From a987eafda3777442d488e9bf8dea20cac86830da Mon Sep 17 00:00:00 2001 From: David Pichardie Date: Mon, 9 Dec 2024 05:55:06 -0800 Subject: [PATCH] [inferpython] restore the previous chaining of globals value Summary: In a previous diff, I changed the chaining of globals parameter because I was facing strange alias specialization behaviors. But the new module object encoding seems to have make this problem disappear. I'm switching back to the old convention and it removes a FN. The other chaining is semantically unsound because it gives the wrong globals to a call `foo()` if `foo` comes from a `from .. import foo`. Reviewed By: jvillard Differential Revision: D66758255 Privacy Context Container: L1208441 fbshipit-source-id: b036db24947fa9df16fc47fcf2198fee7f9d8554 --- infer/man/man1/infer-analyze.txt | 8 - infer/man/man1/infer-full.txt | 9 - infer/man/man1/infer.txt | 9 - infer/src/base/Config.ml | 16 - infer/src/base/Config.mli | 4 - infer/src/pulse/PulseModelsPython.ml | 36 +-- infer/src/python/PyIR2Textual.ml | 21 +- infer/src/python/unit/PyIR2TextualTest.ml | 306 +++++++++--------- .../codetoanalyze/python/pulse/issues.exp | 15 +- .../python/pulse/taint_import_simple.py | 4 +- 10 files changed, 186 insertions(+), 242 deletions(-) diff --git a/infer/man/man1/infer-analyze.txt b/infer/man/man1/infer-analyze.txt index 40b4c68a28..704e73ddda 100644 --- a/infer/man/man1/infer-analyze.txt +++ b/infer/man/man1/infer-analyze.txt @@ -1079,14 +1079,6 @@ PULSE CHECKER OPTIONS --pulse-widen-threshold int Stop exploring new paths after int loop iterations - --python-globals { own-by-closures | own-by-module } - Specify the strategy to wire globals dictionnaire into each - function - - own-by-closures: each closure captured the global - dictionary - - own-by-module: each function is given the global dictionary as - argument (not referenced in the heap to avoid aliases) - RACERD CHECKER OPTIONS --racerd-always-report-java Activates: Every Java class analysed is treated as if it were diff --git a/infer/man/man1/infer-full.txt b/infer/man/man1/infer-full.txt index 32cd84ca9b..ee2792a8be 100644 --- a/infer/man/man1/infer-full.txt +++ b/infer/man/man1/infer-full.txt @@ -1884,15 +1884,6 @@ OPTIONS file2.py but not with --pyc-file. See also infer-capture(1). - --python-globals { own-by-closures | own-by-module } - Specify the strategy to wire globals dictionnaire into each - function - - own-by-closures: each closure captured the global - dictionary - - own-by-module: each function is given the global dictionary as - argument (not referenced in the heap to avoid aliases) - See also infer-analyze(1). - --qualified-cpp-name-block-list +string Skip analyzing the procedures under the qualified cpp type name. See also infer-analyze(1). diff --git a/infer/man/man1/infer.txt b/infer/man/man1/infer.txt index 316ff1a7fc..288b6dc042 100644 --- a/infer/man/man1/infer.txt +++ b/infer/man/man1/infer.txt @@ -1884,15 +1884,6 @@ OPTIONS file2.py but not with --pyc-file. See also infer-capture(1). - --python-globals { own-by-closures | own-by-module } - Specify the strategy to wire globals dictionnaire into each - function - - own-by-closures: each closure captured the global - dictionary - - own-by-module: each function is given the global dictionary as - argument (not referenced in the heap to avoid aliases) - See also infer-analyze(1). - --qualified-cpp-name-block-list +string Skip analyzing the procedures under the qualified cpp type name. See also infer-analyze(1). diff --git a/infer/src/base/Config.ml b/infer/src/base/Config.ml index 4c3107fda2..47d31e2681 100644 --- a/infer/src/base/Config.ml +++ b/infer/src/base/Config.ml @@ -54,10 +54,6 @@ let string_of_scheduler scheduler = List.Assoc.find_exn (List.Assoc.inverse scheduler_symbols) ~equal:equal_scheduler scheduler -type python_globals = OwnByClosures | OwnByModule [@@deriving equal] - -let python_globals_symbols = [("own-by-closures", OwnByClosures); ("own-by-module", OwnByModule)] - type pulse_taint_config = { sources: Pulse_config_t.matchers ; sanitizers: Pulse_config_t.matchers @@ -2997,16 +2993,6 @@ and python_skip_db = CLOpt.mk_bool ~long:"python-skip-db" ~default:false "Skip the DB writing during Python capture" -and python_globals = - CLOpt.mk_symbol ~long:"python-globals" ~default:OwnByModule ~eq:equal_python_globals - ~in_help:InferCommand.[(Analyze, manual_pulse)] - ~symbols:python_globals_symbols - "Specify the strategy to wire globals dictionnaire into each function\n\ - \ - own-by-closures: each closure captured the global dictionary\n\ - - own-by-module: each function is given the global dictionary as argument (not referenced in \ - the heap to avoid aliases)" - - and qualified_cpp_name_block_list = CLOpt.mk_string_list ~long:"qualified-cpp-name-block-list" ~meta:"string" ~in_help:InferCommand.[(Analyze, manual_generic)] @@ -4710,8 +4696,6 @@ and python_files_index = !python_files_index and python_skip_db = !python_skip_db -and python_globals = !python_globals - and qualified_cpp_name_block_list = RevList.to_list !qualified_cpp_name_block_list and quiet = !quiet diff --git a/infer/src/base/Config.mli b/infer/src/base/Config.mli index 815dde4982..53a7812e6f 100644 --- a/infer/src/base/Config.mli +++ b/infer/src/base/Config.mli @@ -35,8 +35,6 @@ type scheduler = File | Restart | SyntacticCallGraph [@@deriving equal] val string_of_scheduler : scheduler -> string -type python_globals = OwnByClosures | OwnByModule [@@deriving equal] - val build_system_of_exe_name : string -> build_system val string_of_build_system : build_system -> string @@ -755,8 +753,6 @@ val python_files_index : string option val python_skip_db : bool -val python_globals : python_globals - val qualified_cpp_name_block_list : string list val quiet : bool diff --git a/infer/src/pulse/PulseModelsPython.ml b/infer/src/pulse/PulseModelsPython.ml index fa067f156a..669506c4e4 100644 --- a/infer/src/pulse/PulseModelsPython.ml +++ b/infer/src/pulse/PulseModelsPython.ml @@ -115,24 +115,17 @@ let build_tuple args : model = assign_ret tuple -let build_class globals closure _name _args : model = +let build_class closure _name _args : model = let open DSL.Syntax in start_model @@ fun () -> let* class_ = Dict.make [] [] in - let gen_closure_args _ = - let locals = class_ in - match Config.python_globals with - | OwnByClosures -> - ret [locals] - | OwnByModule -> - ret [globals; locals] - in + let gen_closure_args _ = ret [class_] in let* _ = apply_python_closure closure gen_closure_args in assign_ret class_ -let call_dsl ~closure ~globals ~arg_names:_ ~args : DSL.aval DSL.model_monad = +let call_dsl ~closure ~arg_names:_ ~args : DSL.aval DSL.model_monad = (* TODO: take into account named args *) let open DSL.Syntax in let gen_closure_args opt_proc_attrs = @@ -150,21 +143,17 @@ let call_dsl ~closure ~globals ~arg_names:_ ~args : DSL.aval DSL.model_monad = List.mapi args ~f:(fun i _ -> Printf.sprintf "arg_%d" i) in let* locals = Dict.make python_args args in - match Config.python_globals with - | OwnByClosures -> - ret [locals] - | OwnByModule -> - ret [globals; locals] + ret [locals] in apply_python_closure closure gen_closure_args -let call closure globals arg_names args : model = +let call closure