Python: resolve library calls in the CFG

yoff · yoff · commit 67c3a9b2f43e · 2022-09-06T17:00:28.000+02:00
rather than in the AST
diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowDispatchPointsTo.qll b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowDispatchPointsTo.qll
@@ -282,7 +282,7 @@ abstract class LibraryCallable extends string {
   LibraryCallable() { any() }
 
   /** Gets a call to this library callable. */
-  abstract Call getACall();
+  abstract CallNode getACall();
 
   /** Gets a data-flow node, where this library callable is used as a call-back. */
   abstract ArgumentNode getACallback();
@@ -405,7 +405,7 @@ class LibraryCallableValue extends DataFlowCallable, TLibraryCallable {
 
   override string toString() { result = callable.toString() }
 
-  override CallNode getACall() { result.getNode() = callable.getACall() }
+  override CallNode getACall() { result = callable.getACall() }
 
   /** Gets a data-flow node, where this library callable is used as a call-back. */
   ArgumentNode getACallback() { result = callable.getACallback() }
@@ -639,7 +639,7 @@ class SpecialCall extends DataFlowSourceCall, TSpecialCall {
 class LibraryCall extends NormalCall {
   LibraryCallable callable;
 
-  LibraryCall() { call.getNode() = callable.getACall() }
+  LibraryCall() { call = callable.getACall() }
 
   // TODO: Implement Python calling convention?
   override Node getArg(int n) { result = TCfgNode(call.getArg(n)) }
diff --git a/python/ql/test/experimental/dataflow/summaries/TestSummaries.qll b/python/ql/test/experimental/dataflow/summaries/TestSummaries.qll
@@ -5,7 +5,7 @@ private import semmle.python.ApiGraphs
 private class SummarizedCallableIdentity extends SummarizedCallable {
   SummarizedCallableIdentity() { this = "identity" }
 
-  override Call getACall() { result.getFunc().(Name).getId() = this }
+  override CallNode getACall() { result.getFunction().(NameNode).getId() = this }
 
   override DataFlow::ArgumentNode getACallback() { result.asExpr().(Name).getId() = this }
 
@@ -20,7 +20,7 @@ private class SummarizedCallableIdentity extends SummarizedCallable {
 private class SummarizedCallableApplyLambda extends SummarizedCallable {
   SummarizedCallableApplyLambda() { this = "apply_lambda" }
 
-  override Call getACall() { result.getFunc().(Name).getId() = this }
+  override CallNode getACall() { result.getFunction().(NameNode).getId() = this }
 
   override DataFlow::ArgumentNode getACallback() { result.asExpr().(Name).getId() = this }
 
@@ -38,7 +38,7 @@ private class SummarizedCallableApplyLambda extends SummarizedCallable {
 private class SummarizedCallableReversed extends SummarizedCallable {
   SummarizedCallableReversed() { this = "reversed" }
 
-  override Call getACall() { result.getFunc().(Name).getId() = this }
+  override CallNode getACall() { result.getFunction().(NameNode).getId() = this }
 
   override DataFlow::ArgumentNode getACallback() { result.asExpr().(Name).getId() = this }
 
@@ -52,7 +52,7 @@ private class SummarizedCallableReversed extends SummarizedCallable {
 private class SummarizedCallableMap extends SummarizedCallable {
   SummarizedCallableMap() { this = "map" }
 
-  override Call getACall() { result.getFunc().(Name).getId() = this }
+  override CallNode getACall() { result.getFunction().(NameNode).getId() = this }
 
   override DataFlow::ArgumentNode getACallback() { result.asExpr().(Name).getId() = this }
 
@@ -72,8 +72,8 @@ private class SummarizedCallableMap extends SummarizedCallable {
 private class SummarizedCallableJsonLoads extends SummarizedCallable {
   SummarizedCallableJsonLoads() { this = "json.loads" }
 
-  override Call getACall() {
-    result = API::moduleImport("json").getMember("loads").getACall().asExpr()
+  override CallNode getACall() {
+    result = API::moduleImport("json").getMember("loads").getACall().getNode()
   }
 
   override DataFlow::ArgumentNode getACallback() {
