Python: Factor out prettyPrinter and update tests

Author: yoff

…ental/dataflow/FlowTestUtil/FlowTest.qll …erimental/dataflow/TestUtil/FlowTest.qllpython/ql/test/experimental/dataflow/FlowTestUtil/FlowTest.qll renamed to python/ql/test/experimental/dataflow/TestUtil/FlowTest.qll python/ql/test/experimental/dataflow/FlowTestUtil/FlowTest.qll renamed to python/ql/test/experimental/dataflow/TestUtil/FlowTest.qll

@@ -1,6 +1,7 @@
 import python
 import semmle.python.dataflow.new.DataFlow
 import TestUtilities.InlineExpectationsTest
+import experimental.dataflow.TestUtil.PrintNode
 
 abstract class FlowTest extends InlineExpectationsTest {
   bindingset[this]
@@ -17,7 +18,8 @@ abstract class FlowTest extends InlineExpectationsTest {
       location = toNode.getLocation() and
       tag = this.flowTag() and
       value =
-        "\"" + fromNode.toString() + lineStr(fromNode, toNode) + " -> " + toNode.toString() + "\"" and
+        "\"" + prettyNode(fromNode).replaceAll("\"", "'") + lineStr(fromNode, toNode) + " -> " +
+          prettyNode(toNode).replaceAll("\"", "'") + "\"" and
       element = toNode.toString()
     )
   }

…aflow/FlowTestUtil/LocalFlowStepTest.qll …/dataflow/TestUtil/LocalFlowStepTest.qllpython/ql/test/experimental/dataflow/FlowTestUtil/LocalFlowStepTest.qll renamed to python/ql/test/experimental/dataflow/TestUtil/LocalFlowStepTest.qll python/ql/test/experimental/dataflow/FlowTestUtil/LocalFlowStepTest.qll renamed to python/ql/test/experimental/dataflow/TestUtil/LocalFlowStepTest.qll

@@ -1,5 +1,6 @@
 import python
 import semmle.python.dataflow.new.DataFlow
+private import semmle.python.dataflow.new.internal.DataFlowPrivate
 import FlowTest
 
 class MaximalFlowTest extends FlowTest {
@@ -21,14 +22,21 @@ class MaximalFlowsConfig extends DataFlow::Configuration {
   MaximalFlowsConfig() { this = "MaximalFlowsConfig" }
 
   override predicate isSource(DataFlow::Node node) {
+    exists(node.getLocation().getFile().getRelativePath()) and
     not node.asCfgNode() instanceof CallNode and
     not node.asCfgNode().getNode() instanceof Return and
     not node instanceof DataFlow::ParameterNode and
+    not node instanceof DataFlow::PostUpdateNode and
+    // not node.asExpr() instanceof FunctionExpr and
+    // not node.asExpr() instanceof ClassExpr and
     not exists(DataFlow::Node pred | DataFlow::localFlowStep(pred, node))
   }
 
   override predicate isSink(DataFlow::Node node) {
+    exists(node.getLocation().getFile().getRelativePath()) and
     not any(CallNode c).getArg(_) = node.asCfgNode() and
+    not node instanceof ArgumentNode and
+    not node.asCfgNode().(NameNode).getId().matches("SINK%") and
     not exists(DataFlow::Node succ | DataFlow::localFlowStep(node, succ))
   }
 }

…ataflow/FlowTestUtil/MaximalFlowTest.qll …al/dataflow/TestUtil/MaximalFlowTest.qllpython/ql/test/experimental/dataflow/FlowTestUtil/MaximalFlowTest.qll renamed to python/ql/test/experimental/dataflow/TestUtil/MaximalFlowTest.qll python/ql/test/experimental/dataflow/FlowTestUtil/MaximalFlowTest.qll renamed to python/ql/test/experimental/dataflow/TestUtil/MaximalFlowTest.qll

