Add python cx_oracle, phoenixdb, pyodbc models

sylwia-budzynska · sylwia-budzynska · commit 319923f44552 · 2022-10-11T15:29:57.000+02:00
diff --git a/docs/codeql/support/reusables/frameworks.rst b/docs/codeql/support/reusables/frameworks.rst
@@ -221,11 +221,14 @@ and the CodeQL library pack ``codeql/python-all`` (`changelog <https://github.co
    aiopg, Database
    asyncpg, Database
    clickhouse-driver, Database
+   cx_Oracle, Database
    mysql-connector-python, Database
    mysql-connector, Database
    MySQL-python, Database
    mysqlclient, Database
+   phoenixdb, Database
    psycopg2, Database
+   pyodbc, Database
    sqlite3, Database
    Flask-SQLAlchemy, Database ORM
    peewee, Database ORM
diff --git a/python/ql/lib/semmle/python/Frameworks.qll b/python/ql/lib/semmle/python/Frameworks.qll
@@ -54,3 +54,6 @@ private import semmle.python.frameworks.Urllib3
 private import semmle.python.frameworks.Yaml
 private import semmle.python.frameworks.Yarl
 private import semmle.python.frameworks.Xmltodict
+private import semmle.python.frameworks.Cx_Oracle
+private import semmle.python.frameworks.Phoenixdb
+private import semmle.python.frameworks.Pyodbc
diff --git a/python/ql/lib/semmle/python/frameworks/Cx_Oracle.qll b/python/ql/lib/semmle/python/frameworks/Cx_Oracle.qll
@@ -0,0 +1,34 @@
+/**
+ * Provides classes modeling security-relevant aspects of the `cx_Oracle` PyPI package.
+ *
+ * See
+ * - https://github.com/oracle/python-cx_Oracle
+ * - https://pypi.org/project/cx-Oracle/
+ */
+
+private import python
+private import semmle.python.dataflow.new.DataFlow
+private import semmle.python.dataflow.new.RemoteFlowSources
+private import semmle.python.Concepts
+private import semmle.python.ApiGraphs
+private import semmle.python.frameworks.PEP249
+
+/**
+ * Provides models for the `cx_Oracle` PyPI package.
+ *
+ * See
+ * - https://github.com/oracle/python-cx_Oracle
+ * - https://pypi.org/project/cx-Oracle/
+ */
+private module Cx_Oracle {
+  // ---------------------------------------------------------------------------
+  // Cx_Oracle
+  // ---------------------------------------------------------------------------
+  /**
+   * A model for Cx_Oracle as a module that implements PEP 249, providing ways to execute SQL statements
+   * against a database.
+   */
+  class Cx_Oracle extends PEP249::PEP249ModuleApiNode {
+    Cx_Oracle() { this = API::moduleImport("cx_Oracle") }
+  }
+}
diff --git a/python/ql/lib/semmle/python/frameworks/Phoenixdb.qll b/python/ql/lib/semmle/python/frameworks/Phoenixdb.qll
@@ -0,0 +1,34 @@
+/**
+ * Provides classes modeling security-relevant aspects of the `phoenixdb` PyPI package.
+ *
+ * See
+ * - https://github.com/apache/phoenix-queryserver/tree/master/python-phoenixdb
+ * - https://pypi.org/project/phoenixdb/
+ */
+
+private import python
+private import semmle.python.dataflow.new.DataFlow
+private import semmle.python.dataflow.new.RemoteFlowSources
+private import semmle.python.Concepts
+private import semmle.python.ApiGraphs
+private import semmle.python.frameworks.PEP249
+
+/**
+ * Provides models for the `phoenixdb` PyPI package.
+ *
+ * See
+ * - https://github.com/apache/phoenix-queryserver/tree/master/python-phoenixdb
+ * - https://pypi.org/project/phoenixdb/
+ */
+private module Phoenixdb {
+  // ---------------------------------------------------------------------------
+  // Phoenixdb
+  // ---------------------------------------------------------------------------
+  /**
+   * A model for Phoenixdb as a module that implements PEP 249, providing ways to execute SQL statements
+   * against a database.
+   */
+  class Phoenixdb extends PEP249::PEP249ModuleApiNode {
+    Phoenixdb() { this = API::moduleImport("phoenixdb") }
+  }
+}
diff --git a/python/ql/lib/semmle/python/frameworks/Pyodbc.qll b/python/ql/lib/semmle/python/frameworks/Pyodbc.qll
@@ -0,0 +1,34 @@
+/**
+ * Provides classes modeling security-relevant aspects of the `pyodbc` PyPI package.
+ *
+ * See
+ * - https://github.com/mkleehammer/pyodbc/wiki
+ * - https://pypi.org/project/pyodbc/ 
+ */
+
+private import python
+private import semmle.python.dataflow.new.DataFlow
+private import semmle.python.dataflow.new.RemoteFlowSources
+private import semmle.python.Concepts
+private import semmle.python.ApiGraphs
+private import semmle.python.frameworks.PEP249
+
+/**
+ * Provides models for the `pyodbc` PyPI package.
+ *
+ * See
+ * - https://github.com/mkleehammer/pyodbc/wiki
+ * - https://pypi.org/project/pyodbc/
+ */
+private module Pyodbc {
+  // ---------------------------------------------------------------------------
+  // Pyodbc
+  // ---------------------------------------------------------------------------
+  /**
+   * A model for Pyodbc as a module that implements PEP 249, providing ways to execute SQL statements
+   * against a database.
+   */
+  class Pyodbc extends PEP249::PEP249ModuleApiNode {
+    Pyodbc() { this = API::moduleImport("pyodbc") }
+  }
+}
