From f6e1ea5b2adcd367ac2b01216dec472c4f070040 Mon Sep 17 00:00:00 2001
From: Taus Brock-Nannestad <tausbn@github.com>
Date: Thu, 4 Feb 2021 18:07:13 +0100
Subject: [PATCH] Python: Fix missing global variable source nodes

In lieu of removing the offending flow (which would likely have
consequences for a lot of other tests), I opted to simply _include_
the relevant nodes directly.
---
 .../src/semmle/python/dataflow/new/internal/DataFlowPublic.qll  | 2 ++
 python/ql/test/experimental/dataflow/ApiGraphs/test.py          | 2 +-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/python/ql/src/semmle/python/dataflow/new/internal/DataFlowPublic.qll b/python/ql/src/semmle/python/dataflow/new/internal/DataFlowPublic.qll
index b2e2298182e..dcc175276f8 100644
--- a/python/ql/src/semmle/python/dataflow/new/internal/DataFlowPublic.qll
+++ b/python/ql/src/semmle/python/dataflow/new/internal/DataFlowPublic.qll
@@ -446,6 +446,8 @@ class LocalSourceNode extends Node {
   LocalSourceNode() {
     not simpleLocalFlowStep+(any(CfgNode n), this) and
     not this instanceof ModuleVariableNode
+    or
+    this = any(ModuleVariableNode mvn).getARead()
   }
 
   /** Holds if this `LocalSourceNode` can flow to `nodeTo` in one or more local flow steps. */
diff --git a/python/ql/test/experimental/dataflow/ApiGraphs/test.py b/python/ql/test/experimental/dataflow/ApiGraphs/test.py
index 27888cd9f9e..b250c7985e2 100644
--- a/python/ql/test/experimental/dataflow/ApiGraphs/test.py
+++ b/python/ql/test/experimental/dataflow/ApiGraphs/test.py
@@ -72,7 +72,7 @@ def f():
     sink(foo) #$ use=moduleImport("danger").getMember("SOURCE")
     foo = NONSOURCE
     change_foo()
-    sink(foo) #$ MISSING: use=moduleImport("danger").getMember("SOURCE")
+    sink(foo) #$ use=moduleImport("danger").getMember("SOURCE")
 
 # Star imports