@@ -0,0 +1,31 @@
+import python
+import semmle.python.dataflow.new.DataFlow
+
+string prettyExp(Expr e) {
+  not e instanceof Num and
+  not e instanceof StrConst and
+  not e instanceof Subscript and
+  not e instanceof Call and
+  not e instanceof Attribute and
+  result = e.toString()
+  or
+  result = e.(Num).getN()
+  or
+  result =
+    e.(StrConst).getPrefix() + e.(StrConst).getText() +
+      e.(StrConst).getPrefix().regexpReplaceAll("[a-zA-Z]+", "")
+  or
+  result = prettyExp(e.(Subscript).getObject()) + "[" + prettyExp(e.(Subscript).getIndex()) + "]"
+  or
+  (
+    if exists(e.(Call).getAnArg()) or exists(e.(Call).getANamedArg())
+    then result = prettyExp(e.(Call).getFunc()) + "(..)"
+    else result = prettyExp(e.(Call).getFunc()) + "()"
+  )
+  or
+  result = prettyExp(e.(Attribute).getObject()) + "." + e.(Attribute).getName()
+}
+
+string prettyNode(DataFlow::Node node) {
+  if exists(node.asExpr()) then result = prettyExp(node.asExpr()) else result = node.toString()
+}

python/ql/test/experimental/dataflow/TestUtil/PrintNode.qll

@@ -1 +1 @@
-import experimental.dataflow.FlowTestUtil.LocalFlowStepTest
+import experimental.dataflow.TestUtil.LocalFlowStepTest

python/ql/test/experimental/dataflow/basic/localFlowStepTest.ql

@@ -1 +1 @@
-import experimental.dataflow.FlowTestUtil.MaximalFlowTest
+import experimental.dataflow.TestUtil.MaximalFlowTest

python/ql/test/experimental/dataflow/basic/maximalFlowTest.ql

@@ -1,7 +1,7 @@
-def obfuscated_id(x): #$ step="ControlFlowNode for FunctionExpr -> GSSA Variable obfuscated_id"
-  y = x #$ step="ControlFlowNode for x -> SSA variable y" step="SSA variable x, l:1 -> ControlFlowNode for x"
-  z = y #$ step="ControlFlowNode for y -> SSA variable z" step="SSA variable y, l:2 -> ControlFlowNode for y"
-  return z #$ flow="ControlFlowNode for IntegerLiteral, l:6 -> ControlFlowNode for z" step="SSA variable z, l:3 -> ControlFlowNode for z"
+def obfuscated_id(x): #$ step="FunctionExpr -> GSSA Variable obfuscated_id"
+  y = x #$ step="x -> SSA variable y" step="SSA variable x, l:1 -> x"
+  z = y #$ step="y -> SSA variable z" step="SSA variable y, l:2 -> y"
+  return z #$ flow="42, l:6 -> z" step="SSA variable z, l:3 -> z"
 
-a = 42 #$ step="ControlFlowNode for IntegerLiteral -> GSSA Variable a"
-b = obfuscated_id(a) #$ flow="ControlFlowNode for IntegerLiteral, l:6 -> GSSA Variable b" flow="ControlFlowNode for FunctionExpr, l:1 -> ControlFlowNode for obfuscated_id" step="ControlFlowNode for obfuscated_id() -> GSSA Variable b" step="GSSA Variable obfuscated_id, l:1 -> ControlFlowNode for obfuscated_id" step="GSSA Variable a, l:6 -> ControlFlowNode for a"
+a = 42 #$ step="42 -> GSSA Variable a"
+b = obfuscated_id(a) #$ flow="42, l:6 -> GSSA Variable b" flow="FunctionExpr, l:1 -> obfuscated_id" step="obfuscated_id(..) -> GSSA Variable b" step="GSSA Variable obfuscated_id, l:1 -> obfuscated_id" step="GSSA Variable a, l:6 -> a"

python/ql/test/experimental/dataflow/basic/test.py

@@ -72,14 +72,14 @@ def argument_passing(
     f,
     **g,
 ):
-    SINK1(a) #$ arg1="ControlFlowNode for arg1, l:89 -> ControlFlowNode for a" arg1="ControlFlowNode for arg1, l:94 -> ControlFlowNode for a"
-    SINK2(b) #$ arg2="ControlFlowNode for arg2, l:94 -> ControlFlowNode for b" MISSING:arg2="ControlFlowNode for arg2, l:89 -> ControlFlowNode for b"
-    SINK3(c) #$ arg3="ControlFlowNode for arg3, l:94 -> ControlFlowNode for c" MISSING: arg3="ControlFlowNode for arg3, l:89 -> ControlFlowNode for c"
-    SINK4(d) #$ MISSING: arg4="ControlFlowNode for arg4, l:89 -> ControlFlowNode for d"
-    SINK5(e) #$ MISSING: arg5="ControlFlowNode for arg5, l:89 -> ControlFlowNode for e"
-    SINK6(f) #$ MISSING: arg6="ControlFlowNode for arg6, l:89 -> ControlFlowNode for f"
+    SINK1(a) #$ arg1="arg1, l:89 -> a" arg1="arg1, l:94 -> a"
+    SINK2(b) #$ arg2="arg2, l:94 -> b" MISSING:arg2="arg2, l:89 -> b"
+    SINK3(c) #$ arg3="arg3, l:94 -> c" MISSING: arg3="arg3, l:89 -> c"
+    SINK4(d) #$ MISSING: arg4="arg4, l:89 -> d"
+    SINK5(e) #$ MISSING: arg5="arg5, l:89 -> e"
+    SINK6(f) #$ MISSING: arg6="arg6, l:89 -> f"
     try:
-        SINK7(g["g"]) #$ arg7="ControlFlowNode for arg7, l:89 -> ControlFlowNode for Subscript"
+        SINK7(g["g"]) #$ arg7="arg7, l:89 -> g['g']"
     except:
         print("OK")
 
