hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-24 14:17:05 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
0c12d920ab1d8a16031aab5736070e8465ced063
codeql/python/ql/lib/semmle/python/security/dataflow/ExceptionInfo.qll
Rasmus Lerchedahl Petersen 11c71fdd18 Python: remove EssaNodes 
This commit removes SSA nodes from the data flow graph. Specifically, for a definition and use such as
```python
  x = expr
  y = x + 2
```
we used to have flow from `expr` to an SSA variable representing x and from that SSA variable to the use of `x` in the definition of `y`. Now we instead have flow from `expr` to the control flow node for `x` at line 1 and from there to the control flow node for `x` at line 2.

Specific changes:
- `EssaNode` from the data flow layer no longer exists.
- Several glue steps between `EssaNode`s and `CfgNode`s have been deleted.
- Entry nodes are now admitted as `CfgNodes` in the data flow layer (they were filtered out before).
- Entry nodes now have a new `toString` taking into account that the module name may be ambigous.
- Some tests have been rewritten to accomodate the changes, but only `python/ql/test/experimental/dataflow/basic/maximalFlowsConfig.qll` should have semantic changes.
- Comments have been updated
- Test output has been updated, but apart from `python/ql/test/experimental/dataflow/basic/maximalFlows.expected` only `python/ql/test/experimental/dataflow/typetracking-summaries/summaries.py` should have a semantic change. This is a bonus fix, probably meaning that something was never connected up correctly.
2023-11-20 21:35:32 +01:00

40 lines
1.3 KiB
Plaintext
Raw Blame History

/** Provides classes representing various sources of information about raised exceptions. */
import python
import semmle.python.dataflow.new.DataFlow
private import semmle.python.ApiGraphs
/**
* INTERNAL: Do not use.
*
* A data-flow node that carries information about a raised exception.
* Such information should rarely be exposed directly to the user.
*/
abstract class ExceptionInfo extends DataFlow::Node { }
/** A call to a function from the `traceback` module revealing information about a raised exception. */
private class TracebackFunctionCall extends ExceptionInfo, DataFlow::CallCfgNode {
TracebackFunctionCall() {
this =
API::moduleImport("traceback")
.getMember([
"extract_tb", "extract_stack", "format_list", "format_exception_only",
"format_exception", "format_exc", "format_tb", "format_stack"
])
.getACall()
}
}
/** A caught exception. */
private class CaughtException extends ExceptionInfo {
CaughtException() {
this.asExpr() = any(ExceptStmt s).getName() and
this.asCfgNode() = any(EssaNodeDefinition def).getDefiningNode()
}
}
/** A call to `sys.exc_info`. */
private class SysExcInfoCall extends ExceptionInfo, DataFlow::CallCfgNode {
SysExcInfoCall() { this = API::moduleImport("sys").getMember("exc_info").getACall() }
}
Reference in New Issue View Git Blame Copy Permalink