Merge pull request github#14590 from RasmusWL/fix-dataflow-class-scope

Python: Fix dataflow consistency error due to missing class scope

Author: RasmusWL

python/ql/lib/semmle/python/dataflow/new/internal/DataFlowDispatch.qll

@@ -1352,7 +1352,10 @@ abstract class DataFlowCall extends TDataFlowCall {
   abstract ControlFlowNode getNode();
 
   /** Gets the enclosing callable of this call. */
-  abstract DataFlowCallable getEnclosingCallable();
+  DataFlowCallable getEnclosingCallable() { result = getCallableScope(this.getScope()) }
+
+  /** Gets the scope of this node, if any. */
+  abstract Scope getScope();
 
   /** Gets the location of this dataflow call. */
   abstract Location getLocation();
@@ -1400,7 +1403,7 @@ class NormalCall extends ExtractedDataFlowCall, TNormalCall {
 
   override ControlFlowNode getNode() { result = call }
 
-  override DataFlowCallable getEnclosingCallable() { result.getScope() = call.getScope() }
+  override Scope getScope() { result = call.getScope() }
 
   override DataFlowCallable getCallable() { result.(DataFlowFunction).getScope() = target }
 
@@ -1450,7 +1453,7 @@ class PotentialLibraryCall extends ExtractedDataFlowCall, TPotentialLibraryCall
 
   override ControlFlowNode getNode() { result = call }
 
-  override DataFlowCallable getEnclosingCallable() { result.getScope() = call.getScope() }
+  override Scope getScope() { result = call.getScope() }
 }
 
 /**
@@ -1474,6 +1477,8 @@ class SummaryCall extends DataFlowCall, TSummaryCall {
 
   override DataFlowCallable getEnclosingCallable() { result.asLibraryCallable() = c }
 
+  override Scope getScope() { none() }
+
   override DataFlowCallable getCallable() { none() }
 
   override ArgumentNode getArgument(ArgumentPosition apos) { none() }

python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll

@@ -1044,3 +1044,11 @@ class ContentApprox = Unit;
 /** Gets an approximated value for content `c`. */
 pragma[inline]
 ContentApprox getContentApprox(Content c) { any() }
+
+/** Helper for `.getEnclosingCallable`. */
+DataFlowCallable getCallableScope(Scope s) {
+  result.getScope() = s
+  or
+  not exists(DataFlowCallable c | c.getScope() = s) and
+  result = getCallableScope(s.getEnclosingScope())
+}

python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPublic.qll

@@ -117,14 +117,6 @@ newtype TNode =
     exists(ParameterPosition ppos | ppos.isKeyword(_) | exists(callable.getParameter(ppos)))
   }
 
-/** Helper for `Node::getEnclosingCallable`. */
-private DataFlowCallable getCallableScope(Scope s) {
-  result.getScope() = s
-  or
-  not exists(DataFlowCallable c | c.getScope() = s) and
-  result = getCallableScope(s.getEnclosingScope())
-}
-
 private import semmle.python.internal.CachedStages
 
 /**

python/ql/test/experimental/dataflow/calls/dataflow-consistency.expected

@@ -1,9 +1,5 @@
 uniqueEnclosingCallable
 uniqueCallEnclosingCallable
-| new_cls_param.py:14:6:14:16 | classmethod() | Call should have one enclosing callable but has 0. |
-| test.py:21:6:21:17 | staticmethod() | Call should have one enclosing callable but has 0. |
-| test.py:25:6:25:16 | classmethod() | Call should have one enclosing callable but has 0. |
-| test.py:29:6:29:16 | classmethod() | Call should have one enclosing callable but has 0. |
 uniqueType
 uniqueNodeLocation
 missingLocation

python/ql/test/experimental/dataflow/consistency/class_scope.py

@@ -0,0 +1,25 @@
+# Originally we had module and functions as `DataFlowCallable``, and any call inside a
+# class scope would not have a result for getEnclosingCallable. Since this was only a
+# consistency error for calls, originally we added a new `DataFlowClassScope` only for
+# those classes that had a call in their scope. That's why all the class definitions in
+# this test do a call to the dummy function `func`.
+#
+# Note: this was shortsighted, since most DataFlow::Node use `getCallableScope` helper
+# to define their .getEnclosingCallable(), which picks the first DataFlowCallable to
+# contain the node. (so for some classes that would be DataFlowClassScope, and for some
+# it would be the module/function containing the class definition)
+
+def func(*args, **kwargs):
+    print("func()")
+
+class Cls:
+    func()
+    class Inner:
+        func()
+
+def other_func():
+    class Cls2:
+        func()
+    return Cls2
+
+x = other_func()

python/ql/test/experimental/dataflow/coverage/dataflow-consistency.expected

@@ -1,7 +1,5 @@
 uniqueEnclosingCallable
 uniqueCallEnclosingCallable
-| datamodel.py:71:6:71:16 | classmethod() | Call should have one enclosing callable but has 0. |
-| datamodel.py:76:6:76:17 | staticmethod() | Call should have one enclosing callable but has 0. |
 uniqueType
 uniqueNodeLocation
 missingLocation

python/ql/test/experimental/dataflow/variable-capture/dataflow-consistency.expected

