hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 11:15:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #6218 from tausbn/python-add-typetrackingnode

Browse Source 
Approved by RasmusWL
This commit is contained in:
CodeQL CI
2021-07-15 07:04:50 -07:00
committed by GitHub
parent dd03d8102b 693a479bf6
commit d282f6a356
30 changed files with 154 additions and 100 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
python/ql/test/experimental/dataflow/typetracking/moduleattr.ql
View File

@@ -2,7 +2,7 @@ import python
import semmle.python.dataflow.new.DataFlow
import semmle.python.dataflow.new.TypeTracker
private DataFlow::LocalSourceNode module_tracker(TypeTracker t) {
private DataFlow::TypeTrackingNode module_tracker(TypeTracker t) {
t.start() and
result = DataFlow::importNode("module")
or
@@ -13,7 +13,7 @@ query DataFlow::Node module_tracker() {
module_tracker(DataFlow::TypeTracker::end()).flowsTo(result)
}
private DataFlow::LocalSourceNode module_attr_tracker(TypeTracker t) {
private DataFlow::TypeTrackingNode module_attr_tracker(TypeTracker t) {
t.startInAttr("attr") and
result = module_tracker()
or

14
python/ql/test/experimental/dataflow/typetracking/tracked.ql
View File

@@ -6,7 +6,7 @@ import TestUtilities.InlineExpectationsTest
// -----------------------------------------------------------------------------
// tracked
// -----------------------------------------------------------------------------
private DataFlow::LocalSourceNode tracked(TypeTracker t) {
private DataFlow::TypeTrackingNode tracked(TypeTracker t) {
t.start() and
result.asCfgNode() = any(NameNode n | n.getId() = "tracked")
or
@@ -34,14 +34,14 @@ class TrackedTest extends InlineExpectationsTest {
// -----------------------------------------------------------------------------
// int + str
// -----------------------------------------------------------------------------
private DataFlow::LocalSourceNode int_type(TypeTracker t) {
private DataFlow::TypeTrackingNode int_type(TypeTracker t) {
t.start() and
result.asCfgNode() = any(CallNode c | c.getFunction().(NameNode).getId() = "int")
or
exists(TypeTracker t2 | result = int_type(t2).track(t2, t))
}
private DataFlow::LocalSourceNode string_type(TypeTracker t) {
private DataFlow::TypeTrackingNode string_type(TypeTracker t) {
t.start() and
result.asCfgNode() = any(CallNode c | c.getFunction().(NameNode).getId() = "str")
or
@@ -83,7 +83,7 @@ class TrackedStringTest extends InlineExpectationsTest {
// -----------------------------------------------------------------------------
// tracked_self
// -----------------------------------------------------------------------------
private DataFlow::LocalSourceNode tracked_self(TypeTracker t) {
private DataFlow::TypeTrackingNode tracked_self(TypeTracker t) {
t.start() and
exists(Function f |
f.isMethod() and
@@ -117,7 +117,7 @@ class TrackedSelfTest extends InlineExpectationsTest {
// -----------------------------------------------------------------------------
// This modeling follows the same pattern that we currently use in our real library modeling.
/** Gets a reference to `foo` (fictive module). */
private DataFlow::LocalSourceNode foo(DataFlow::TypeTracker t) {
private DataFlow::TypeTrackingNode foo(DataFlow::TypeTracker t) {
t.start() and
result = DataFlow::importNode("foo")
or
@@ -128,7 +128,7 @@ private DataFlow::LocalSourceNode foo(DataFlow::TypeTracker t) {
DataFlow::Node foo() { foo(DataFlow::TypeTracker::end()).flowsTo(result) }
/** Gets a reference to `foo.bar` (fictive module). */
private DataFlow::LocalSourceNode foo_bar(DataFlow::TypeTracker t) {
private DataFlow::TypeTrackingNode foo_bar(DataFlow::TypeTracker t) {
t.start() and
result = DataFlow::importNode("foo.bar")
or
@@ -142,7 +142,7 @@ private DataFlow::LocalSourceNode foo_bar(DataFlow::TypeTracker t) {
DataFlow::Node foo_bar() { foo_bar(DataFlow::TypeTracker::end()).flowsTo(result) }
/** Gets a reference to `foo.bar.baz` (fictive attribute on `foo.bar` module). */
private DataFlow::LocalSourceNode foo_bar_baz(DataFlow::TypeTracker t) {
private DataFlow::TypeTrackingNode foo_bar_baz(DataFlow::TypeTracker t) {
t.start() and
result = DataFlow::importNode("foo.bar.baz")
or

2
python/ql/test/library-tests/frameworks/modeling-example/SharedCode.qll
View File

@@ -6,7 +6,7 @@ private import semmle.python.dataflow.new.TaintTracking
/** A data-flow Node representing an instance of MyClass. */
abstract class MyClass extends DataFlow::Node { }
private DataFlow::LocalSourceNode myClassGetValue(MyClass qualifier, DataFlow::TypeTracker t) {
private DataFlow::TypeTrackingNode myClassGetValue(MyClass qualifier, DataFlow::TypeTracker t) {
t.startInAttr("get_value") and
result = qualifier
or