hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity

Python points-to: Make sure that vararg tuples are only assigned to vararg parameters.

Browse Source
This commit is contained in:
Mark Shannon
2019-06-05 11:10:38 +01:00
parent de39f9208b
commit cd793091ca
4 changed files with 2 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
python/ql/src/semmle/python/pointsto/PointsTo.qll
View File

@@ -906,6 +906,7 @@ module InterProceduralPointsTo {
origin = def.getDefiningNode()
or
/* A tuple constructed from positional arguments for a `*` parameter. */
def.isVarargs() and
exists(CallNode call, Function scope, PointsToContext caller, int offset, int length |
varargs_tuple(call, caller, scope, context, offset, length) and
value = TVarargsTuple(call, caller, offset, length) and
@@ -914,6 +915,7 @@ module InterProceduralPointsTo {
origin = def.getDefiningNode()
or
/* A `*` parameter with no surplus positional arguments; an empty tuple */
def.isVarargs() and
exists(Function scope |
varargs_empty_tuple(scope, context) and
value = ObjectInternal::emptyTuple() and