Skip to content

Commit 485f397

Browse files
tausbnNapalys
tausbn
authored and
Napalys
committed
Python: Use AttrWrite.writes
Also applies @Napalys' fix to the base case.
1 parent 2a0431f commit 485f397

File tree

2 files changed

+9
-12
lines changed

2 files changed

+9
-12
lines changed

python/ql/lib/semmle/python/dataflow/new/internal/Attributes.qll

Lines changed: 2 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -235,13 +235,9 @@ private class ClassDefinitionAsAttrWrite extends AttrWrite, CfgNode {
235235
* - Qualified imports: `from module import attr as name`
236236
*/
237237
abstract class AttrRead extends AttrRef, Node, LocalSourceNode {
238-
239238
/** Holds if this attribute read reads the attribute named `attrName` on the object `object`. */
240-
predicate reads(Node object, string attrName) {
241-
this.accesses(object, attrName)
242-
}
243-
244-
}
239+
predicate reads(Node object, string attrName) { this.accesses(object, attrName) }
240+
}
245241

246242
/** A simple attribute read, e.g. `object.attr` */
247243
private class AttributeReadAsAttrRead extends AttrRead, CfgNode {

python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll

Lines changed: 7 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -574,16 +574,15 @@ predicate globalVariableNestedFieldJumpStep(Node nodeFrom, Node nodeTo) {
574574
) and
575575
write.getAttributeName() = read.getAttributeName() and
576576
nodeFrom = write.getValue() and
577-
nodeTo = read //and
578-
//write.getEnclosingCallable() != read.getEnclosingCallable()
577+
nodeTo = read
579578
)
580579
}
581580

582581
/**
583582
* Maximum depth for global variable nested attribute access.
584583
* Depth 0 = globalVar.foo, depth 1 = globalVar.foo.bar, depth 2 = globalVar.foo.bar.baz, etc.
585584
*/
586-
private int getMaxGlobalVariableDepth() { result = 10 }
585+
private int getMaxGlobalVariableDepth() { result = 2 }
587586

588587
/**
589588
* Holds if `node` is an attribute access path starting from global variable `globalVar`.
@@ -604,13 +603,15 @@ predicate globalVariableAttrPathAtDepth(
604603
) {
605604
// Base case: Direct global variable access (depth 0)
606605
depth = 0 and
607-
node in [globalVar.getARead(), globalVar.getAWrite(), globalVar] and
606+
// We use `globalVar` instead of `globalVar.getAWrite()` due to some weirdness with how
607+
// attribute writes are handled in the global scope (see `GlobalAttributeAssignmentAsAttrWrite`).
608+
node in [globalVar.getARead(), globalVar] and
608609
accessPath = ""
609610
or
610611
exists(Node obj, string attrName, string parentAccessPath, int parentDepth |
611-
node.(AttrRead).accesses(obj, attrName)
612+
node.(AttrRead).reads(obj, attrName)
612613
or
613-
exists(AttrWrite aw | aw.accesses(obj, attrName) and aw.getValue() = node)
614+
any(AttrWrite aw).writes(obj, attrName, node)
614615
|
615616
globalVariableAttrPathAtDepth(globalVar, parentAccessPath, obj, parentDepth) and
616617
accessPath = parentAccessPath + "." + attrName and

0 commit comments

Comments
 (0)