Python: Fix too many results from DataFlow::importNode

RasmusWL · RasmusWL · commit 5646af56dd5a · 2021-01-27T19:11:55.000+01:00
diff --git a/python/ql/src/semmle/python/dataflow/new/internal/DataFlowUtil.qll b/python/ql/src/semmle/python/dataflow/new/internal/DataFlowUtil.qll
@@ -68,5 +68,11 @@ Node importNode(string name) {
   // Because named imports are modelled as `AttrRead`s, the statement `from foo import bar as baz`
   // is interpreted as if it was an assignment `baz = foo.bar`, which means `baz` gets tracked as a
   // reference to `foo.bar`, as desired.
-  result.asCfgNode().getNode() = any(ImportExpr i | i.getName() = name)
+  exists(ImportExpr imp_expr |
+    imp_expr.getName() = name and
+    result.asCfgNode().getNode() = imp_expr and
+    // in `import foo.bar` we DON'T want to give a result for `importNode("foo.bar")`,
+    // only for `importNode("foo")`. We exclude those cases with the following clause.
+    not exists(Import imp | imp.getAName().getValue() = imp_expr)
+  )
 }
diff --git a/python/ql/test/experimental/dataflow/import-helper/ImportHelper.expected b/python/ql/test/experimental/dataflow/import-helper/ImportHelper.expected
@@ -4,21 +4,17 @@
 | test2.py:1:19:1:21 | ControlFlowNode for ImportMember | mypkg.foo |
 | test2.py:1:24:1:26 | ControlFlowNode for ImportMember | mypkg.bar |
 | test3.py:1:8:1:16 | ControlFlowNode for ImportExpr | mypkg |
-| test3.py:1:8:1:16 | ControlFlowNode for ImportExpr | mypkg.foo |
 | test3.py:2:8:2:16 | ControlFlowNode for ImportExpr | mypkg |
-| test3.py:2:8:2:16 | ControlFlowNode for ImportExpr | mypkg.bar |
 | test4.py:1:8:1:16 | ControlFlowNode for ImportExpr | mypkg.foo |
 | test4.py:2:8:2:16 | ControlFlowNode for ImportExpr | mypkg.bar |
 | test5.py:1:8:1:12 | ControlFlowNode for ImportExpr | mypkg |
 | test5.py:9:6:9:10 | ControlFlowNode for ImportExpr | mypkg |
 | test5.py:9:19:9:29 | ControlFlowNode for ImportMember | mypkg.bar |
 | test6.py:1:8:1:12 | ControlFlowNode for ImportExpr | mypkg |
 | test6.py:5:8:5:16 | ControlFlowNode for ImportExpr | mypkg |
-| test6.py:5:8:5:16 | ControlFlowNode for ImportExpr | mypkg.foo |
 | test7.py:1:6:1:10 | ControlFlowNode for ImportExpr | mypkg |
 | test7.py:1:19:1:21 | ControlFlowNode for ImportMember | mypkg.foo |
 | test7.py:5:8:5:16 | ControlFlowNode for ImportExpr | mypkg |
-| test7.py:5:8:5:16 | ControlFlowNode for ImportExpr | mypkg.foo |
 | test7.py:9:6:9:10 | ControlFlowNode for ImportExpr | mypkg |
 | test7.py:9:19:9:21 | ControlFlowNode for ImportMember | mypkg.foo |
 | test_deep.py:1:6:1:21 | ControlFlowNode for ImportExpr | start.middle.end |
diff --git a/python/ql/test/experimental/dataflow/typetracking/test.py b/python/ql/test/experimental/dataflow/typetracking/test.py
@@ -108,7 +108,7 @@ def track_self(self): # $ tracked_self
 
 def test_long_import_chain():
     import foo.bar
-    foo.baz # $ SPURIOUS: tracked_foo_bar_baz
+    foo.baz
     x = foo.bar.baz # $ tracked_foo_bar_baz
     do_stuff(x) # $ tracked_foo_bar_baz
 
