Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 95f78e7

Browse files
RasmusWLRasmusWL
authored
Merge pull request #2674 from tausbn/python-modernise-web-libraries
Python: Modernise remaining web libraries.
2 parents 7e042da + 0924a97 commit 95f78e7

3 files changed

Lines changed: 19 additions & 14 deletions

File tree

python/ql/src/semmle/python/objects/ObjectAPI.qll

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -643,6 +643,11 @@ module ClassValue {
643643
result = TBuiltinClassObject(Builtin::special("bool"))
644644
}
645645

646+
/** Get the `ClassValue` for the `dict` class. */
647+
ClassValue dict() {
648+
result = TBuiltinClassObject(Builtin::special("dict"))
649+
}
650+
646651
/** Get the `ClassValue` for the class of Python functions. */
647652
ClassValue function() {
648653
result = TBuiltinClassObject(Builtin::special("FunctionType"))

python/ql/src/semmle/python/web/Http.qll

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -19,17 +19,17 @@ class WsgiEnvironment extends TaintKind {
1919
result = this and Implementation::copyCall(fromnode, tonode)
2020
or
2121
result = this and
22-
tonode.(CallNode).getFunction().refersTo(theDictType()) and
22+
tonode.(CallNode).getFunction().pointsTo(ClassValue::dict()) and
2323
tonode.(CallNode).getArg(0) = fromnode
2424
or
25-
exists(StringObject key, string text |
25+
exists(Value key, string text |
2626
tonode.(CallNode).getFunction().(AttrNode).getObject("get") = fromnode and
27-
tonode.(CallNode).getArg(0).refersTo(key)
27+
tonode.(CallNode).getArg(0).pointsTo(key)
2828
or
2929
tonode.(SubscriptNode).getValue() = fromnode and tonode.isLoad() and
30-
tonode.(SubscriptNode).getIndex().refersTo(key)
30+
tonode.(SubscriptNode).getIndex().pointsTo(key)
3131
|
32-
text = key.getText() and result instanceof ExternalStringKind and
32+
key = Value::forString(text) and result instanceof ExternalStringKind and
3333
(
3434
text = "QUERY_STRING" or
3535
text = "PATH_INFO" or

python/ql/src/semmle/python/web/cherrypy/General.qll

Lines changed: 9 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -22,23 +22,23 @@ class CherryPyRoute extends CallNode {
2222
this.getFunction().(AttrNode).getObject("mount").pointsTo(Value::named("cherrypy.tree"))
2323
}
2424

25-
ClassObject getAppClass() {
26-
this.getArg(0).refersTo(_, result, _)
25+
ClassValue getAppClass() {
26+
this.getArg(0).pointsTo().getClass() = result
2727
or
28-
this.getArgByName("root").refersTo(_, result, _)
28+
this.getArgByName("root").pointsTo().getClass() = result
2929
}
3030

3131
string getPath() {
32-
exists(StringObject path | result = path.getText() |
33-
this.getArg(1).refersTo(path)
32+
exists(Value path | path = Value::forString(result) |
33+
this.getArg(1).pointsTo(path)
3434
or
35-
this.getArgByName("script_name").refersTo(path)
35+
this.getArgByName("script_name").pointsTo(path)
3636
)
3737
}
3838

39-
Object getConfig() {
40-
this.getArg(2).refersTo(_, result, _)
39+
ClassValue getConfig() {
40+
this.getArg(2).pointsTo().getClass() = result
4141
or
42-
this.getArgByName("config").refersTo(_, result, _)
42+
this.getArgByName("config").pointsTo().getClass() = result
4343
}
4444
}

0 commit comments

Comments
 (0)