From 719eb563ef5fefe796fd70a0afad93c0211e3378 Mon Sep 17 00:00:00 2001 From: Rebecca Valentine Date: Tue, 11 Feb 2020 21:58:38 -0800 Subject: [PATCH 1/6] Adds the...Type() predicates as foresight modernizations. --- .../src/semmle/python/objects/ObjectAPI.qll | 156 ++++++++++++++++-- 1 file changed, 138 insertions(+), 18 deletions(-) diff --git a/python/ql/src/semmle/python/objects/ObjectAPI.qll b/python/ql/src/semmle/python/objects/ObjectAPI.qll index 5fb15229b966..fe25e41a2cea 100644 --- a/python/ql/src/semmle/python/objects/ObjectAPI.qll +++ b/python/ql/src/semmle/python/objects/ObjectAPI.qll @@ -668,40 +668,57 @@ module ClassValue { ClassValue bool() { result = TBuiltinClassObject(Builtin::special("bool")) } - + + /** Get the `ClassValue` for the `tuple` class. */ + ClassValue tupleType() { + result = TBuiltinClassObject(Builtin::special("tuple")) + } + + /** Get the `ClassValue` for the `list` class. */ + ClassValue listType() { + result = TBuiltinClassObject(Builtin::special("list")) + } + + /** Get the `ClassValue` for the `(x)range` class. */ + ClassValue rangeType() { + result = Builtin::special("xrange") + or + major_version() = 3 and result = Builtin::special("range") + } + /** Get the `ClassValue` for the `dict` class. */ ClassValue dict() { result = TBuiltinClassObject(Builtin::special("dict")) } - - /** Get the `ClassValue` for the class of Python functions. */ - ClassValue function() { - result = TBuiltinClassObject(Builtin::special("FunctionType")) + + /** Get the `ClassValue` for the `set` class. */ + ClassValue setType() { + result = TBuiltinClassObject(Builtin::special("set")) } - - /** Get the `ClassValue` for the `type` class. */ - ClassValue type() { - result = TType() - } - - /** Get the `ClassValue` for the class of builtin functions. */ - ClassValue builtinFunction() { - result = Value::named("len").getClass() + + /** Get the `ClassValue` for the `object` class. */ + ClassValue objectType() { + result = TBuiltinClassObject(Builtin::special("object")) } /** Get the `ClassValue` for the `int` class. */ ClassValue int_() { result = TBuiltinClassObject(Builtin::special("int")) } + + /** Get the `ClassValue` for the `long` class. */ + ClassValue longType() { + result = TBuiltinClassObject(Builtin::special("long")) + } /** Get the `ClassValue` for the `float` class. */ ClassValue float_() { result = TBuiltinClassObject(Builtin::special("float")) } - - /** Get the `ClassValue` for the `list` class. */ - ClassValue list() { - result = TBuiltinClassObject(Builtin::special("list")) + + /** Get the `ClassValue` for the `complex` class. */ + ClassValue complexType() { + result = TBuiltinClassObject(Builtin::special("complex")) } /** Get the `ClassValue` for the `bytes` class (also called `str` in Python 2). */ @@ -723,7 +740,54 @@ module ClassValue { else result = unicode() } + + /** Get the `ClassValue` for the builtin properties. */ + ClassValue builtinPropertyType() { + /* This is CPython specific */ + result.isC() and + result.getName() = "getset_descriptor" + } + + /** Get the `ClassValue` for the `property` class. */ + ClassValue propertyType() { + result = TBuiltinClassObject(Builtin::special("property")) + } + + /** Get the `ClassValue` for the class of Python functions. */ + ClassValue function() { + result = TBuiltinClassObject(Builtin::special("FunctionType")) + } + /** Get the `ClassValue` for the class of builtin functions. */ + ClassValue builtinFunction() { + result = Value::named("len").getClass() + } + + /** Get the `ClassValue` for the `generatorType` class. */ + ClassValue generatorType() { + result = TBuiltinClassObject(Builtin::special("generator")) + } + + /** Get the `ClassValue` for the `type` class. */ + ClassValue type() { + result = TType() + } + + /** Get the `ClassValue` for `ClassType`. */ + ClassValue classType() { + result = TBuiltinClassObject(Builtin::special("ClassType")) + } + + /** Get