Python: Write DjangoPathRoute in modern way

That is, assigning to fields instead of repeatedly using helper predicate
2026-04-30 11:15:13 +02:00 · 2020-02-18 10:58:36 +01:00
parent 5a0babe88b
commit ed9aa7dced
1 changed files with 38 additions and 40 deletions
--- a/python/ql/src/semmle/python/web/django/General.qll
+++ b/python/ql/src/semmle/python/web/django/General.qll
@@ -34,25 +34,6 @@ private predicate django_regex_route(CallNode call, ControlFlowNode regex, Funct
    )
 }

-private predicate django_path_route(CallNode call, ControlFlowNode route, FunctionValue view) {
-    exists(Value route_maker |
-        // Django 2.x and 3.x: https://docs.djangoproject.com/en/3.0/ref/urls/#path
-        Value::named("django.urls.path") = route_maker and
-        route_maker.getACall() = call and
-        (
-            call.getArg(0) = route
-            or
-            call.getArgByName("route") = route
-
-        ) and
-        (
-            call.getArg(1).pointsTo(view)
-            or
-            call.getArgByName("view").pointsTo(view)
-        )
-    )
-}
-
 class DjangoRouteRegex extends RegexString {
    DjangoRouteRegex() { django_regex_route(_, this.getAFlowNode(), _) }
 }
@@ -70,27 +51,6 @@ abstract class DjangoRoute extends CallNode {
    abstract int getNumPositionalArguments();
 }

-class DjangoPathRoute extends DjangoRoute {
-
-    DjangoPathRoute() { django_path_route(this, _, _) }
-
-    override FunctionValue getViewFunction() { django_path_route(this, _, result) }
-
-    override string getANamedArgument() {
-        // regexp taken from django:
-        // https://github.com/django/django/blob/7d1bf29977bb368d7c28e7c6eb146db3b3009ae7/django/urls/resolvers.py#L199
-        exists(StrConst route, string match |
-            django_path_route(this, route.getAFlowNode(), _) and
-            match = route.getText().regexpFind("<(?:(?<converter>[^>:]+):)?(?<parameter>\\w+)>", _, _) and
-            result = match.regexpCapture("<(?:(?<converter>[^>:]+):)?(?<parameter>\\w+)>", 2)
-        )
-    }
-
-    override int getNumPositionalArguments() {
-        none()
-    }
-}
-
 class DjangoRegexRoute extends DjangoRoute {
    DjangoRegexRoute() { django_regex_route(this, _, _) }

@@ -111,3 +71,41 @@ class DjangoRegexRoute extends DjangoRoute {
        )
    }
 }
+
+class DjangoPathRoute extends DjangoRoute {
+
+    ControlFlowNode route;
+    FunctionValue view;
+
+    DjangoPathRoute() {
+        // Django 2.x and 3.x: https://docs.djangoproject.com/en/3.0/ref/urls/#path
+        this = Value::named("django.urls.path").getACall() and
+        (
+            route = this.getArg(0)
+            or
+            route = this.getArgByName("route")
+
+        ) and
+        (
+            this.getArg(1).pointsTo(view)
+            or
+            this.getArgByName("view").pointsTo(view)
+        )
+    }
+
+    override FunctionValue getViewFunction() { result = view }
+
+    override string getANamedArgument() {
+        // regexp taken from django:
+        // https://github.com/django/django/blob/7d1bf29977bb368d7c28e7c6eb146db3b3009ae7/django/urls/resolvers.py#L199
+        exists(StrConst route_str, string match |
+            route_str = route.getNode() and
+            match = route_str.getText().regexpFind("<(?:(?<converter>[^>:]+):)?(?<parameter>\\w+)>", _, _) and
+            result = match.regexpCapture("<(?:(?<converter>[^>:]+):)?(?<parameter>\\w+)>", 2)
+        )
+    }
+
+    override int getNumPositionalArguments() {
+        none()
+    }
+}