@@ -95,8 +95,8 @@ def test_argument_passing2():
 
 
 def with_pos_only(a, /, b):
-    SINK1(a) #$ arg1="ControlFlowNode for arg1, l:104 -> ControlFlowNode for a" arg1="ControlFlowNode for arg1, l:105 -> ControlFlowNode for a" arg1="ControlFlowNode for arg1, l:106 -> ControlFlowNode for a"
-    SINK2(b) #$ arg2="ControlFlowNode for arg2, l:104 -> ControlFlowNode for b" arg2="ControlFlowNode for arg2, l:105 -> ControlFlowNode for b" MISSING: arg2="ControlFlowNode for arg2, l:106 -> ControlFlowNode for b"
+    SINK1(a) #$ arg1="arg1, l:104 -> a" arg1="arg1, l:105 -> a" arg1="arg1, l:106 -> a"
+    SINK2(b) #$ arg2="arg2, l:104 -> b" arg2="arg2, l:105 -> b" MISSING: arg2="arg2, l:106 -> b"
 
 
 @expects(6)
@@ -107,9 +107,9 @@ def test_pos_only():
 
 
 def with_multiple_kw_args(a, b, c):
-    SINK1(a) #$ arg1="ControlFlowNode for arg1, l:117 -> ControlFlowNode for a" arg1="ControlFlowNode for arg1, l:118 -> ControlFlowNode for a" arg1="ControlFlowNode for arg1, l:119 -> ControlFlowNode for a" arg1="ControlFlowNode for arg1, l:120 -> ControlFlowNode for a"
-    SINK2(b) #$ arg2="ControlFlowNode for arg2, l:117 -> ControlFlowNode for b" arg2="ControlFlowNode for arg2, l:120 -> ControlFlowNode for b" MISSING: arg2="ControlFlowNode for arg2, l:118 -> ControlFlowNode for b" arg2="ControlFlowNode for arg2, l:119 -> ControlFlowNode for b"
-    SINK3(c) #$ arg3="ControlFlowNode for arg3, l:117 -> ControlFlowNode for c" arg3="ControlFlowNode for arg3, l:119 -> ControlFlowNode for c" arg3="ControlFlowNode for arg3, l:120 -> ControlFlowNode for c" MISSING: arg3="ControlFlowNode for arg3, l:118 -> ControlFlowNode for c"
+    SINK1(a) #$ arg1="arg1, l:117 -> a" arg1="arg1, l:118 -> a" arg1="arg1, l:119 -> a" arg1="arg1, l:120 -> a"
+    SINK2(b) #$ arg2="arg2, l:117 -> b" arg2="arg2, l:120 -> b" MISSING: arg2="arg2, l:118 -> b" arg2="arg2, l:119 -> b"
+    SINK3(c) #$ arg3="arg3, l:117 -> c" arg3="arg3, l:119 -> c" arg3="arg3, l:120 -> c" MISSING: arg3="arg3, l:118 -> c"
 
 
 @expects(9)
@@ -121,9 +121,9 @@ def test_multiple_kw_args():
 
 
 def with_default_arguments(a=arg1, b=arg2, c=arg3):
-    SINK1(a) #$ arg1="ControlFlowNode for arg1, l:132 -> ControlFlowNode for a" MISSING:arg1="ControlFlowNode for arg1, l:123 -> ControlFlowNode for a"
-    SINK2(b) #$ arg2="ControlFlowNode for arg2, l:133 -> ControlFlowNode for b" MISSING: arg2="ControlFlowNode for arg2, l:123 -> ControlFlowNode for b"
-    SINK3(c) #$ arg3="ControlFlowNode for arg3, l:134 -> ControlFlowNode for c" MISSING: arg3="ControlFlowNode for arg3, l:123 -> ControlFlowNode for c"
+    SINK1(a) #$ arg1="arg1, l:132 -> a" MISSING:arg1="arg1, l:123 -> a"
+    SINK2(b) #$ arg2="arg2, l:133 -> b" MISSING: arg2="arg2, l:123 -> b"
+    SINK3(c) #$ arg3="arg3, l:134 -> c" MISSING: arg3="arg3, l:123 -> c"
 
