mirror of
https://github.com/github/codeql.git
synced 2025-12-17 01:03:14 +01:00
fef08afff9
Moves the existing points-to predicates to the newly added class `ControlFlowNodeWithPointsTo` which resides in the `LegacyPointsTo` module. (Existing code that uses these predicates should import this module, and references to `ControlFlowNode` should be changed to `ControlFlowNodeWithPointsTo`.) Also updates all existing points-to based code to do just this.
26 lines
843 B
Plaintext
26 lines
843 B
Plaintext
import python
|
|
private import LegacyPointsTo
|
|
|
|
predicate monkey_patched_builtin(string name) {
|
|
exists(AttrNode attr, SubscriptNode subscr, StringLiteral s |
|
|
subscr.isStore() and
|
|
subscr.getIndex().getNode() = s and
|
|
s.getText() = name and
|
|
subscr.getObject() = attr and
|
|
attr.getObject("__dict__").(ControlFlowNodeWithPointsTo).pointsTo(Module::builtinModule())
|
|
)
|
|
or
|
|
exists(CallNode call, ControlFlowNodeWithPointsTo bltn, StringLiteral s |
|
|
call.getArg(0) = bltn and
|
|
bltn.pointsTo(Module::builtinModule()) and
|
|
call.getArg(1).getNode() = s and
|
|
s.getText() = name and
|
|
call.getFunction().(ControlFlowNodeWithPointsTo).pointsTo(Value::named("setattr"))
|
|
)
|
|
or
|
|
exists(AttrNode attr |
|
|
attr.isStore() and
|
|
attr.getObject(name).(ControlFlowNodeWithPointsTo).pointsTo(Module::builtinModule())
|
|
)
|
|
}
|