Python: Model os.path-functions

yoff · yoff · commit f2fbeed49035 · 2021-09-23T15:30:00.000+02:00
diff --git a/python/ql/lib/semmle/python/frameworks/Stdlib.qll b/python/ql/lib/semmle/python/frameworks/Stdlib.qll
@@ -195,6 +195,32 @@ private module StdlibPrivate {
     }
   }
 
+  /**
+   * A call to `os.path.exists` or `os.path.lexists` will check if a file exists on the file system.
+   * The `os.path` module offers e number of methods for checking if a file exists and/or has certain
+   * properties, leading to a file system access.
+   * (Although, on some platforms, the check may return `false` due to missing permissions.)
+   * See:
+   *  - https://docs.python.org/3/library/os.path.html#os.path.exists
+   *  - https://docs.python.org/3/library/os.path.html#os.path.lexists
+   *  - https://docs.python.org/3/library/os.path.html#os.path.isfile
+   *  - https://docs.python.org/3/library/os.path.html#os.path.isdir
+   *  - https://docs.python.org/3/library/os.path.html#os.path.islink
+   *  - https://docs.python.org/3/library/os.path.html#os.path.ismount
+   */
+  private class OsPathProbingCall extends FileSystemAccess::Range, DataFlow::CallCfgNode {
+    OsPathProbingCall() {
+      this =
+        os::path()
+            .getMember(["exists", "lexists", "isfile", "isdir", "islink", "ismount"])
+            .getACall()
+    }
+
+    override DataFlow::Node getAPathArgument() {
+      result in [this.getArg(0), this.getArgByName("path")]
+    }
+  }
+
   /**
    * A call to `os.path.normpath`.
    * See https://docs.python.org/3/library/os.path.html#os.path.normpath
diff --git a/python/ql/test/library-tests/frameworks/stdlib/FileSystemAccess.py b/python/ql/test/library-tests/frameworks/stdlib/FileSystemAccess.py
@@ -29,8 +29,8 @@ def through_function(open_file):
 through_function(f)
 
 from os import path
-path.exists("filepath")  # $ MISSING: getAPathArgument="filepath"
-path.isfile("filepath")  # $ MISSING: getAPathArgument="filepath"
-path.isdir("filepath")  # $ MISSING: getAPathArgument="filepath"
-path.islink("filepath")  # $ MISSING: getAPathArgument="filepath"
-path.ismount("filepath")  # $ MISSING: getAPathArgument="filepath"
+path.exists("filepath")  # $ getAPathArgument="filepath"
+path.isfile("filepath")  # $ getAPathArgument="filepath"
+path.isdir("filepath")  # $ getAPathArgument="filepath"
+path.islink("filepath")  # $ getAPathArgument="filepath"
+path.ismount("filepath")  # $ getAPathArgument="filepath"