@@ -1,11 +1,5 @@
 uniqueEnclosingCallable
 uniqueCallEnclosingCallable
-| test_collections.py:39:17:39:38 | Lambda() | Call should have one enclosing callable but has 0. |
-| test_collections.py:39:17:39:38 | Lambda() | Call should have one enclosing callable but has 0. |
-| test_collections.py:45:19:45:24 | mod() | Call should have one enclosing callable but has 0. |
-| test_collections.py:45:19:45:24 | mod() | Call should have one enclosing callable but has 0. |
-| test_collections.py:52:13:52:24 | mod_local() | Call should have one enclosing callable but has 0. |
-| test_collections.py:52:13:52:24 | mod_local() | Call should have one enclosing callable but has 0. |
 uniqueType
 uniqueNodeLocation
 missingLocation

python/ql/test/experimental/library-tests/CallGraph/dataflow-consistency.expected

@@ -1,36 +1,5 @@
 uniqueEnclosingCallable
 uniqueCallEnclosingCallable
-| code/bound_method_arg.py:5:6:5:16 | classmethod() | Call should have one enclosing callable but has 0. |
-| code/callable_as_argument.py:37:6:37:17 | staticmethod() | Call should have one enclosing callable but has 0. |
-| code/callable_as_argument.py:49:10:49:21 | staticmethod() | Call should have one enclosing callable but has 0. |
-| code/class_construction.py:13:6:13:16 | classmethod() | Call should have one enclosing callable but has 0. |
-| code/class_properties.py:9:6:9:13 | property() | Call should have one enclosing callable but has 0. |
-| code/class_properties.py:11:9:11:32 | print() | Call should have one enclosing callable but has 0. |
-| code/class_properties.py:14:6:14:15 | Attribute() | Call should have one enclosing callable but has 0. |
-| code/class_properties.py:19:6:19:16 | Attribute() | Call should have one enclosing callable but has 0. |
-| code/class_properties.py:36:12:36:62 | property() | Call should have one enclosing callable but has 0. |
-| code/class_properties.py:38:6:38:13 | property() | Call should have one enclosing callable but has 0. |
-| code/class_properties.py:40:9:40:38 | print() | Call should have one enclosing callable but has 0. |
-| code/class_subclass.py:10:6:10:17 | staticmethod() | Call should have one enclosing callable but has 0. |
-| code/class_subclass.py:14:6:14:16 | classmethod() | Call should have one enclosing callable but has 0. |
-| code/class_subclass.py:104:6:104:17 | staticmethod() | Call should have one enclosing callable but has 0. |
-| code/class_subclass.py:108:6:108:16 | classmethod() | Call should have one enclosing callable but has 0. |
-| code/class_subclass.py:112:6:112:17 | staticmethod() | Call should have one enclosing callable but has 0. |
-| code/class_subclass.py:116:6:116:16 | classmethod() | Call should have one enclosing callable but has 0. |
-| code/class_subclass.py:120:6:120:16 | classmethod() | Call should have one enclosing callable but has 0. |
-| code/class_subclass.py:149:6:149:17 | staticmethod() | Call should have one enclosing callable but has 0. |
-| code/class_subclass.py:153:6:153:16 | classmethod() | Call should have one enclosing callable but has 0. |
-| code/class_super.py:13:6:13:16 | classmethod() | Call should have one enclosing callable but has 0. |
-| code/class_super.py:28:6:28:17 | staticmethod() | Call should have one enclosing callable but has 0. |
-| code/class_super.py:36:6:36:16 | classmethod() | Call should have one enclosing callable but has 0. |
-| code/class_super.py:40:6:40:16 | classmethod() | Call should have one enclosing callable but has 0. |
-| code/func_defined_outside_class.py:17:18:17:41 | staticmethod() | Call should have one enclosing callable but has 0. |
-| code/func_defined_outside_class.py:18:18:18:40 | classmethod() | Call should have one enclosing callable but has 0. |
-| code/func_defined_outside_class.py:38:11:38:21 | _gen() | Call should have one enclosing callable but has 0. |
-| code/func_defined_outside_class.py:39:11:39:21 | _gen() | Call should have one enclosing callable but has 0. |
-| code/nested_class.py:3:10:3:21 | staticmethod() | Call should have one enclosing callable but has 0. |
-| code/nested_class.py:7:10:7:21 | staticmethod() | Call should have one enclosing callable but has 0. |
-| code/self_passing.py:60:6:60:16 | classmethod() | Call should have one enclosing callable but has 0. |
 uniqueType
 uniqueNodeLocation
 missingLocation

