Python: Fix false negative

I'm slightly suspicious of this fix -- it seems to work, but it makes
me wonder if we're potentially missing other kinds of flow, by not
handling other kinds of definitions.

Also, I feel like this should really be attached to an appropriate
post-update node of the given argument. As it is written now, the flow
will go from the argument _before_ the call, which obviously misses a
step if the argument is modified by the call. In practice, I would
expect this to be rather rare.

Author: tausbn

python/ql/src/experimental/dataflow/internal/DataFlowPrivate.qll

@@ -521,8 +521,11 @@ predicate jumpStep(Node nodeFrom, Node nodeTo) {
 private predicate module_export(Module m, string name, CfgNode defn) {
   exists(EssaVariable v |
     v.getName() = name and
-    v.getAUse() = m.getANormalExit() and
+    v.getAUse() = m.getANormalExit()
+  |
     defn.getNode() = v.getDefinition().(AssignmentDefinition).getValue()
+    or
+    defn.getNode() = v.getDefinition().(ArgumentRefinement).getArgument()
   )
 }
 

python/ql/test/experimental/dataflow/typetracking/test.py

@@ -54,7 +54,7 @@ def test_import():
     mymodule.x # $tracked
     y = mymodule.func() # $tracked
     y # $tracked
-    mymodule.z # $f-:tracked
+    mymodule.z # $tracked
 
 # ------------------------------------------------------------------------------