Python: Make py/side-effect-in-assert handle example

RasmusWL · RasmusWL · commit 6e349eb6e7f0 · 2020-02-19T14:05:55.000+01:00
Also removed parantheses
diff --git a/python/ql/src/Statements/SideEffectInAssert.py b/python/ql/src/Statements/SideEffectInAssert.py
@@ -1 +1 @@
-assert(subprocess.call(['run-backup']) == 0)
+assert subprocess.call(['run-backup']) == 0
diff --git a/python/ql/src/Statements/SideEffectInAssert.ql b/python/ql/src/Statements/SideEffectInAssert.ql
@@ -28,13 +28,23 @@ predicate func_with_side_effects(Expr e) {
     )
 }
 
+predicate call_with_side_effect(Call e) {
+    e.getAFlowNode() = Value::named("subprocess.call").getACall()
+    or
+    e.getAFlowNode() = Value::named("subprocess.check_call").getACall()
+    or
+    e.getAFlowNode() = Value::named("subprocess.check_output").getACall()
+}
+
 predicate probable_side_effect(Expr e) {
     // Only consider explicit yields, not artificial ones in comprehensions
     e instanceof Yield and not exists(Comp c | c.contains(e))
     or
     e instanceof YieldFrom
     or
     e instanceof Call and func_with_side_effects(e.(Call).getFunc())
+    or
+    e instanceof Call and call_with_side_effect(e)
 }
 
 from Assert a, Expr e
diff --git a/python/ql/test/query-tests/Statements/asserts/SideEffectInAssert.expected b/python/ql/test/query-tests/Statements/asserts/SideEffectInAssert.expected
@@ -1,2 +1,3 @@
 | assert.py:5:5:5:20 | Assert | This 'assert' statement contains $@ which may have side effects. | assert.py:5:13:5:19 | Yield | an expression |
 | assert.py:8:5:8:22 | Assert | This 'assert' statement contains $@ which may have side effects. | assert.py:8:12:8:22 | Attribute() | an expression |
+| assert.py:20:1:20:43 | Assert | This 'assert' statement contains $@ which may have side effects. | assert.py:20:8:20:38 | Attribute() | an expression |
diff --git a/python/ql/test/query-tests/Statements/asserts/assert.py b/python/ql/test/query-tests/Statements/asserts/assert.py
@@ -16,8 +16,8 @@ def assert_tuple(x, y):
     assert ()
     assert (x, y)
 
-
-
+import subprocess
+assert subprocess.call(['run-backup']) == 0 # TODO: FN
 
 
 
@@ -103,4 +103,4 @@ def error_assert_in_intermediate_branch(x):
     elif yks(x):
         pass
     else:
-        pass
+        pass

Original file line number	Diff line number	Diff line change
`@@ -1 +1 @@`
`1`		`-assert(subprocess.call(['run-backup']) == 0)`
	`1`	`+assert subprocess.call(['run-backup']) == 0`
Original file line number	Diff line number	Diff line change
`@@ -1,2 +1,3 @@`
`1`	`1`	`\| assert.py:5:5:5:20 \| Assert \| This 'assert' statement contains $@ which may have side effects. \| assert.py:5:13:5:19 \| Yield \| an expression \|`
`2`	`2`	`\| assert.py:8:5:8:22 \| Assert \| This 'assert' statement contains $@ which may have side effects. \| assert.py:8:12:8:22 \| Attribute() \| an expression \|`
	`3`	`+\| assert.py:20:1:20:43 \| Assert \| This 'assert' statement contains $@ which may have side effects. \| assert.py:20:8:20:38 \| Attribute() \| an expression \|`