Python: Apply suggestions from code review

RasmusWL · yoff · web-flow · commit 7b92012edf66 · 2021-03-18T10:58:49.000+01:00
Co-authored-by: yoff &lt;lerchedahl@gmail.com&gt;
diff --git a/python/ql/src/semmle/python/Concepts.qll b/python/ql/src/semmle/python/Concepts.qll
@@ -545,7 +545,7 @@ module Cryptography {
       /** Gets the name of the cryptographic algorithm (for example `"RSA"` or `"AES"`). */
       string getName() { result = range.getName() }
 
-      /** Gets the argument that specifies size of the key in bits, if available. */
+      /** Gets the argument that specifies the size of the key in bits, if available. */
       DataFlow::Node getKeySizeArg() { result = range.getKeySizeArg() }
 
       /**
@@ -600,7 +600,7 @@ module Cryptography {
         /** Gets the name of the cryptographic algorithm (for example `"RSA"`). */
         abstract string getName();
 
-        /** Gets the argument that specifies size of the key in bits, if available. */
+        /** Gets the argument that specifies the size of the key in bits, if available. */
         abstract DataFlow::Node getKeySizeArg();
 
         /**
diff --git a/python/ql/src/semmle/python/frameworks/Cryptodome.qll b/python/ql/src/semmle/python/frameworks/Cryptodome.qll
@@ -77,12 +77,12 @@ private module CryptodomeModel {
     }
 
     /** Gets the argument that specifies the curve to use (a string). */
-    DataFlow::Node getCurveArg() { result in [this.getArgByName("curve")] }
+    DataFlow::Node getCurveArg() { result = this.getArgByName("curve") }
 
     /** Gets the name of the curve to use, as well as the origin that explains how we obtained this name. */
     string getCurveWithOrigin(DataFlow::Node origin) {
       exists(StrConst str | origin = DataFlow::exprNode(str) |
-        origin.(DataFlow::LocalSourceNode).flowsTo(this.getCurveArg()) and
+        origin = this.getCurveArg().getALocalSource() and
         result = str.getText()
       )
     }
diff --git a/python/ql/src/semmle/python/frameworks/Cryptography.qll b/python/ql/src/semmle/python/frameworks/Cryptography.qll
@@ -35,7 +35,7 @@ private module CryptographyModel {
       |
         // obtained by manually looking at source code in
         // https://github.com/pyca/cryptography/blob/cba69f1922803f4f29a3fde01741890d88b8e217/src/cryptography/hazmat/primitives/asymmetric/ec.py#L208-L300
-        curveName = "SECT571R1" and keySize = 570
+        curveName = "SECT571R1" and keySize = 570 // Indeed the numbers do not match.
         or
         curveName = "SECT409R1" and keySize = 409
         or

Original file line number	Diff line number	Diff line change
`@@ -77,12 +77,12 @@ private module CryptodomeModel {`
`77`	`77`	`}`
`78`	`78`
`79`	`79`	`/** Gets the argument that specifies the curve to use (a string). */`
`80`		`- DataFlow::Node getCurveArg() { result in [this.getArgByName("curve")] }`
	`80`	`+ DataFlow::Node getCurveArg() { result = this.getArgByName("curve") }`
`81`	`81`
`82`	`82`	`/** Gets the name of the curve to use, as well as the origin that explains how we obtained this name. */`
`83`	`83`	`string getCurveWithOrigin(DataFlow::Node origin) {`
`84`	`84`	`exists(StrConst str \| origin = DataFlow::exprNode(str) \|`
`85`		`- origin.(DataFlow::LocalSourceNode).flowsTo(this.getCurveArg()) and`
	`85`	`+ origin = this.getCurveArg().getALocalSource() and`
`86`	`86`	`result = str.getText()`
`87`	`87`	`)`
`88`	`88`	`}`
Original file line number	Diff line number	Diff line change
`@@ -35,7 +35,7 @@ private module CryptographyModel {`
`35`	`35`	`\|`
`36`	`36`	`// obtained by manually looking at source code in`
`37`	`37`	`// https://github.com/pyca/cryptography/blob/cba69f1922803f4f29a3fde01741890d88b8e217/src/cryptography/hazmat/primitives/asymmetric/ec.py#L208-L300`
`38`		`- curveName = "SECT571R1" and keySize = 570`
	`38`	`+ curveName = "SECT571R1" and keySize = 570 // Indeed the numbers do not match.`
`39`	`39`	`or`
`40`	`40`	`curveName = "SECT409R1" and keySize = 409`
`41`	`41`	`or`