Skip to content

Commit e3280c8

Browse files
yoffyoff
committed
Python: handle TODO
although this is not actually tested, so we may have to adjust once we use it. But the _very_ generic implementation is modeled on the Ruby code.
1 parent 78d4dc3 commit e3280c8

File tree

1 file changed

+43
-29
lines changed

1 file changed

+43
-29
lines changed

python/ql/lib/semmle/python/dataflow/new/FlowSummary.qll

Lines changed: 43 additions & 29 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,8 @@
22

33
private import python
44
private import semmle.python.dataflow.new.DataFlow
5+
private import semmle.python.frameworks.data.ModelsAsData
6+
private import semmle.python.ApiGraphs
57
private import internal.FlowSummaryImpl as Impl
68
private import internal.DataFlowUtil
79
private import internal.DataFlowPrivate
@@ -67,32 +69,44 @@ abstract class SummarizedCallable extends LibraryCallable, Impl::Public::Summari
6769
}
6870

6971
class RequiredSummaryComponentStack = Impl::Public::RequiredSummaryComponentStack;
70-
//
71-
// TODO: Implement this
72-
//
73-
// private class SummarizedCallableFromModel extends SummarizedCallable {
74-
// string package;
75-
// string type;
76-
// string path;
77-
// SummarizedCallableFromModel() {
78-
// ModelOutput::relevantSummaryModel(package, type, path, _, _, _) and
79-
// this = package + ";" + type + ";" + path
80-
// }
81-
// override Call getACall() {
82-
// exists(API::MethodAccessNode base |
83-
// ModelOutput::resolvedSummaryBase(package, type, path, base) and
84-
// result = base.getCallNode().asExpr().getExpr()
85-
// )
86-
// }
87-
// override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
88-
// exists(string kind |
89-
// ModelOutput::relevantSummaryModel(package, type, path, input, output, kind)
90-
// |
91-
// kind = "value" and
92-
// preservesValue = true
93-
// or
94-
// kind = "taint" and
95-
// preservesValue = false
96-
// )
97-
// }
98-
// }
72+
73+
// This gives access to getNodeFromPath, which is not constrained to `CallNode`s
74+
// as `resolvedSummaryBase` is.
75+
private import semmle.python.frameworks.data.internal.ApiGraphModels as AGM
76+
77+
private class SummarizedCallableFromModel extends SummarizedCallable {
78+
string package;
79+
string type;
80+
string path;
81+
82+
SummarizedCallableFromModel() {
83+
ModelOutput::relevantSummaryModel(package, type, path, _, _, _) and
84+
this = package + ";" + type + ";" + path
85+
}
86+
87+
override CallNode getACall() {
88+
exists(API::CallNode base |
89+
ModelOutput::resolvedSummaryBase(package, type, path, base) and
90+
result = base.asCfgNode()
91+
)
92+
}
93+
94+
override ArgumentNode getACallback() {
95+
exists(API::Node base |
96+
base = AGM::getNodeFromPath(package, type, path) and
97+
result = base.getAValueReachableFromSource()
98+
)
99+
}
100+
101+
override predicate propagatesFlowExt(string input, string output, boolean preservesValue) {
102+
exists(string kind |
103+
ModelOutput::relevantSummaryModel(package, type, path, input, output, kind)
104+
|
105+
kind = "value" and
106+
preservesValue = true
107+
or
108+
kind = "taint" and
109+
preservesValue = false
110+
)
111+
}
112+
}

0 commit comments

Comments
 (0)