 
 @expects(12)
@@ -136,14 +136,14 @@ def test_default_arguments():
 
 # Nested constructor pattern
 def grab_foo_bar_baz(foo, **kwargs):
-    SINK1(foo) #$ arg1="ControlFlowNode for arg1, l:160 -> ControlFlowNode for foo"
+    SINK1(foo) #$ arg1="arg1, l:160 -> foo"
     grab_bar_baz(**kwargs)
 
 
 # It is not possible to pass `bar` into `kwargs`,
 # since `bar` is a valid keyword argument.
 def grab_bar_baz(bar, **kwargs):
-    SINK2(bar) #$ arg2="ControlFlowNode for arg2, l:160 -> ControlFlowNode for bar"
+    SINK2(bar) #$ arg2="arg2, l:160 -> bar"
     try:
         SINK2_F(kwargs["bar"])
     except:
@@ -152,7 +152,7 @@ def grab_bar_baz(bar, **kwargs):
 
 
 def grab_baz(baz):
-    SINK3(baz) #$ arg3="ControlFlowNode for arg3, l:160 -> ControlFlowNode for baz"
+    SINK3(baz) #$ arg3="arg3, l:160 -> baz"
 
 
 @expects(4)
@@ -163,49 +163,49 @@ def test_grab():
 # All combinations
 def test_pos_pos():
     def with_pos(a):
-        SINK1(a) #$ arg1="ControlFlowNode for arg1, l:168 -> ControlFlowNode for a"
+        SINK1(a) #$ arg1="arg1, l:168 -> a"
 
     with_pos(arg1)
 
 
 def test_pos_pos_only():
     def with_pos_only(a, /):
-        SINK1(a) #$ arg1="ControlFlowNode for arg1, l:175 -> ControlFlowNode for a"
+        SINK1(a) #$ arg1="arg1, l:175 -> a"
 
     with_pos_only(arg1)
 
 
 def test_pos_star():
     def with_star(*a):
         if len(a) > 0:
-            SINK1(a[0]) #$ arg1="ControlFlowNode for arg1, l:183 -> ControlFlowNode for Subscript"
+            SINK1(a[0]) #$ arg1="arg1, l:183 -> a[0]"
 
     with_star(arg1)
 
 
 def test_pos_kw():
     def with_kw(a=""):
-        SINK1(a) #$ arg1="ControlFlowNode for arg1, l:190 -> ControlFlowNode for a"
+        SINK1(a) #$ arg1="arg1, l:190 -> a"
 
     with_kw(arg1)
 
 
 def test_kw_pos():
     def with_pos(a):
-        SINK1(a) #$ arg1="ControlFlowNode for arg1, l:197 -> ControlFlowNode for a"
+        SINK1(a) #$ arg1="arg1, l:197 -> a"
 
     with_pos(a=arg1)
 
 
 def test_kw_kw():
     def with_kw(a=""):
-        SINK1(a) #$ arg1="ControlFlowNode for arg1, l:204 -> ControlFlowNode for a"
+        SINK1(a) #$ arg1="arg1, l:204 -> a"
 
     with_kw(a=arg1)
 
 
 def test_kw_doublestar():
     def with_doublestar(**a):
-        SINK1(a["a"]) #$ arg1="ControlFlowNode for arg1, l:211 -> ControlFlowNode for Subscript"
+        SINK1(a["a"]) #$ arg1="arg1, l:211 -> a['a']"
 
     with_doublestar(a=arg1)

python/ql/test/experimental/dataflow/coverage/argumentPassing.py

@@ -1,7 +1,7 @@
 import python
 import semmle.python.dataflow.new.DataFlow
 private import semmle.python.dataflow.new.internal.DataFlowPrivate as DataFlowPrivate
-import experimental.dataflow.FlowTestUtil.FlowTest
+import experimental.dataflow.TestUtil.FlowTest
 
 class Argument1RoutingTest extends FlowTest {
   Argument1RoutingTest() { this = "Argument1RoutingTest" }