Python: Refactor argument matching to use set literals

RasmusWL · tausbn · web-flow · commit 2e430325be5e · 2020-10-13T10:05:35.000+02:00
Co-authored-by: Taus &lt;tausbn@github.com&gt;
diff --git a/python/ql/src/experimental/semmle/python/frameworks/Flask.qll b/python/ql/src/experimental/semmle/python/frameworks/Flask.qll
@@ -157,14 +157,7 @@ private module Flask {
     }
 
     override DataFlow::Node getUrlPatternArg() {
-      exists(ControlFlowNode pattern_arg |
-        (
-          pattern_arg = call.getArg(0)
-          or
-          pattern_arg = call.getArgByName("rule")
-        ) and
-        result.asCfgNode() = pattern_arg
-      )
+      result.asCfgNode() in [call.getArg(0), call.getArgByName("rule")]
     }
 
     override Function getARouteHandler() { result.getADecorator() = call.getNode() }
@@ -184,23 +177,13 @@ private module Flask {
     }
 
     override DataFlow::Node getUrlPatternArg() {
-      exists(ControlFlowNode pattern_arg |
-        (
-          pattern_arg = call.getArg(0)
-          or
-          pattern_arg = call.getArgByName("rule")
-        ) and
-        result.asCfgNode() = pattern_arg
-      )
+      result.asCfgNode() in [call.getArg(0), call.getArgByName("rule")]
     }
 
     override Function getARouteHandler() {
-      exists(ControlFlowNode view_func_arg, DataFlow::Node func_src |
-        view_func_arg = call.getArg(2)
-        or
-        view_func_arg = call.getArgByName("view_func")
-      |
-        DataFlow::localFlow(func_src, any(DataFlow::Node dest | dest.asCfgNode() = view_func_arg)) and
+      exists(DataFlow::Node view_func_arg, DataFlow::Node func_src |
+        view_func_arg.asCfgNode() in [call.getArg(2), call.getArgByName("view_func")] and
+        DataFlow::localFlow(func_src, view_func_arg) and
         func_src.asExpr().(CallableExpr) = result.getDefinition()
       )
     }
