

@@ -612,8 +612,6 @@ WARNING: Predicate points_to has been deprecated and may be removed in future (P
| l_calls.py:33 | ControlFlowNode for m | Function m | builtin-class function | 33 | import |
| l_calls.py:34 | ControlFlowNode for self | E() | class E | 38 | code/l_calls.py:38 from import |
| l_calls.py:34 | ControlFlowNode for self | int 3 | builtin-class int | 39 | code/l_calls.py:39 from import |
| l_calls.py:34 | ControlFlowNode for self | self | builtin-class tuple | 33 | code/l_calls.py:38 from import |
| l_calls.py:34 | ControlFlowNode for self | self | builtin-class tuple | 33 | code/l_calls.py:39 from import |
| l_calls.py:34 | ControlFlowNode for self | self | class E | 33 | runtime |
| l_calls.py:35 | ControlFlowNode for args | args | builtin-class tuple | 33 | code/l_calls.py:38 from import |
| l_calls.py:35 | ControlFlowNode for args | args | builtin-class tuple | 33 | code/l_calls.py:39 from import |

1
python/ql/test/library-tests/PointsTo/new/PointsToWithType.expected
View File

@@ -687,7 +687,6 @@ WARNING: Predicate points_to has been deprecated and may be removed in future (P
| l_calls.py:33 | ControlFlowNode for m | Function m | builtin-class function | 33 |
| l_calls.py:34 | ControlFlowNode for self | E() | class E | 38 |
| l_calls.py:34 | ControlFlowNode for self | int 3 | builtin-class int | 39 |
| l_calls.py:34 | ControlFlowNode for self | self | builtin-class tuple | 33 |
| l_calls.py:34 | ControlFlowNode for self | self | class E | 33 |
| l_calls.py:35 | ControlFlowNode for args | args | builtin-class tuple | 33 |
| l_calls.py:37 | ControlFlowNode for IntegerLiteral | int 1 | builtin-class int | 37 |

2
python/ql/test/library-tests/PointsTo/new/Values.expected
View File

@@ -473,9 +473,7 @@
| l_calls.py:32 | ControlFlowNode for ClassExpr | import | class E | builtin-class type |
| l_calls.py:32 | ControlFlowNode for object | import | builtin-class object | builtin-class type |
| l_calls.py:33 | ControlFlowNode for FunctionExpr | import | Function E.m | builtin-class function |
| l_calls.py:34 | ControlFlowNode for self | code/l_calls.py:38 from import | (int 2, int 3, int 4, ) | builtin-class tuple |
| l_calls.py:34 | ControlFlowNode for self | code/l_calls.py:38 from import | E() | class E |
| l_calls.py:34 | ControlFlowNode for self | code/l_calls.py:39 from import | (int 4, int 5, ) | builtin-class tuple |
| l_calls.py:34 | ControlFlowNode for self | code/l_calls.py:39 from import | int 3 | builtin-class int |
| l_calls.py:34 | ControlFlowNode for self | runtime | self instance of E | class E |
| l_calls.py:35 | ControlFlowNode for args | code/l_calls.py:38 from import | (int 2, int 3, int 4, ) | builtin-class tuple |