Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit c35a2b9

Browse files
hvitvedhvitved
committed
Python: Update data-flow caching
1 parent e8347c2 commit c35a2b9

2 files changed

Lines changed: 34 additions & 30 deletions

File tree

python/ql/src/semmle/python/dataflow/new/internal/DataFlowPrivate.qll

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -228,7 +228,6 @@ module EssaFlow {
228228
* data flow. It is a strict subset of the `localFlowStep` predicate, as it
229229
* excludes SSA flow through instance fields.
230230
*/
231-
cached
232231
predicate simpleLocalFlowStep(Node nodeFrom, Node nodeTo) {
233232
// If there is ESSA-flow out of a node `node`, we want flow
234233
// both out of `node` and any post-update node of `node`.
@@ -1559,7 +1558,6 @@ predicate kwUnpackReadStep(CfgNode nodeFrom, DictionaryElementContent c, Node no
15591558
* any value stored inside `f` is cleared at the pre-update node associated with `x`
15601559
* in `x.f = newValue`.
15611560
*/
1562-
cached
15631561
predicate clearsContent(Node n, Content c) {
15641562
exists(CallNode call, CallableValue callable, string name |
15651563
call_unpacks(call, _, callable, name, _) and

python/ql/src/semmle/python/dataflow/new/internal/TaintTrackingPrivate.qll

Lines changed: 34 additions & 28 deletions
Original file line numberDiff line numberDiff line change
@@ -9,37 +9,43 @@ private import semmle.python.dataflow.new.internal.TaintTrackingPublic
99
*/
1010
predicate defaultTaintSanitizer(DataFlow::Node node) { none() }
1111

12-
/**
13-
* Holds if the additional step from `nodeFrom` to `nodeTo` should be included in all
14-
* global taint flow configurations.
15-
*/
16-
predicate defaultAdditionalTaintStep(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) {
17-
localAdditionalTaintStep(nodeFrom, nodeTo)
18-
or
19-
any(AdditionalTaintStep a).step(nodeFrom, nodeTo)
20-
}
12+
private module Cached {
13+
/**
14+
* Holds if the additional step from `nodeFrom` to `nodeTo` should be included in all
15+
* global taint flow configurations.
16+
*/
17+
cached
18+
predicate defaultAdditionalTaintStep(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) {
19+
localAdditionalTaintStep(nodeFrom, nodeTo)
20+
or
21+
any(AdditionalTaintStep a).step(nodeFrom, nodeTo)
22+
}
2123

22-
/**
23-
* Holds if taint can flow in one local step from `nodeFrom` to `nodeTo` excluding
24-
* local data flow steps. That is, `nodeFrom` and `nodeTo` are likely to represent
25-
* different objects.
26-
*/
27-
predicate localAdditionalTaintStep(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) {
28-
concatStep(nodeFrom, nodeTo)
29-
or
30-
subscriptStep(nodeFrom, nodeTo)
31-
or
32-
stringManipulation(nodeFrom, nodeTo)
33-
or
34-
containerStep(nodeFrom, nodeTo)
35-
or
36-
copyStep(nodeFrom, nodeTo)
37-
or
38-
forStep(nodeFrom, nodeTo)
39-
or
40-
unpackingAssignmentStep(nodeFrom, nodeTo)
24+
/**
25+
* Holds if taint can flow in one local step from `nodeFrom` to `nodeTo` excluding
26+
* local data flow steps. That is, `nodeFrom` and `nodeTo` are likely to represent
27+
* different objects.
28+
*/
29+
cached
30+
predicate localAdditionalTaintStep(DataFlow::Node nodeFrom, DataFlow::Node nodeTo) {
31+
concatStep(nodeFrom, nodeTo)
32+
or
33+
subscriptStep(nodeFrom, nodeTo)
34+
or
35+
stringManipulation(nodeFrom, nodeTo)
36+
or
37+
containerStep(nodeFrom, nodeTo)
38+
or
39+
copyStep(nodeFrom, nodeTo)
40+
or
41+
forStep(nodeFrom, nodeTo)
42+
or
43+
unpackingAssignmentStep(nodeFrom, nodeTo)
44+
}
4145
}
4246

47+
import Cached
48+
4349
/**
4450
* Holds if taint can flow from `nodeFrom` to `nodeTo` with a step related to concatenation.
4551
*

0 commit comments

Comments
 (0)