Python: Autoformat (4 spaces) tornado library

Author: RasmusWL

python/ql/src/semmle/python/web/tornado/Redirect.qll

@@ -1,23 +1,20 @@
-/** Provides class representing the `tornado.redirect` function.
+/**
+ * Provides class representing the `tornado.redirect` function.
  * This module is intended to be imported into a taint-tracking query
  * to extend `TaintSink`.
  */
-import python
 
+import python
 import semmle.python.security.TaintTracking
 import semmle.python.security.strings.Basic
 import semmle.python.web.Http
 import Tornado
 
-
 /**
  * Represents an argument to the `tornado.redirect` function.
  */
 class TornadoRedirect extends HttpRedirectTaintSink {
-
-    override string toString() {
-        result = "tornado.redirect"
-    }
+    override string toString() { result = "tornado.redirect" }
 
     TornadoRedirect() {
         exists(CallNode call, ControlFlowNode node |
@@ -26,5 +23,4 @@ class TornadoRedirect extends HttpRedirectTaintSink {
             this = call.getAnArg()
         )
     }
-
 }

python/ql/src/semmle/python/web/tornado/Request.qll

@@ -1,15 +1,11 @@
 import python
-
 import semmle.python.security.TaintTracking
 import semmle.python.web.Http
 import Tornado
 
 /** A tornado.request.HttpRequest object */
 class TornadoRequest extends TaintKind {
-
-    TornadoRequest() {
-        this = "tornado.request.HttpRequest"
-    }
+    TornadoRequest() { this = "tornado.request.HttpRequest" }
 
     override TaintKind getTaintOfAttribute(string name) {
         result instanceof ExternalStringDictKind and
@@ -32,68 +28,45 @@ class TornadoRequest extends TaintKind {
             name = "body_arguments"
         )
     }
-
 }
 
-
 class TornadoRequestSource extends TaintSource {
+    TornadoRequestSource() { isTornadoRequestHandlerInstance(this.(AttrNode).getObject("request")) }
 
-    TornadoRequestSource() {
-        isTornadoRequestHandlerInstance(this.(AttrNode).getObject("request"))
-    }
-
-    override string toString() {
-        result = "Tornado request source"
-    }
-
-    override predicate isSourceOf(TaintKind kind) {
-        kind instanceof TornadoRequest
-    }
+    override string toString() { result = "Tornado request source" }
 
+    override predicate isSourceOf(TaintKind kind) { kind instanceof TornadoRequest }
 }
 
 class TornadoExternalInputSource extends TaintSource {
-
     TornadoExternalInputSource() {
         exists(string name |
             name = "get_argument" or
             name = "get_query_argument" or
             name = "get_body_argument" or
             name = "decode_argument"
-            |
+        |
             this = callToNamedTornadoRequestHandlerMethod(name)
         )
     }
 
-    override string toString() {
-        result = "Tornado request method"
-    }
-
-    override predicate isSourceOf(TaintKind kind) {
-        kind instanceof ExternalStringKind
-    }
+    override string toString() { result = "Tornado request method" }
 
+    override predicate isSourceOf(TaintKind kind) { kind instanceof ExternalStringKind }
 }
 
 class TornadoExternalInputListSource extends TaintSource {
-
     TornadoExternalInputListSource() {
         exists(string name |
             name = "get_arguments" or
             name = "get_query_arguments" or
             name = "get_body_arguments"
-            |
+        |
             this = callToNamedTornadoRequestHandlerMethod(name)
         )
     }
 
-    override string toString() {
-        result = "Tornado request method"
-    }
-
-    override predicate isSourceOf(TaintKind kind) {
-        kind instanceof ExternalStringSequenceKind
-    }
+    override string toString() { result = "Tornado request method" }
 
+    override predicate isSourceOf(TaintKind kind) { kind instanceof ExternalStringSequenceKind }
 }
-

python/ql/src/semmle/python/web/tornado/Response.qll

@@ -1,63 +1,42 @@
 import python
-
-
 import semmle.python.security.TaintTracking
 import semmle.python.security.strings.Basic
 private import semmle.python.web.Http
-
 import Tornado
 
 class TornadoConnection extends TaintKind {
-
-    TornadoConnection() {
-        this = "tornado.http.connection"
-    }
-
+    TornadoConnection() { this = "tornado.http.connection" }
 }
 
 class TornadoConnectionSource extends TaintSource {
-
     TornadoConnectionSource() {
         isTornadoRequestHandlerInstance(this.(AttrNode).getObject("connection"))
     }
 
