Python: Add some more utility predicates and classes to the new 'Value' API.

Author: markshannon

python/ql/src/semmle/python/objects/ObjectAPI.qll

@@ -218,6 +218,17 @@ module Value {
         result.(UnicodeObjectInternal).strValue() = text
     }
 
+    /** Gets a `Value` for the string `text`. May be a bytes or unicode string for Python 2.
+     * There will be no `Value` for most strings, unless it is explicitly
+     * declared in the source program.
+     */
+    Value forString(string text) {
+        result.(UnicodeObjectInternal).strValue() = text
+        or
+        major_version() = 2 and
+        result.(BytesObjectInternal).strValue() = text
+    }
+
     /** Gets the `Value` for the bool constant `b`. */
     Value forBool(boolean b) {
         b = true and result = TTrue()
@@ -389,20 +400,54 @@ class ClassValue extends Value {
 
 }
 
-class PythonFunctionValue extends CallableValue {
+
+/** Class representing functions in the Python program, both Python and built-in.
+ * Note that this does not include other callables such as bound-methods.
+ */
+abstract class FunctionValue extends CallableValue {
+
+    abstract string getQualifiedName();
+
+}
+
+class PythonFunctionValue extends FunctionValue {
 
     PythonFunctionValue() {
         this instanceof PythonFunctionObjectInternal
     }
 
+    override string getQualifiedName() {
+        result = this.(PythonFunctionObjectInternal).getScope().getQualifiedName()
+    }
+
 }
 
-class BuiltinFunctionValue extends CallableValue {
+class BuiltinFunctionValue extends FunctionValue {
 
     BuiltinFunctionValue() {
         this instanceof BuiltinFunctionObjectInternal
     }
 
+    override string getQualifiedName() {
+        result = this.(BuiltinFunctionObjectInternal).getName()
+    }
+
+}
+
+class BuiltinMethodValue extends FunctionValue {
+
+    BuiltinMethodValue() {
+        this instanceof BuiltinMethodObjectInternal
+    }
+
+    override string getQualifiedName() {
+        exists(Builtin cls |
+            cls.isClass() and
+            cls.getMember(_) = this.(BuiltinMethodObjectInternal).getBuiltin() and
+            result = cls.getName() + "." + this.getName()
+        )
+    }
+
 }
 
 class SequenceValue extends Value {

python/ql/test/library-tests/PointsTo/api/QualifedNames.expected

@@ -0,0 +1,5 @@
+| file://:0:0:0:0 | Builtin-function exit | exit |
+| file://:0:0:0:0 | Builtin-function len | len |
+| file://:0:0:0:0 | builtin method append | list.append |
+| test.py:8:1:8:10 | Function foo | foo |
+| test.py:13:5:13:19 | Function C.meth | C.meth |

python/ql/test/library-tests/PointsTo/api/QualifedNames.ql

@@ -0,0 +1,16 @@
+
+import python
+
+from FunctionValue v, string name
+where name = v.getQualifiedName() and
+(
+    v = Value::named("len")
+    or
+    v instanceof PythonFunctionValue
+    or
+    v = Value::named("sys.exit")
+    or
+    v = Value::named("list").(ClassValue).lookup("append")
+)
+
+select v, name

python/ql/test/library-tests/PointsTo/api/test.py

@@ -4,3 +4,11 @@
 b"d"
 1000
 1004
+
+def foo():
+    pass
+
+class C(object):
+
+    def meth(self):
+        pass