hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 19:26:02 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #4693 from RasmusWL/python-add-import-test-shadowing-stdlib-v2

Browse Source 
Approved by tausbn
This commit is contained in:
CodeQL CI
2020-11-27 10:32:21 +00:00
committed by GitHub
parent 5e75a4109c 7b4e890e7b
commit d3cded330e
13 changed files with 66 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

0
python/ql/test/library-tests/PointsTo/regressions/wrong/module-imports/conflict-stdlib/LocalModuleWithRef.expected Normal file
View File

13
python/ql/test/library-tests/PointsTo/regressions/wrong/module-imports/conflict-stdlib/LocalModuleWithRef.ql Normal file
View File

@@ -0,0 +1,13 @@
import python
from ModuleValue mv, ControlFlowNode ref, string local_external
where
ref = mv.getAReference() and
exists(mv.getScope().getFile().getRelativePath()) and
(
if exists(ref.getLocation().getFile().getRelativePath())
then local_external = "local"
else local_external = "external"
)
select "Local module", mv, "referenced in " + local_external + " file called",
ref.getLocation().getFile().getShortName()

5
python/ql/test/library-tests/PointsTo/regressions/wrong/module-imports/conflict-stdlib/LocalModules.expected Normal file
View File

@@ -0,0 +1,5 @@
| code-invalid-package-name/cmd.py:0:0:0:0 | Script cmd.py |
| code-invalid-package-name/test_fail.py:0:0:0:0 | Script test_fail.py |
| code-invalid-package-name/test_ok.py:0:0:0:0 | Script test_ok.py |
| code-invalid-package-name/unique_name.py:0:0:0:0 | Script unique_name.py |
| code-invalid-package-name/unique_name_use.py:0:0:0:0 | Script unique_name_use.py |

5
python/ql/test/library-tests/PointsTo/regressions/wrong/module-imports/conflict-stdlib/LocalModules.ql Normal file
View File

@@ -0,0 +1,5 @@
import python
from Module m
where exists(m.getFile().getRelativePath())
select m

3
python/ql/test/library-tests/PointsTo/regressions/wrong/module-imports/conflict-stdlib/ModuleWithLocalRef.expected Normal file
View File

@@ -0,0 +1,3 @@
| Module 'cmd' (external, in stdlib, not missing) referenced in local file | code-invalid-package-name/test_ok.py:1 |
| Module 'pdb' (external, in stdlib, not missing) referenced in local file | code-invalid-package-name/test_fail.py:3 |
| Module 'unique_name' (external, not in stdlib, missing) referenced in local file | code-invalid-package-name/unique_name_use.py:1 |

19
python/ql/test/library-tests/PointsTo/regressions/wrong/module-imports/conflict-stdlib/ModuleWithLocalRef.ql Normal file
View File

@@ -0,0 +1,19 @@
import python
from ModuleValue mv, ControlFlowNode ref, string in_stdlib, string local_external, string is_missing
where
ref = mv.getAReference() and
exists(ref.getLocation().getFile().getRelativePath()) and
(
if mv.getScope().getFile().inStdlib()
then in_stdlib = "in stdlib"
else in_stdlib = "not in stdlib"
) and
(
if exists(mv.getScope().getFile().getRelativePath())
then local_external = "local"
else local_external = "external"
) and
(if mv.isAbsent() then is_missing = "missing" else is_missing = "not missing")
select "Module '" + mv.getName() + "' (" + local_external + ", " + in_stdlib + ", " + is_missing +
") referenced in local file", ref.getLocation().toString()

10
python/ql/test/library-tests/PointsTo/regressions/wrong/module-imports/conflict-stdlib/README.md Normal file
View File

@@ -0,0 +1,10 @@
This test shows how we handle modules that shadow a module in the standard library.
We manually replicate the behavior of `codeql database create --source-root <src-dir>`, which will use `-R <src-dir>`. By default, the way qltest invokes the extractor will cause different behavior. Therefore, we also need to move our code outside of the top-level folder, and it lives in `code-invalid-package-name/` -- notice that if we use `code` as the folder name, the extractor will treat it as if there is a package called `code` (note, `codeql database create` would not treat the folder `code` as a package when `code` is used as the `--source-root`).
The results from `LocalModules.ql`, where everything is a script, matches with the extractor :+1:
Because we have a `cmd.py` file, whenever the python interpreter sees `import cmd`, that is the file that will be used!
* `python test_ok.py` works as intended, and prints `Foo`
* `python test_fail.py` raises an exception, since it imports `pdb.py` from the standard library, which (at least in Python 3.8) tries to import `cmd.py` from the standard library, but instead is served our `cmd.py` module. Therefore it fails with `AttributeError: module 'cmd' has no attribute 'Cmd'`

2
python/ql/test/library-tests/PointsTo/regressions/wrong/module-imports/conflict-stdlib/code-invalid-package-name/cmd.py Normal file
View File

@@ -0,0 +1,2 @@
foo = "Foo"
print("my own cmd imported")

3
python/ql/test/library-tests/PointsTo/regressions/wrong/module-imports/conflict-stdlib/code-invalid-package-name/test_fail.py Normal file
View File

@@ -0,0 +1,3 @@
# we import `pdb` which import the `cmd` module from the standard library
# and allows us to set --max-import-depth=2, to make the test run fast
import pdb

2
python/ql/test/library-tests/PointsTo/regressions/wrong/module-imports/conflict-stdlib/code-invalid-package-name/test_ok.py Normal file
View File

@@ -0,0 +1,2 @@
from cmd import foo
print(foo)

1
python/ql/test/library-tests/PointsTo/regressions/wrong/module-imports/conflict-stdlib/code-invalid-package-name/unique_name.py Normal file
View File

@@ -0,0 +1 @@
foo = "Foo"

2
python/ql/test/library-tests/PointsTo/regressions/wrong/module-imports/conflict-stdlib/code-invalid-package-name/unique_name_use.py Normal file
View File

@@ -0,0 +1,2 @@
from unique_name import foo
print(foo)

1
python/ql/test/library-tests/PointsTo/regressions/wrong/module-imports/conflict-stdlib/options Normal file
View File

@@ -0,0 +1 @@
semmle-extractor-options: --max-import-depth=2 -R code-invalid-package-name/