-    override string toString() {
-        result = "Tornado http connection source"
-    }
-
-    override predicate isSourceOf(TaintKind kind) {
-        kind instanceof TornadoConnection
-    }
+    override string toString() { result = "Tornado http connection source" }
 
+    override predicate isSourceOf(TaintKind kind) { kind instanceof TornadoConnection }
 }
 
 class TornadoConnectionWrite extends HttpResponseTaintSink {
-
-    override string toString() {
-        result = "tornado.connection.write"
-    }
+    override string toString() { result = "tornado.connection.write" }
 
     TornadoConnectionWrite() {
         exists(CallNode call, ControlFlowNode conn |
             conn = call.getFunction().(AttrNode).getObject("write") and
-            this = call.getAnArg() |
+            this = call.getAnArg()
+        |
             exists(TornadoConnection tc | tc.taints(conn))
             or
             isTornadoRequestHandlerInstance(conn)
         )
     }
 
-    override predicate sinks(TaintKind kind) {
-        kind instanceof StringKind
-    }
-
+    override predicate sinks(TaintKind kind) { kind instanceof StringKind }
 }
 
 class TornadoHttpRequestHandlerWrite extends HttpResponseTaintSink {
-
-    override string toString() {
-        result = "tornado.HttpRequesHandler.write"
-    }
+    override string toString() { result = "tornado.HttpRequesHandler.write" }
 
     TornadoHttpRequestHandlerWrite() {
         exists(CallNode call, ControlFlowNode node |
@@ -67,17 +46,11 @@ class TornadoHttpRequestHandlerWrite extends HttpResponseTaintSink {
         )
     }
 
-    override predicate sinks(TaintKind kind) {
-        kind instanceof StringKind
-    }
-
+    override predicate sinks(TaintKind kind) { kind instanceof StringKind }
 }
 
 class TornadoHttpRequestHandlerRedirect extends HttpResponseTaintSink {
-
-    override string toString() {
-        result = "tornado.HttpRequesHandler.redirect"
-    }
+    override string toString() { result = "tornado.HttpRequesHandler.redirect" }
 
     TornadoHttpRequestHandlerRedirect() {
         exists(CallNode call, ControlFlowNode node |
@@ -87,11 +60,5 @@ class TornadoHttpRequestHandlerRedirect extends HttpResponseTaintSink {
         )
     }
 
-    override predicate sinks(TaintKind kind) {
-        kind instanceof StringKind
-    }
-
+    override predicate sinks(TaintKind kind) { kind instanceof StringKind }
 }
-
-
-

python/ql/src/semmle/python/web/tornado/Tornado.qll

@@ -1,5 +1,4 @@
 import python
-
 import semmle.python.security.TaintTracking
 import semmle.python.web.Http
 
@@ -11,28 +10,31 @@ ClassValue aTornadoRequestHandlerClass() {
     result.getABaseType+() = theTornadoRequestHandlerClass()
 }
 
-/** Holds if `node` is likely to refer to an instance of a tornado
+/**
+ * Holds if `node` is likely to refer to an instance of a tornado
  * `RequestHandler` class.
  */
 predicate isTornadoRequestHandlerInstance(ControlFlowNode node) {
     node.pointsTo().getClass() = aTornadoRequestHandlerClass()
     or
-    /* In some cases, the points-to analysis won't capture all instances we care
-     * about. For these, we use the following syntactic check. First, that
-     * `node` appears inside a method of a subclass of
-     * `tornado.web.RequestHandler`:*/
+    /*
+      * In some cases, the points-to analysis won't capture all instances we care
+      * about. For these, we use the following syntactic check. First, that
+      * `node` appears inside a method of a subclass of
+      * `tornado.web.RequestHandler`:
+      */
+
     node.getScope().getEnclosingScope() = aTornadoRequestHandlerClass().getScope() and
     /* Secondly, that `node` refers to the `self` argument: */
-    node.isLoad() and node.(NameNode).isSelf()
+    node.isLoad() and
+    node.(NameNode).isSelf()
 }
 
 CallNode callToNamedTornadoRequestHandlerMethod(string name) {
     isTornadoRequestHandlerInstance(result.getFunction().(AttrNode).getObject(name))
 }
 
-
 class TornadoCookieSet extends CookieSet, CallNode {
-
     TornadoCookieSet() {
         exists(ControlFlowNode f |
             f = this.getFunction().(AttrNode).getObject("set_cookie") and
@@ -45,5 +47,4 @@ class TornadoCookieSet extends CookieSet, CallNode {
     override ControlFlowNode getKey() { result = this.getArg(0) }
 
     override ControlFlowNode getValue() { result = this.getArg(1) }
-
 }