Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit ec38464

Browse files
RasmusWLRasmusWL
committed
Python: Automodel for WSGIServer 
1 parent eb97a79 commit ec38464

2 files changed

Lines changed: 25 additions & 18 deletions

File tree

python/ql/lib/semmle/python/frameworks/Stdlib.qll

Lines changed: 16 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,7 @@ private import semmle.python.frameworks.internal.InstanceTaintStepsHelper
1717
// modeling split over multiple files to keep this file from becoming too big
1818
private import semmle.python.frameworks.Stdlib.Urllib
1919
private import semmle.python.frameworks.Stdlib.Urllib2
20+
private import semmle.python.frameworks.data.ModelsAsData
2021

2122
/** Provides models for the Python standard library. */
2223
module Stdlib {
@@ -298,7 +299,7 @@ module Stdlib {
298299
* policy, and the code is not in a polished enough state that we want to do so -- at
299300
* least not without having convincing use-cases for it :)
300301
*/
301-
private module StdlibPrivate {
302+
module StdlibPrivate {
302303
// ---------------------------------------------------------------------------
303304
// os
304305
// ---------------------------------------------------------------------------
@@ -2121,17 +2122,20 @@ private module StdlibPrivate {
21212122
// wsgiref.simple_server
21222123
// ---------------------------------------------------------------------------
21232124
/** Provides models for the `wsgiref.simple_server` module. */
2124-
private module WsgirefSimpleServer {
2125+
module WsgirefSimpleServer {
2126+
API::Node subclassRef() {
2127+
result =
2128+
API::moduleImport("wsgiref")
2129+
.getMember("simple_server")
2130+
.getMember("WSGIServer")
2131+
.getASubclass*()
2132+
or
2133+
result =
2134+
ModelOutput::getATypeNode("wsgiref.simple_server.WSGIServer~Subclass").getASubclass*()
2135+
}
2136+
21252137
class WsgiServerSubclass extends Class, SelfRefMixin {
2126-
WsgiServerSubclass() {
2127-
this.getParent() =
2128-
API::moduleImport("wsgiref")
2129-
.getMember("simple_server")
2130-
.getMember("WSGIServer")
2131-
.getASubclass*()
2132-
.asSource()
2133-
.asExpr()
2134-
}
2138+
WsgiServerSubclass() { this.getParent() = subclassRef().asSource().asExpr() }
21352139
}
21362140

21372141
/**
@@ -2148,13 +2152,7 @@ private module StdlibPrivate {
21482152
exists(DataFlow::Node appArg, DataFlow::CallCfgNode setAppCall |
21492153
(
21502154
setAppCall =
2151-
API::moduleImport("wsgiref")
2152-
.getMember("simple_server")
2153-
.getMember("WSGIServer")
2154-
.getASubclass*()
2155-
.getReturn()
2156-
.getMember("set_app")
2157-
.getACall()
2155+
WsgirefSimpleServer::subclassRef().getReturn().getMember("set_app").getACall()
21582156
or
21592157
setAppCall
21602158
.(DataFlow::MethodCallNode)

python/ql/src/meta/ClassHierarchy/Find.ql

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,7 @@ private import semmle.python.frameworks.Flask
1212
private import semmle.python.frameworks.FastApi
1313
private import semmle.python.frameworks.Django
1414
private import semmle.python.frameworks.Tornado
15+
private import semmle.python.frameworks.Stdlib
1516
import semmle.python.frameworks.data.internal.ApiGraphModelsExtensions as Extensions
1617

1718
class FlaskViewClasses extends FindSubclassesSpec {
@@ -66,6 +67,14 @@ class TornadoRequestHandler extends FindSubclassesSpec {
6667
}
6768
}
6869

70+
class WSGIServer extends FindSubclassesSpec {
71+
WSGIServer() { this = "wsgiref.simple_server.WSGIServer~Subclass" }
72+
73+
override API::Node getAlreadyModeledClass() {
74+
result = StdlibPrivate::WsgirefSimpleServer::subclassRef()
75+
}
76+
}
77+
6978
bindingset[fullyQualified]
7079
predicate fullyQualifiedToYamlFormat(string fullyQualified, string type2, string path) {
7180
exists(int firstDot | firstDot = fullyQualified.indexOf(".", 0, 0) |

0 commit comments

Comments
 (0)