Python: Revert manual pickle modeling

RasmusWL · RasmusWL · commit aa5eee1eac30 · 2023-12-08T11:27:53.000+01:00
This reverts commit 62910f0. This reverts commit 75a8197. We don't find `kombu.serialization.pickle_load` since we respect `__all__`. I think that was an attempt to not flood the captured modeling with useless re-exports, but I think we've ended up doing that anyway... we should consider to remove that restriction! see https://github.com/celery/kombu/blob/21d7df29c7d4a1dfb8586f24ca6eaf65b9c8cc16/kombu/serialization.py#L29
diff --git a/python/ql/lib/semmle/python/frameworks/Stdlib.qll b/python/ql/lib/semmle/python/frameworks/Stdlib.qll
@@ -1299,20 +1299,35 @@ module StdlibPrivate {
   // ---------------------------------------------------------------------------
   /** Gets a reference to any of the `pickle` modules. */
   API::Node pickle() {
-    result = API::moduleImport(["pickle", "cPickle", "_pickle", "cloudpickle"]) or
-    result = API::moduleImport("kombu").getMember("serialization").getMember("pickle")
+    result = API::moduleImport(["pickle", "cPickle", "_pickle"])
+    or
+    result = ModelOutput::getATypeNode("pickle~Alias")
+  }
+
+  /**
+   * A reference to `pickle.load`
+   */
+  API::Node pickle_load() {
+    result = pickle().getMember("load")
+    or
+    result = ModelOutput::getATypeNode("pickle.load~Alias")
+  }
+
+  /**
+   * A reference to `pickle.loads`
+   */
+  API::Node pickle_loads() {
+    result = pickle().getMember("loads")
+    or
+    result = ModelOutput::getATypeNode("pickle.loads~Alias")
   }
 
   /**
    * A call to `pickle.load`
    * See https://docs.python.org/3/library/pickle.html#pickle.load
    */
-  private class PickleLoadCall extends Decoding::Range, DataFlow::CallCfgNode {
-    PickleLoadCall() {
-      this = pickle().getMember("load").getACall() or
-      this =
-        API::moduleImport("kombu").getMember("serialization").getMember("pickle_load").getACall()
-    }
+  private class PickleLoadCall extends Decoding::Range, API::CallNode {
+    PickleLoadCall() { this = pickle_load().getACall() }
 
     override predicate mayExecuteInput() { any() }
 
@@ -1327,8 +1342,8 @@ module StdlibPrivate {
    * A call to `pickle.loads`
    * See https://docs.python.org/3/library/pickle.html#pickle.loads
    */
-  private class PickleLoadsCall extends Decoding::Range, DataFlow::CallCfgNode {
-    PickleLoadsCall() { this = pickle().getMember("loads").getACall() }
+  private class PickleLoadsCall extends Decoding::Range, API::CallNode {
+    PickleLoadsCall() { this = pickle_loads().getACall() }
 
     override predicate mayExecuteInput() { any() }
 
diff --git a/python/ql/src/meta/ClassHierarchy/Find.ql b/python/ql/src/meta/ClassHierarchy/Find.ql
@@ -464,6 +464,24 @@ class LxmlETreeAlias extends FindSubclassesSpec {
   override API::Node getAlreadyModeledClass() { result = Lxml::etreeRef() }
 }
 
+class PickleAlias extends FindSubclassesSpec {
+  PickleAlias() { this = "pickle~Alias" }
+
+  override API::Node getAlreadyModeledClass() { result = StdlibPrivate::pickle() }
+}
+
+class PickleLoadAlias extends FindSubclassesSpec {
+  PickleLoadAlias() { this = "pickle.load~Alias" }
+
+  override API::Node getAlreadyModeledClass() { result = StdlibPrivate::pickle_load() }
+}
+
+class PickleLoadsAlias extends FindSubclassesSpec {
+  PickleLoadsAlias() { this = "pickle.loads~Alias" }
+
+  override API::Node getAlreadyModeledClass() { result = StdlibPrivate::pickle_loads() }
+}
+
 bindingset[fullyQualified]
 predicate fullyQualifiedToYamlFormat(string fullyQualified, string type2, string path) {
   exists(int firstDot | firstDot = fullyQualified.indexOf(".", 0, 0) |
