hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-16 16:53:25 +01:00
Code Issues Packages Projects Releases Wiki Activity

Python: Use AttrWrite.writes

Browse Source 
Also applies @napalys' fix to the base case.
This commit is contained in:
Taus
2025-08-08 12:57:16 +00:00
committed by Napalys Klicius
parent 6f9e06c59e
commit e228aac61f
2 changed files with 9 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
python/ql/lib/semmle/python/dataflow/new/internal/Attributes.qll
View File

@@ -235,13 +235,9 @@ private class ClassDefinitionAsAttrWrite extends AttrWrite, CfgNode {
* - Qualified imports: `from module import attr as name`
*/
abstract class AttrRead extends AttrRef, Node, LocalSourceNode {
/** Holds if this attribute read reads the attribute named `attrName` on the object `object`. */
predicate reads(Node object, string attrName) {
this.accesses(object, attrName)
}
}
predicate reads(Node object, string attrName) { this.accesses(object, attrName) }
}
/** A simple attribute read, e.g. `object.attr` */
private class AttributeReadAsAttrRead extends AttrRead, CfgNode {

13
python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll
View File

@@ -574,8 +574,7 @@ predicate globalVariableNestedFieldJumpStep(Node nodeFrom, Node nodeTo) {
) and
write.getAttributeName() = read.getAttributeName() and
nodeFrom = write.getValue() and
nodeTo = read //and
//write.getEnclosingCallable() != read.getEnclosingCallable()
nodeTo = read
)
}
@@ -583,7 +582,7 @@ predicate globalVariableNestedFieldJumpStep(Node nodeFrom, Node nodeTo) {
* Maximum depth for global variable nested attribute access.
* Depth 0 = globalVar.foo, depth 1 = globalVar.foo.bar, depth 2 = globalVar.foo.bar.baz, etc.
*/
private int getMaxGlobalVariableDepth() { result = 10 }
private int getMaxGlobalVariableDepth() { result = 2 }
/**
* Holds if `node` is an attribute access path starting from global variable `globalVar`.
@@ -604,13 +603,15 @@ predicate globalVariableAttrPathAtDepth(
) {
// Base case: Direct global variable access (depth 0)
depth = 0 and
node in [globalVar.getARead(), globalVar.getAWrite(), globalVar] and
// We use `globalVar` instead of `globalVar.getAWrite()` due to some weirdness with how
// attribute writes are handled in the global scope (see `GlobalAttributeAssignmentAsAttrWrite`).
node in [globalVar.getARead(), globalVar] and
accessPath = ""
or
exists(Node obj, string attrName, string parentAccessPath, int parentDepth |
node.(AttrRead).accesses(obj, attrName)
node.(AttrRead).reads(obj, attrName)
or
exists(AttrWrite aw | aw.accesses(obj, attrName) and aw.getValue() = node)
any(AttrWrite aw).writes(obj, attrName, node)
|
globalVariableAttrPathAtDepth(globalVar, parentAccessPath, obj, parentDepth) and
accessPath = parentAccessPath + "." + attrName and