python/ql/test/library-tests/ApiGraphs/py3/dataflow-consistency.expected

@@ -1,9 +1,5 @@
 uniqueEnclosingCallable
 uniqueCallEnclosingCallable
-| test_captured.py:7:22:7:25 | p() | Call should have one enclosing callable but has 0. |
-| test_captured.py:7:22:7:25 | p() | Call should have one enclosing callable but has 0. |
-| test_captured.py:14:26:14:30 | pp() | Call should have one enclosing callable but has 0. |
-| test_captured.py:14:26:14:30 | pp() | Call should have one enclosing callable but has 0. |
 uniqueType
 uniqueNodeLocation
 missingLocation

python/ql/test/library-tests/frameworks/django-orm/dataflow-consistency.expected

@@ -1,40 +1,5 @@
 uniqueEnclosingCallable
 uniqueCallEnclosingCallable
-| testapp/orm_form_test.py:7:12:7:43 | Attribute() | Call should have one enclosing callable but has 0. |
-| testapp/orm_inheritance.py:30:13:30:44 | Attribute() | Call should have one enclosing callable but has 0. |
-| testapp/orm_inheritance.py:34:25:34:56 | Attribute() | Call should have one enclosing callable but has 0. |
-| testapp/orm_inheritance.py:35:33:35:64 | Attribute() | Call should have one enclosing callable but has 0. |
-| testapp/orm_inheritance.py:39:21:39:52 | Attribute() | Call should have one enclosing callable but has 0. |
-| testapp/orm_inheritance.py:40:33:40:64 | Attribute() | Call should have one enclosing callable but has 0. |
-| testapp/orm_inheritance.py:118:13:118:44 | Attribute() | Call should have one enclosing callable but has 0. |
-| testapp/orm_inheritance.py:122:25:122:56 | Attribute() | Call should have one enclosing callable but has 0. |
-| testapp/orm_inheritance.py:123:33:123:64 | Attribute() | Call should have one enclosing callable but has 0. |
-| testapp/orm_inheritance.py:127:21:127:52 | Attribute() | Call should have one enclosing callable but has 0. |
-| testapp/orm_inheritance.py:128:33:128:64 | Attribute() | Call should have one enclosing callable but has 0. |
-| testapp/orm_security_tests.py:16:12:16:43 | Attribute() | Call should have one enclosing callable but has 0. |
-| testapp/orm_security_tests.py:17:11:17:31 | Attribute() | Call should have one enclosing callable but has 0. |
-| testapp/orm_security_tests.py:93:12:93:65 | Attribute() | Call should have one enclosing callable but has 0. |
-| testapp/orm_security_tests.py:112:12:112:65 | Attribute() | Call should have one enclosing callable but has 0. |
-| testapp/orm_tests.py:29:12:29:43 | Attribute() | Call should have one enclosing callable but has 0. |
-| testapp/orm_tests.py:43:12:43:43 | Attribute() | Call should have one enclosing callable but has 0. |
-| testapp/orm_tests.py:59:12:59:61 | Attribute() | Call should have one enclosing callable but has 0. |
-| testapp/orm_tests.py:74:12:74:43 | Attribute() | Call should have one enclosing callable but has 0. |
-| testapp/orm_tests.py:90:12:90:43 | Attribute() | Call should have one enclosing callable but has 0. |
-| testapp/orm_tests.py:111:12:111:43 | Attribute() | Call should have one enclosing callable but has 0. |
-| testapp/orm_tests.py:127:12:127:43 | Attribute() | Call should have one enclosing callable but has 0. |
-| testapp/orm_tests.py:128:13:128:44 | Attribute() | Call should have one enclosing callable but has 0. |
-| testapp/orm_tests.py:145:12:145:43 | Attribute() | Call should have one enclosing callable but has 0. |
-| testapp/orm_tests.py:146:13:146:44 | Attribute() | Call should have one enclosing callable but has 0. |
-| testapp/orm_tests.py:162:12:162:43 | Attribute() | Call should have one enclosing callable but has 0. |
-| testapp/orm_tests.py:178:12:178:43 | Attribute() | Call should have one enclosing callable but has 0. |
-| testapp/orm_tests.py:181:12:181:64 | Attribute() | Call should have one enclosing callable but has 0. |
-| testapp/orm_tests.py:207:12:207:43 | Attribute() | Call should have one enclosing callable but has 0. |
-| testapp/orm_tests.py:208:12:208:70 | Attribute() | Call should have one enclosing callable but has 0. |
-| testapp/orm_tests.py:234:12:234:43 | Attribute() | Call should have one enclosing callable but has 0. |
-| testapp/orm_tests.py:235:12:235:95 | Attribute() | Call should have one enclosing callable but has 0. |
-| testapp/orm_tests.py:256:12:256:43 | Attribute() | Call should have one enclosing callable but has 0. |
-| testapp/orm_tests.py:274:12:274:43 | Attribute() | Call should have one enclosing callable but has 0. |
-| testapp/orm_tests.py:295:12:295:43 | Attribute() | Call should have one enclosing callable but has 0. |
 uniqueType
 uniqueNodeLocation
 missingLocation