Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit c20219c

Browse files
yoffyoff
committed
Python: more local flow and more tests
1 parent ce57a28 commit c20219c

10 files changed

Lines changed: 61 additions & 11 deletions

File tree

python/ql/src/experimental/dataflow/internal/DataFlowPrivate.qll

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -63,6 +63,8 @@ predicate simpleLocalFlowStep(Node nodeFrom, Node nodeTo) {
6363
// nodeFrom is control flow node for `x`
6464
// nodeTo is SSA variable for `x`
6565
nodeFrom.asCfgNode() = nodeTo.asEssaNode().(ParameterDefinition).getDefiningNode()
66+
or
67+
nodeFrom.asEssaNode().getAUse() = nodeTo.asCfgNode()
6668
}
6769

6870
// TODO: Make modules for these headings
@@ -120,7 +122,8 @@ class ReturnKind extends TReturnKind {
120122

121123
/** A data flow node that represents a value returned by a callable. */
122124
class ReturnNode extends Node {
123-
ReturnNode() { this.asCfgNode().isNormalExit() }
125+
// See `TaintTrackingImplementation::returnFlowStep`
126+
ReturnNode() { this.asCfgNode() = any(Return r).getValue().getAFlowNode() }
124127

125128
/** Gets the kind of this return node. */
126129
ReturnKind getKind() { result = TNormalReturnKind() }

python/ql/test/experimental/dataflow/callGraph.expected

Whitespace-only changes.

python/ql/test/experimental/dataflow/callGraph.ql

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,9 @@
1+
import callGraphConfig
2+
3+
from
4+
DataFlow::Node source,
5+
DataFlow::Node sink
6+
where
7+
exists(CallGraphConfig cfg | cfg.hasFlow(source, sink))
8+
select
9+
source, sink

python/ql/test/experimental/dataflow/callGraphConfig.qll

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,16 @@
1+
import experimental.dataflow.DataFlow
2+
3+
/**
4+
* A configuration to find the call graph edges.
5+
*/
6+
class CallGraphConfig extends DataFlow::Configuration {
7+
CallGraphConfig() { this = "CallGraphConfig" }
8+
9+
override predicate isSource(DataFlow::Node node) {
10+
node instanceof DataFlow::ReturnNode
11+
}
12+
13+
override predicate isSink(DataFlow::Node node) {
14+
node instanceof DataFlow::OutNode
15+
}
16+
}

python/ql/test/experimental/dataflow/callGraphSinks.expected

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
| test.py:8:5:8:8 | ControlFlowNode for f() |

python/ql/test/experimental/dataflow/callGraphSinks.ql

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,5 @@
1+
import callGraphConfig
2+
3+
from DataFlow::Node sink
4+
where exists(CallGraphConfig cfg | cfg.isSink(sink))
5+
select sink

python/ql/test/experimental/dataflow/callGraphSources.expected

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
| test.py:6:10:6:14 | ControlFlowNode for BinaryExpr |

python/ql/test/experimental/dataflow/callGraphSources.ql

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,5 @@
1+
import callGraphConfig
2+
3+
from DataFlow::Node source
4+
where exists(CallGraphConfig cfg | cfg.isSource(source))
5+
select source

python/ql/test/experimental/dataflow/local.expected

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,27 @@
1+
| test.py:0:0:0:0 | GSSA Variable __name__ | test.py:0:0:0:0 | Exit node for Module test |
2+
| test.py:0:0:0:0 | GSSA Variable __name__ | test.py:8:5:8:8 | ControlFlowNode for f() |
3+
| test.py:0:0:0:0 | GSSA Variable __package__ | test.py:0:0:0:0 | Exit node for Module test |
4+
| test.py:0:0:0:0 | GSSA Variable __package__ | test.py:8:5:8:8 | ControlFlowNode for f() |
5+
| test.py:0:0:0:0 | GSSA Variable c | test.py:8:5:8:8 | ControlFlowNode for f() |
6+
| test.py:0:0:0:0 | SSA variable $ | test.py:0:0:0:0 | Exit node for Module test |
7+
| test.py:1:1:1:1 | GSSA Variable a | test.py:2:5:2:5 | ControlFlowNode for a |
8+
| test.py:1:1:1:1 | GSSA Variable a | test.py:8:5:8:8 | ControlFlowNode for f() |
19
| test.py:1:1:1:1 | GSSA Variable a | test.py:8:5:8:8 | GSSA Variable a |
10+
| test.py:1:1:1:1 | GSSA Variable a | test.py:8:7:8:7 | ControlFlowNode for a |
211
| test.py:1:5:1:5 | ControlFlowNode for IntegerLiteral | test.py:1:1:1:1 | GSSA Variable a |
12+
| test.py:2:1:2:1 | GSSA Variable b | test.py:0:0:0:0 | Exit node for Module test |
13+
| test.py:2:1:2:1 | GSSA Variable b | test.py:8:5:8:8 | ControlFlowNode for f() |
314
| test.py:2:5:2:5 | ControlFlowNode for a | test.py:2:1:2:1 | GSSA Variable b |
415
| test.py:4:1:4:9 | ControlFlowNode for FunctionExpr | test.py:4:5:4:5 | GSSA Variable f |
16+
| test.py:4:5:4:5 | GSSA Variable f | test.py:0:0:0:0 | Exit node for Module test |
17+
| test.py:4:5:4:5 | GSSA Variable f | test.py:8:5:8:5 | ControlFlowNode for f |
18+
| test.py:4:5:4:5 | GSSA Variable f | test.py:8:5:8:8 | ControlFlowNode for f() |
519
| test.py:4:7:4:7 | ControlFlowNode for x | test.py:4:7:4:7 | SSA variable x |
20+
| test.py:4:7:4:7 | SSA variable x | test.py:4:1:4:9 | Exit node for Function f |
21+
| test.py:4:7:4:7 | SSA variable x | test.py:5:7:5:7 | ControlFlowNode for x |
22+
| test.py:5:3:5:3 | SSA variable y | test.py:4:1:4:9 | Exit node for Function f |
23+
| test.py:5:3:5:3 | SSA variable y | test.py:6:10:6:10 | ControlFlowNode for y |
624
| test.py:5:7:5:11 | ControlFlowNode for BinaryExpr | test.py:5:3:5:3 | SSA variable y |
25+
| test.py:8:1:8:1 | GSSA Variable c | test.py:0:0:0:0 | Exit node for Module test |
726
| test.py:8:5:8:8 | ControlFlowNode for f() | test.py:8:1:8:1 | GSSA Variable c |
27+
| test.py:8:5:8:8 | GSSA Variable a | test.py:0:0:0:0 | Exit node for Module test |

python/ql/test/experimental/dataflow/sinks.expected

Lines changed: 0 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -1,12 +1,2 @@
11
| test.py:0:0:0:0 | Exit node for Module test |
2-
| test.py:0:0:0:0 | GSSA Variable __name__ |
3-
| test.py:0:0:0:0 | GSSA Variable __package__ |
4-
| test.py:0:0:0:0 | GSSA Variable c |
5-
| test.py:0:0:0:0 | SSA variable $ |
6-
| test.py:2:1:2:1 | GSSA Variable b |
72
| test.py:4:1:4:9 | Exit node for Function f |
8-
| test.py:4:5:4:5 | GSSA Variable f |
9-
| test.py:4:7:4:7 | SSA variable x |
10-
| test.py:5:3:5:3 | SSA variable y |
11-
| test.py:8:1:8:1 | GSSA Variable c |
12-
| test.py:8:5:8:8 | GSSA Variable a |

0 commit comments

Comments
 (0)