Python: fix nonlocal captured variables

yoff · yoff · commit 479d81fb75d8 · 2023-12-14T10:37:27.000+01:00
This depends on the extractor fix
diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll
@@ -299,6 +299,12 @@ module LocalFlow {
       nodeTo.(CfgNode).getNode() = def.getDefiningNode()
     )
     or
+    // General definition
+    // TODO: remove other cases that are now redundant
+    nodeFrom.(CfgNode).getNode() = nodeTo.(CfgNode).getNode().(DefinitionNode).getValue() and
+    // remove jump steps (such as assignment of parameter default values)
+    nodeFrom.getEnclosingCallable() = nodeTo.getEnclosingCallable()
+    or
     // With definition
     //   `with f(42) as x:`
     //   nodeFrom is `f(42)`
diff --git a/python/ql/test/experimental/dataflow/variable-capture/nonlocal.py b/python/ql/test/experimental/dataflow/variable-capture/nonlocal.py
@@ -38,7 +38,7 @@ def captureOut1():
         nonlocal sinkO1
         sinkO1 = SOURCE
     captureOut1()
-    SINK(sinkO1) #$ MISSING:captured
+    SINK(sinkO1) #$ captured
 
     sinkO2 = ""
     def captureOut2():
@@ -47,7 +47,7 @@ def m():
             sinkO2 = SOURCE
         m()
     captureOut2()
-    SINK(sinkO2) #$ MISSING:captured
+    SINK(sinkO2) #$ captured
 
     nonSink1 = ""
     def captureOut1NotCalled():
@@ -74,7 +74,7 @@ def captureOut1():
         nonlocal sinkO1
         sinkO1 = tainted
     captureOut1()
-    SINK(sinkO1) #$ MISSING:captured
+    SINK(sinkO1) #$ captured
 
     sinkO2 = ""
     def captureOut2():
@@ -83,7 +83,7 @@ def m():
             sinkO2 = tainted
         m()
     captureOut2()
-    SINK(sinkO2) #$ MISSING:captured
+    SINK(sinkO2) #$ captured
 
     nonSink1 = ""
     def captureOut1NotCalled():
