From ece8245a4be1f05fffc2e9cd7acd5e387729538e Mon Sep 17 00:00:00 2001 From: Rasmus Wriedt Larsen Date: Fri, 23 Feb 2024 13:39:49 +0100 Subject: [PATCH] Python: type-track through tuple content --- .../python/dataflow/new/internal/DataFlowPrivate.qll | 12 ++++++------ .../CallGraph/InlineCallGraphTest.expected | 1 - .../CallGraph/code/func_ref_in_content.py | 2 +- 3 files changed, 7 insertions(+), 8 deletions(-) diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll index 5ccfa251634..22fb979f9dc 100644 --- a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll +++ b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll @@ -644,7 +644,9 @@ predicate jumpStepNotSharedWithTypeTracker(Node nodeFrom, Node nodeTo) { /** * Subset of `storeStep` that should be shared with type-tracking. */ -predicate storeStepCommon(Node nodeFrom, ContentSet c, Node nodeTo) { none() } +predicate storeStepCommon(Node nodeFrom, ContentSet c, Node nodeTo) { + tupleStoreStep(nodeFrom, c, nodeTo) +} /** * Holds if data can flow from `nodeFrom` to `nodeTo` via an assignment to @@ -657,8 +659,6 @@ predicate storeStep(Node nodeFrom, ContentSet c, Node nodeTo) { or setStoreStep(nodeFrom, c, nodeTo) or - tupleStoreStep(nodeFrom, c, nodeTo) - or dictStoreStep(nodeFrom, c, nodeTo) or moreDictStoreSteps(nodeFrom, c, nodeTo) @@ -901,7 +901,9 @@ predicate attributeStoreStep(Node nodeFrom, AttributeContent c, Node nodeTo) { /** * Subset of `readStep` that should be shared with type-tracking. */ -predicate readStepCommon(Node nodeFrom, ContentSet c, Node nodeTo) { none() } +predicate readStepCommon(Node nodeFrom, ContentSet c, Node nodeTo) { + subscriptReadStep(nodeFrom, c, nodeTo) +} /** * Holds if data can flow from `nodeFrom` to `nodeTo` via a read of content `c`. @@ -909,8 +911,6 @@ predicate readStepCommon(Node nodeFrom, ContentSet c, Node nodeTo) { none() } predicate readStep(Node nodeFrom, ContentSet c, Node nodeTo) { readStepCommon(nodeFrom, c, nodeTo) or - subscriptReadStep(nodeFrom, c, nodeTo) - or iterableUnpackingReadStep(nodeFrom, c, nodeTo) or matchReadStep(nodeFrom, c, nodeTo) diff --git a/python/ql/test/experimental/library-tests/CallGraph/InlineCallGraphTest.expected b/python/ql/test/experimental/library-tests/CallGraph/InlineCallGraphTest.expected index 504c5251a1a..667ebf28d75 100644 --- a/python/ql/test/experimental/library-tests/CallGraph/InlineCallGraphTest.expected +++ b/python/ql/test/experimental/library-tests/CallGraph/InlineCallGraphTest.expected @@ -16,7 +16,6 @@ pointsTo_found_typeTracker_notFound | code/func_defined_outside_class.py:42:1:42:7 | ControlFlowNode for Attribute() | B._gen.func | | code/func_defined_outside_class.py:43:1:43:7 | ControlFlowNode for Attribute() | B._gen.func | | code/func_ref_in_content.py:17:1:17:4 | ControlFlowNode for f2() | func | -| code/func_ref_in_content.py:20:1:20:4 | ControlFlowNode for f3() | func | | code/funky_regression.py:15:9:15:17 | ControlFlowNode for Attribute() | Wat.f2 | | code/type_tracking_limitation.py:8:1:8:3 | ControlFlowNode for x() | my_func | typeTracker_found_pointsTo_notFound diff --git a/python/ql/test/experimental/library-tests/CallGraph/code/func_ref_in_content.py b/python/ql/test/experimental/library-tests/CallGraph/code/func_ref_in_content.py index b89a013f5b1..87abb4198e9 100644 --- a/python/ql/test/experimental/library-tests/CallGraph/code/func_ref_in_content.py +++ b/python/ql/test/experimental/library-tests/CallGraph/code/func_ref_in_content.py @@ -17,7 +17,7 @@ f2, _ = tup f2() # $ pt=func MISSING: tt f3 = tup[0] -f3() # $ pt=func MISSING: tt +f3() # $ tt,pt=func def return_func_in_dict():