the `ClassValue` for `InstanceType`. */ + ClassValue instanceType() { + result = TBuiltinClassObject(Builtin::special("InstanceType")) + } + + /** Get the `ClassValue` for `super`. */ + ClassValue superType() { + result = TBuiltinClassObject(Builtin::special("super")) + } + /** Get the `ClassValue` for the `classmethod` class. */ ClassValue classmethod() { result = TBuiltinClassObject(Builtin::special("ClassMethod")) @@ -733,20 +797,76 @@ module ClassValue { ClassValue staticmethod() { result = TBuiltinClassObject(Builtin::special("StaticMethod")) } + + /** Get the `ClassValue` for the `MethodType` class. */ + pragma [noinline] + ClassValue boundMethodType() { + result = TBuiltinClassObject(Builtin::special("MethodType")) + } + + /** Get the `ClassValue` for the `MethodDescriptorType` class. */ + ClassValue methodDescriptorType() { + result = TBuiltinClassObject(Builtin::special("MethodDescriptorType")) + } + + /** Get the `ClassValue` for the `GetSetDescriptorType` class. */ + ClassValue getSetDescriptorType() { + result = TBuiltinClassObject(Builtin::special("GetSetDescriptorType")) + } + + /** Get the `ClassValue` for the `StopIteration` class. */ + ClassValue stopIterationType() { + result = TBuiltinClassObject(Builtin::special("StopIteration")) + } /** Get the `ClassValue` for the class of modules. */ ClassValue module_() { result = TBuiltinClassObject(Builtin::special("ModuleType")) } + /** Get the `ClassValue` for the `Exception` class. */ + ClassValue exceptionType() { + result = TBuiltinClassObject(Builtin::special("Exception")) + } + + /** Get the `ClassValue` for the `BaseException` class. */ + ClassValue baseExceptionType() { + result = TBuiltinClassObject(Builtin::special("BaseException")) + } + /** Get the `ClassValue` for the `NoneType` class. */ ClassValue nonetype() { result = TBuiltinClassObject(Builtin::special("NoneType")) } + + /** Get the `ClassValue` for the `TypeError` class */ + ClassValue typeErrorType() { + result = TBuiltinClassObject(Builtin::special("TypeError")) + } /** Get the `ClassValue` for the `NameError` class. */ ClassValue nameError() { result = TBuiltinClassObject(Builtin::builtin("NameError")) } + + /** Get the `ClassValue` for the `AttributeError` class. */ + ClassValue attributeErrorType() { + result = TBuiltinClassObject(Builtin::builtin("AttributeError")) + } + + /** Get the `ClassValue` for the `KeyError` class. */ + ClassValue keyErrorType() { + result = TBuiltinClassObject(Builtin::builtin("KeyError")) + } + + /** Get the `ClassValue` for the `IOError` class. */ + ClassValue ioErrorType() { + result = TBuiltinClassObject(Builtin::builtin("IOError")) + } + + /** Get the `ClassValue` for the `NotImplementedError` class. */ + ClassValue notImplementedError() { + result = TBuiltinClassObject(Builtin::builtin("NotImplementedError")) + } } From fd2d4b2393da6c1b045ac686ec5622289baa1053 Mon Sep 17 00:00:00 2001 From: Rebecca Valentine Date: Wed, 12 Feb 2020 15:36:07 -0800 Subject: [PATCH 2/6] Removes predicates that are not currently ported/portable --- python/ql/src/semmle/python/objects/ObjectAPI.qll | 14 -------------- 1 file changed, 14 deletions(-) diff --git a/python/ql/src/semmle/python/objects/ObjectAPI.qll b/python/ql/src/semmle/python/objects/ObjectAPI.qll index fe25e41a2cea..25bce2d62014 100644 --- a/python/ql/src/semmle/python/objects/ObjectAPI.qll +++ b/python/ql/src/semmle/python/objects/ObjectAPI.qll @@ -679,13 +679,6 @@ module ClassValue { result = TBuiltinClassObject(Builtin::special("list")) } - /** Get the `ClassValue` for the `(x)range` class. */ - ClassValue rangeType() { - result = Builtin::special("xrange") - or - major_version() = 3 and result = Builtin::special("range") - } - /** Get the `ClassValue` for the `dict` class. */ ClassValue dict() { result = TBuiltinClassObject(Builtin::special("dict")) @@ -741,13 +734,6 @@ module ClassValue { result = unicode() } - /** Get the `ClassValue` for the builtin properties. */ - ClassValue builtinPropertyType() { - /* This is CPython specific */ - result.isC() and - result.getName() = "getset_descriptor" - } - /** Get the `ClassValue` for the `property` class. */ ClassValue propertyType() { result = TBuiltinClassObject(Builtin::special("property")) From 577a6a583046c938012f74b0d10947c42ef279b2 Mon Sep 17 00:00:00 2001 From: Rebecca Valentine Date: Wed, 12 Feb 2020 19:37:20 -0800 Subject: [PATCH 3/6] Adds range types --- python/ql/src/semmle/python/objects/ObjectAPI.qll | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/python/ql/src/semmle/python/objects/ObjectAPI.qll b/python/ql/src/semmle/python/objects/ObjectAPI.qll index 25bce2d62014..e3fd248f1fdf 100644 --- a/python/ql/src/semmle/python/objects/ObjectAPI.qll +++ b/python/ql/src/semmle/python/objects/ObjectAPI.qll @@ -679,6 +679,13 @@ module ClassValue { result = TBuiltinClassObject(Builtin::special("list")) } + /** The builtin class '(x)range' */ + ClassValue rangeType() { + result = TBuiltinClassObject(Builtin::special("xrange")) + or + major_version() = 3 and result = TBuiltinClassObject(Builtin::special("range")) + } + /** Get the `ClassValue` for the `dict` class. */ ClassValue dict() { result = TBuiltinClassObject(Builtin::special("dict")) From b92a1a826926d08aec8ce40cea487e8107c3a0f6 Mon Sep 17 00:00:00 2001 From: Rebecca Valentine <171941+BekaValentine@users.noreply.github.com> Date: Thu, 13 Feb 2020 11:12:35 -0800 Subject: [PATCH 4/6] Update python/ql/src/semmle/python/objects/ObjectAPI.qll Co-Authored-By: Rasmus Wriedt Larsen --- python/ql/src/semmle/python/objects/ObjectAPI.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/python/ql/src/semmle/python/objects/ObjectAPI.qll b/python/ql/src/semmle/python/objects/ObjectAPI.qll index e3fd248f1fdf..fd972e561457 100644 --- a/python/ql/src/semmle/python/objects/ObjectAPI.qll +++ b/python/ql/src/semmle/python/objects/ObjectAPI.qll @@ -679,7 +679,7 @@ module ClassValue { result = TBuiltinClassObject(Builtin::special("list")) } - /** The builtin class '(x)range' */ + /** Get the `ClassValue` for `xrange` (Python 2), or `range` (only Python 3) */ ClassValue rangeType() { result = TBuiltinClassObject(Builtin::special("xrange")) or From 8a5e79dd11c026d6498c0563eb7f40b65c78fb3f Mon Sep 17 00:00:00 2001 From: Rebecca Valentine <171941+BekaValentine@users.noreply.github.com> Date: Thu, 13 Feb 2020 11:12:51 -0800 Subject: [PATCH 5/6] Update python/ql/src/semmle/python/objects/ObjectAPI.qll Co-Authored-By: Rasmus Wriedt Larsen --- python/ql/src/semmle/python/objects/ObjectAPI.qll | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/python/ql/src/semmle/python/objects/ObjectAPI.qll b/python/ql/src/semmle/python/objects/ObjectAPI.qll index fd972e561457..cb72b8258d76 100644 --- a/python/ql/src/semmle/python/objects/ObjectAPI.qll +++ b/python/ql/src/semmle/python/objects/ObjectAPI.qll @@ -681,7 +681,7 @@ module ClassValue { /** Get the `ClassValue` for `xrange` (Python 2), or `range` (only Python 3) */ ClassValue rangeType() { - result = TBuiltinClassObject(Builtin::special("xrange")) + major_version() = 2 and result = TBuiltinClassObject(Builtin::special("xrange")) or major_version() = 3 and result = TBuiltinClassObject(Builtin::special("range")) } From 222412840dee92036c28675b0030f3d6fd208f72 Mon Sep 17 00:00:00 2001 From: Rebecca Valentine Date: Mon, 17 Feb 2020 11:38:18 -0800 Subject: [PATCH 6/6] Swaps xType for just x, at least when it's new --- .../src/semmle/python/objects/ObjectAPI.qll | 38 +++++++++---------- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/python/ql/src/semmle/python/objects/ObjectAPI.qll b/python/ql/src/semmle/python/objects/ObjectAPI.qll index cb72b8258d76..df4cdbb9cbf5 100644 --- a/python/ql/src/semmle/python/objects/ObjectAPI.qll +++ b/python/ql/src/semmle/python/objects/ObjectAPI.qll @@ -670,17 +670,17 @@ module ClassValue { } /** Get the `ClassValue` for the `tuple` class. */ - ClassValue tupleType() { + ClassValue tuple() { result = TBuiltinClassObject(Builtin::special("tuple")) } /** Get the `ClassValue` for the `list` class. */ - ClassValue listType() { + ClassValue list() { result = TBuiltinClassObject(Builtin::special("list")) } /** Get the `ClassValue` for `xrange` (Python 2), or `range` (only Python 3) */ - ClassValue rangeType() { + ClassValue range() { major_version() = 2 and result = TBuiltinClassObject(Builtin::special("xrange")) or major_version() = 3 and result = TBuiltinClassObject(Builtin::special("range")) @@ -692,12 +692,12 @@ module ClassValue { } /** Get the `ClassValue` for the `set` class. */ - ClassValue setType() { + ClassValue set() { result = TBuiltinClassObject(Builtin::special("set")) } /** Get the `ClassValue` for the `object` class. */ - ClassValue objectType() { + ClassValue object() { result = TBuiltinClassObject(Builtin::special("object")) } @@ -707,7 +707,7 @@ module ClassValue { } /** Get the `ClassValue` for the `long` class. */ - ClassValue longType() { + ClassValue long() { result = TBuiltinClassObject(Builtin::special("long")) } @@ -717,7 +717,7 @@ module ClassValue { } /** Get the `ClassValue` for the `complex` class. */ - ClassValue complexType() { + ClassValue complex() { result = TBuiltinClassObject(Builtin::special("complex")) } @@ -742,12 +742,12 @@ module ClassValue { } /** Get the `ClassValue` for the `property` class. */ - ClassValue propertyType() { + ClassValue property() { result = TBuiltinClassObject(Builtin::special("property")) } /** Get the `ClassValue` for the class of Python functions. */ - ClassValue function() { + ClassValue functionType() { result = TBuiltinClassObject(Builtin::special("FunctionType")) } @@ -757,7 +757,7 @@ module ClassValue { } /** Get the `ClassValue` for the `generatorType` class. */ - ClassValue generatorType() { + ClassValue generator() { result = TBuiltinClassObject(Builtin::special("generator")) } @@ -777,7 +777,7 @@ module ClassValue { } /** Get the `ClassValue` for `super`. */ - ClassValue superType() { + ClassValue super_() { result = TBuiltinClassObject(Builtin::special("super")) } @@ -793,7 +793,7 @@ module ClassValue { /** Get the `ClassValue` for the `MethodType` class. */ pragma [noinline] - ClassValue boundMethodType() { + ClassValue methodType() { result = TBuiltinClassObject(Builtin::special("MethodType")) } @@ -808,7 +808,7 @@ module ClassValue { } /** Get the `ClassValue` for the `StopIteration` class. */ - ClassValue stopIterationType() { + ClassValue stopIteration() { result = TBuiltinClassObject(Builtin::special("StopIteration")) } @@ -818,12 +818,12 @@ module ClassValue { } /** Get the `ClassValue` for the `Exception` class. */ - ClassValue exceptionType() { + ClassValue exception() { result = TBuiltinClassObject(Builtin::special("Exception")) } /** Get the `ClassValue` for the `BaseException` class. */ - ClassValue baseExceptionType() { + ClassValue baseException() { result = TBuiltinClassObject(Builtin::special("BaseException")) } @@ -833,7 +833,7 @@ module ClassValue { } /** Get the `ClassValue` for the `TypeError` class */ - ClassValue typeErrorType() { + ClassValue typeError() { result = TBuiltinClassObject(Builtin::special("TypeError")) } @@ -843,17 +843,17 @@ module ClassValue { } /** Get the `ClassValue` for the `AttributeError` class. */ - ClassValue attributeErrorType() { + ClassValue attributeError() { result = TBuiltinClassObject(Builtin::builtin("AttributeError")) } /** Get the `ClassValue` for the `KeyError` class. */ - ClassValue keyErrorType() { + ClassValue keyError() { result = TBuiltinClassObject(Builtin::builtin("KeyError")) } /** Get the `ClassValue` for the `IOError` class. */ - ClassValue ioErrorType() { + ClassValue ioError() { result = TBuiltinClassObject(Builtin::builtin("IOError")) }