arg_names args : model = (* TODO: take into account named args *) let open DSL.Syntax in start_model @@ fun () -> - let* value = call_dsl ~closure ~globals ~arg_names ~args in + let* value = call_dsl ~closure ~arg_names ~args in assign_ret value @@ -189,7 +178,7 @@ let modelled_python_call module_name fun_name args : DSL.aval option DSL.model_m ret None -let call_method globals name obj arg_names args : model = +let call_method name obj arg_names args : model = (* TODO: take into account named args *) let open DSL.Syntax in start_model @@ -208,7 +197,7 @@ let call_method globals name obj arg_names args : model = L.d_printfln "calling method %a on module object %s" (Pp.option F.pp_print_string) opt_str_name module_name ; let* closure = Dict.get obj name in - call_dsl ~closure ~globals:obj ~arg_names ~args + call_dsl ~closure ~arg_names ~args | Some res -> L.d_printfln "catching special call %a on module object %s" (Pp.option F.pp_print_string) opt_str_name module_name ; @@ -216,8 +205,7 @@ let call_method globals name obj arg_names args : model = | _ -> let* closure = Dict.get obj name in (* TODO: for OO method, gives self argument *) - (* this is incorrect for a module *) - call_dsl ~closure ~globals ~arg_names ~args + call_dsl ~closure ~arg_names ~args in assign_ret res @@ -371,9 +359,9 @@ let yield_from _ _ : model = let matchers : matcher list = let open ProcnameDispatcher.Call in let arg = capt_arg_payload in - [ -"$builtins" &:: "py_build_class" <>$ arg $+ arg $+ arg $+++$--> build_class - ; -"$builtins" &:: "py_call" <>$ arg $+ arg $+ arg $+++$--> call - ; -"$builtins" &:: "py_call_method" <>$ arg $+ arg $+ arg $+ arg $+++$--> call_method + [ -"$builtins" &:: "py_build_class" <>$ arg $+ arg $+++$--> build_class + ; -"$builtins" &:: "py_call" <>$ arg $+ arg $+++$--> call + ; -"$builtins" &:: "py_call_method" <>$ arg $+ arg $+ arg $+++$--> call_method ; -"$builtins" &:: "py_build_tuple" &::.*+++> build_tuple ; -"$builtins" &:: "py_gen_start_coroutine" <>--> gen_start_coroutine ; -"$builtins" &:: "py_get_awaitable" <>$ arg $--> get_awaitable diff --git a/infer/src/python/PyIR2Textual.ml b/infer/src/python/PyIR2Textual.ml index a18d8b6c3d..084eb5e27a 100644 --- a/infer/src/python/PyIR2Textual.ml +++ b/infer/src/python/PyIR2Textual.ml @@ -197,11 +197,7 @@ let rec of_exp exp : Textual.Exp.t = -> let proc = mk_qualified_proc_name (RegularFunction qual_name) in let closure = - match Config.python_globals with - | OwnByClosures -> - Textual.Exp.Closure {proc; captured= [exp_globals]; params= [Parameter.locals]} - | OwnByModule -> - Textual.Exp.Closure {proc; captured= []; params= [Parameter.globals; Parameter.locals]} + Textual.Exp.Closure {proc; captured= [exp_globals]; params= [Parameter.locals]} in call_builtin str_py_make_function ( closure @@ -367,10 +363,6 @@ let builtin_name builtin = "py_get_previous_exception" -let builtin_needs_globals_as_argument builtin = - match (builtin : BuiltinCaller.t) with BuildClass -> true | _ -> false - - let str_py_store_name = "py_store_name" let of_stmt loc stmt : Textual.Instr.t = @@ -410,21 +402,18 @@ let of_stmt loc stmt : Textual.Instr.t = ; exp= call_builtin "py_store_subscript" [of_exp lhs; of_exp index; of_exp rhs] ; loc } | Call {lhs; exp; args; arg_names} -> - let args = of_exp exp :: exp_globals :: of_exp arg_names :: List.map ~f:of_exp args in + let args = of_exp exp :: of_exp arg_names :: List.map ~f:of_exp args in Let {id= Some (mk_ident lhs); exp= call_builtin "py_call" args; loc} | CallMethod {lhs; name; self_if_needed; args; arg_names} -> Let { id= Some (mk_ident lhs) ; exp= call_builtin "py_call_method" - ( exp_globals :: exp_of_ident_str name :: of_exp self_if_needed :: of_exp arg_names + ( exp_of_ident_str name :: of_exp self_if_needed :: of_exp arg_names :: List.map ~f:of_exp args ) ; loc } | BuiltinCall {lhs; call; args; arg_names= _} -> - let args = - if builtin_needs_globals_as_argument call then exp_globals :: List.map ~f:of_exp args - else List.map ~f:of_exp args - in + let args = List.map ~f:of_exp args in Let {id= Some (mk_ident lhs); exp= call_builtin (builtin_name call) args; loc} | Delete {scope= Global; ident} -> Let {id= None; exp= call_builtin "py_delete_global" [exp_of_ident_str ident; exp_globals]; loc} @@ -715,7 +704,7 @@ let gen_type module_name ~allow_classes name node = when QualifiedProcName.equal py_make_string proc -> let acc = DefaultType.add_string_constant ident str acc in find_next_declaration acc instrs - | Instr.Let {id= Some ident; exp= Call {proc; args= [_; _; Var ident_str_const]}} :: instrs + | Instr.Let {id= Some ident; exp= Call {proc; args= [_; Var ident_str_const]}} :: instrs when QualifiedProcName.equal py_build_class proc && DefaultType.is_string_constant ident_str_const acc -> let name = DefaultType.get_string_constant ident_str_const acc |> Option.value_exn in diff --git a/infer/src/python/unit/PyIR2TextualTest.ml b/infer/src/python/unit/PyIR2TextualTest.ml index a2b7137e99..2134b9622d 100644 --- a/infer/src/python/unit/PyIR2TextualTest.ml +++ b/infer/src/python/unit/PyIR2TextualTest.ml @@ -77,15 +77,15 @@ class C: n1 = $builtins.py_import_name("asyncio", $builtins.py_make_none(), $builtins.py_make_int(0)) _ = $builtins.py_store_name("a", locals, globals, n1) _ = $builtins.py_store_name("x", locals, globals, $builtins.py_make_int(0)) - n2 = $builtins.py_make_function(fun (globals, locals) -> dummy.f(globals, locals), $builtins.py_make_none(), $builtins.py_make_none(), $builtins.py_make_none(), $builtins.py_make_none()) + n2 = $builtins.py_make_function(fun (locals) -> dummy.f(globals, locals), $builtins.py_make_none(), $builtins.py_make_none(), $builtins.py_make_none(), $builtins.py_make_none()) _ = $builtins.py_store_name("f", locals, globals, n2) - n3 = $builtins.py_make_function(fun (globals, locals) -> dummy.g(globals, locals), $builtins.py_make_none(), $builtins.py_make_none(), $builtins.py_make_none(), $builtins.py_make_none()) + n3 = $builtins.py_make_function(fun (locals) -> dummy.g(globals, locals), $builtins.py_make_none(), $builtins.py_make_none(), $builtins.py_make_none(), $builtins.py_make_none()) _ = $builtins.py_store_name("g", locals, globals, n3) - n4 = $builtins.py_make_function(fun (globals, locals) -> dummy.D(globals, locals), $builtins.py_make_none(), $builtins.py_make_none(), $builtins.py_make_none(), $builtins.py_make_none()) - n5 = $builtins.py_build_class(globals, n4, $builtins.py_make_string("D")) + n4 = $builtins.py_make_function(fun (locals) -> dummy.D(globals, locals), $builtins.py_make_none(), $builtins.py_make_none(), $builtins.py_make_none(), $builtins.py_make_none()) + n5 = $builtins.py_build_class(n4, $builtins.py_make_string("D")) _ = $builtins.py_store_name("D", locals, globals, n5) - n6 = $builtins.py_make_function(fun (globals, locals) -> dummy.C(globals, locals), $builtins.py_make_none(), $builtins.py_make_none(), $builtins.py_make_none(), $builtins.py_make_none()) - n7 = $builtins.py_build_class(globals, n6, $builtins.py_make_string("C")) + n6 = $builtins.py_make_function(fun (locals) -> dummy.C(globals, locals), $builtins.py_make_none(), $builtins.py_make_none(), $builtins.py_make_none(), $builtins.py_make_none()) + n7 = $builtins.py_build_class(n6, $builtins.py_make_string("C")) _ = $builtins.py_store_name("C", locals, globals, n7) ret $builtins.py_make_none() @@ -96,7 +96,7 @@ class C: n0 = $builtins.py_load_name("__name__", locals, globals) _ = $builtins.py_store_name("__module__", locals, globals, n0) _ = $builtins.py_store_name("__qualname__", locals, globals, $builtins.py_make_string("C")) - n1 = $builtins.py_make_function(fun (globals, locals) -> dummy.C::foo(globals, locals), $builtins.py_make_none(), $builtins.py_make_none(), $builtins.py_make_none(), $builtins.py_make_none()) + n1 = $builtins.py_make_function(fun (locals) -> dummy.C::foo(globals, locals), $builtins.py_make_none(), $builtins.py_make_none(), $builtins.py_make_none(), $builtins.py_make_none()) _ = $builtins.py_store_name("foo", locals, globals, n1) ret $builtins.py_make_none() @@ -113,7 +113,7 @@ class C: n0 = $builtins.py_load_name("__name__", locals, globals) _ = $builtins.py_store_name("__module__", locals, globals, n0) _ = $builtins.py_store_name("__qualname__", locals, globals, $builtins.py_make_string("D")) - n1 = $builtins.py_make_function(fun (globals, locals) -> dummy.D::foo(globals, locals), $builtins.py_make_none(), $builtins.py_make_none(), $builtins.py_make_none(), $builtins.py_make_none()) + n1 = $builtins.py_make_function(fun (locals) -> dummy.D::foo(globals, locals), $builtins.py_make_none(), $builtins.py_make_none(), $builtins.py_make_none(), $builtins.py_make_none()) _ = $builtins.py_store_name("foo", locals, globals, n1) ret $builtins.py_make_none() @@ -133,7 +133,7 @@ class C: #b1: n10 = $builtins.py_load_global("g", globals) n11 = $builtins.py_load_fast("y", locals) - n12 = $builtins.py_call(n10, globals, $builtins.py_make_none(), $builtins.py_make_int(0), n11) + n12 = $builtins.py_call(n10, $builtins.py_make_none(), $builtins.py_make_int(0), n11) _ = $builtins.py_nullify_locals(locals, "i") ret $builtins.py_make_none() @@ -151,12 +151,12 @@ class C: _ = $builtins.py_store_fast("i", locals, n3) n7 = $builtins.py_load_global("print", globals) n8 = $builtins.py_load_fast("i", locals) - n9 = $builtins.py_call(n7, globals, $builtins.py_make_none(), n8) + n9 = $builtins.py_call(n7, $builtins.py_make_none(), n8) jmp b3 #b5: n5 = $builtins.py_load_global("done", globals) - n6 = $builtins.py_call(n5, globals, $builtins.py_make_none()) + n6 = $builtins.py_call(n5, $builtins.py_make_none()) _ = $builtins.py_nullify_locals(locals, "i") ret $builtins.py_make_none() @@ -166,7 +166,7 @@ class C: #b0: _ = $builtins.py_gen_start_coroutine() n0 = $builtins.py_load_global("sleep", globals) - n1 = $builtins.py_call(n0, globals, $builtins.py_make_none(), $builtins.py_make_int(1)) + n1 = $builtins.py_call(n0, $builtins.py_make_none(), $builtins.py_make_int(1)) n2 = $builtins.py_get_awaitable(n1) n3 = $builtins.py_yield_from(n2, $builtins.py_make_none()) ret $builtins.py_make_none() @@ -185,15 +185,15 @@ class C: n1 = $builtins.py_import_name("asyncio", $builtins.py_make_none(), $builtins.py_make_int(0)) _ = $builtins.py_store_name("a", [&locals:*PyLocals], [&globals:*PyGlobals::dummy], n1) _ = $builtins.py_store_name("x", [&locals:*PyLocals], [&globals:*PyGlobals::dummy], $builtins.py_make_int(0)) - n2 = $builtins.py_make_function(fun (globals, locals) -> dummy.f(globals, locals), $builtins.py_make_none(), $builtins.py_make_none(), $builtins.py_make_none(), $builtins.py_make_none()) + n2 = $builtins.py_make_function(fun (locals) -> dummy.f([&globals:*PyGlobals::dummy], locals), $builtins.py_make_none(), $builtins.py_make_none(), $builtins.py_make_none(), $builtins.py_make_none()) _ = $builtins.py_store_name("f", [&locals:*PyLocals], [&globals:*PyGlobals::dummy], n2) - n3 = $builtins.py_make_function(fun (globals, locals) -> dummy.g(globals, locals), $builtins.py_make_none(), $builtins.py_make_none(), $builtins.py_make_none(), $builtins.py_make_none()) + n3 = $builtins.py_make_function(fun (locals) -> dummy.g([&globals:*PyGlobals::dummy], locals), $builtins.py_make_none(), $builtins.py_make_none(), $builtins.py_make_none(), $builtins.py_make_none()) _ = $builtins.py_store_name("g", [&locals:*PyLocals], [&globals:*PyGlobals::dummy], n3) - n4 = $builtins.py_make_function(fun (globals, locals) -> dummy.D(globals, locals), $builtins.py_make_none(), $builtins.py_make_none(), $builtins.py_make_none(), $builtins.py_make_none()) - n5 = $builtins.py_build_class([&globals:*PyGlobals::dummy], n4, $builtins.py_make_string("D")) + n4 = $builtins.py_make_function(fun (locals) -> dummy.D([&globals:*PyGlobals::dummy], locals), $builtins.py_make_none(), $builtins.py_make_none(), $builtins.py_make_none(), $builtins.py_make_none()) + n5 = $builtins.py_build_class(n4, $builtins.py_make_string("D")) _ = $builtins.py_store_name("D", [&locals:*PyLocals], [&globals:*PyGlobals::dummy], n5) - n6 = $builtins.py_make_function(fun (globals, locals) -> dummy.C(globals, locals), $builtins.py_make_none(), $builtins.py_make_none(), $builtins.py_make_none(), $builtins.py_make_none()) - n7 = $builtins.py_build_class([&globals:*PyGlobals::dummy], n6, $builtins.py_make_string("C")) + n6 = $builtins.py_make_function(fun (locals) -> dummy.C([&globals:*PyGlobals::dummy], locals), $builtins.py_make_none(), $builtins.py_make_none(), $builtins.py_make_none(), $builtins.py_make_none()) + n7 = $builtins.py_build_class(n6, $builtins.py_make_string("C")) _ = $builtins.py_store_name("C", [&locals:*PyLocals], [&globals:*PyGlobals::dummy], n7) ret $builtins.py_make_none() @@ -204,7 +204,7 @@ class C: n0 = $builtins.py_load_name("__name__", [&locals:*PyLocals], [&globals:*PyGlobals::dummy]) _ = $builtins.py_store_name("__module__", [&locals:*PyLocals], [&globals:*PyGlobals::dummy], n0) _ = $builtins.py_store_name("__qualname__", [&locals:*PyLocals], [&globals:*PyGlobals::dummy], $builtins.py_make_string("C")) - n1 = $builtins.py_make_function(fun (globals, locals) -> dummy.C::foo(globals, locals), $builtins.py_make_none(), $builtins.py_make_none(), $builtins.py_make_none(), $builtins.py_make_none()) + n1 = $builtins.py_make_function(fun (locals) -> dummy.C::foo([&globals:*PyGlobals::dummy], locals), $builtins.py_make_none(), $builtins.py_make_none(), $builtins.py_make_none(), $builtins.py_make_none()) _ = $builtins.py_store_name("foo", [&locals:*PyLocals], [&globals:*PyGlobals::dummy], n1) ret $builtins.py_make_none() @@ -221,7 +221,7 @@ class C: n0 = $builtins.py_load_name("__name__", [&locals:*PyLocals], [&globals:*PyGlobals::dummy]) _ = $builtins.py_store_name("__module__", [&locals:*PyLocals], [&globals:*PyGlobals::dummy], n0) _ = $builtins.py_store_name("__qualname__", [&locals:*PyLocals], [&globals:*PyGlobals::dummy], $builtins.py_make_string("D")) - n1 = $builtins.py_make_function(fun (globals, locals) -> dummy.D::foo(globals, locals), $builtins.py_make_none(), $builtins.py_make_none(), $builtins.py_make_none(), $builtins.py_make_none()) + n1 = $builtins.py_make_function(fun (locals) -> dummy.D::foo([&globals:*PyGlobals::dummy], locals), $builtins.py_make_none(), $builtins.py_make_none(), $builtins.py_make_none(), $builtins.py_make_none()) _ = $builtins.py_store_name("foo", [&locals:*PyLocals], [&globals:*PyGlobals::dummy], n1) ret $builtins.py_make_none() @@ -241,7 +241,7 @@ class C: #b1: n10 = $builtins.py_load_global("g", [&globals:*PyGlobals::dummy]) n11 = $builtins.py_load_fast("y", [&locals:*PyLocals]) - n12 = $builtins.py_call(n10, [&globals:*PyGlobals::dummy], $builtins.py_make_none(), $builtins.py_make_int(0), n11) + n12 = $builtins.py_call(n10, $builtins.py_make_none(), $builtins.py_make_int(0), n11) _ = $builtins.py_nullify_locals([&locals:*PyLocals], "i") ret $builtins.py_make_none() @@ -259,12 +259,12 @@ class C: _ = $builtins.py_store_fast("i", [&locals:*PyLocals], n3) n7 = $builtins.py_load_global("print", [&globals:*PyGlobals::dummy]) n8 = $builtins.py_load_fast("i", [&locals:*PyLocals]) - n9 = $builtins.py_call(n7, [&globals:*PyGlobals::dummy], $builtins.py_make_none(), n8) + n9 = $builtins.py_call(n7, $builtins.py_make_none(), n8) jmp b3 #b5: n5 = $builtins.py_load_global("done", [&globals:*PyGlobals::dummy]) - n6 = $builtins.py_call(n5, [&globals:*PyGlobals::dummy], $builtins.py_make_none()) + n6 = $builtins.py_call(n5, $builtins.py_make_none()) _ = $builtins.py_nullify_locals([&locals:*PyLocals], "i") ret $builtins.py_make_none() @@ -274,7 +274,7 @@ class C: #b0: _ = $builtins.py_gen_start_coroutine() n0 = $builtins.py_load_global("sleep", [&globals:*PyGlobals::dummy]) - n1 = $builtins.py_call(n0, [&globals:*PyGlobals::dummy], $builtins.py_make_none(), $builtins.py_make_int(1)) + n1 = $builtins.py_call(n0, $builtins.py_make_none(), $builtins.py_make_int(1)) n2 = $builtins.py_get_awaitable(n1) n3 = $builtins.py_yield_from(n2, $builtins.py_make_none()) ret $builtins.py_make_none() @@ -292,69 +292,75 @@ class C: type PyClassCompanion::dummy::D = {foo: *closure:dummy:5} - type .final closure:dummy:5 = {} + type .final closure:dummy:5 = {globals: *PyGlobals::dummy} - define .closure_wrapper closure:dummy:5.call(__this: *closure:dummy:5, globals: *PyGlobals::dummy, locals: *PyLocals) : *PyObject { + define .closure_wrapper closure:dummy:5.call(__this: *closure:dummy:5, locals: *PyLocals) : *PyObject { #entry: - n0:*PyGlobals::dummy = load &globals - n1:*PyLocals = load &locals - n2 = dummy.D::foo(n0, n1) - ret n2 + n0:*closure:dummy:5 = load &__this + n1:*PyGlobals::dummy = load n0.?.globals + n2:*PyLocals = load &locals + n3 = dummy.D::foo(n1, n2) + ret n3 } - type .final closure:dummy:4 = {} + type .final closure:dummy:4 = {globals: *PyGlobals::dummy} - define .closure_wrapper closure:dummy:4.call(__this: *closure:dummy:4, globals: *PyGlobals::dummy, locals: *PyLocals) : *PyObject { + define .closure_wrapper closure:dummy:4.call(__this: *closure:dummy:4, locals: *PyLocals) : *PyObject { #entry: - n0:*PyGlobals::dummy = load &globals - n1:*PyLocals = load &locals - n2 = dummy.C::foo(n0, n1) - ret n2 + n0:*closure:dummy:4 = load &__this + n1:*PyGlobals::dummy = load n0.?.globals + n2:*PyLocals = load &locals + n3 = dummy.C::foo(n1, n2) + ret n3 } - type .final closure:dummy:3 = {} + type .final closure:dummy:3 = {globals: *PyGlobals::dummy} - define .closure_wrapper closure:dummy:3.call(__this: *closure:dummy:3, globals: *PyGlobals::dummy, locals: *PyLocals) : *PyObject { + define .closure_wrapper closure:dummy:3.call(__this: *closure:dummy:3, locals: *PyLocals) : *PyObject { #entry: - n0:*PyGlobals::dummy = load &globals - n1:*PyLocals = load &locals - n2 = dummy.C(n0, n1) - ret n2 + n0:*closure:dummy:3 = load &__this + n1:*PyGlobals::dummy = load n0.?.globals + n2:*PyLocals = load &locals + n3 = dummy.C(n1, n2) + ret n3 } - type .final closure:dummy:2 = {} + type .final closure:dummy:2 = {globals: *PyGlobals::dummy} - define .closure_wrapper closure:dummy:2.call(__this: *closure:dummy:2, globals: *PyGlobals::dummy, locals: *PyLocals) : *PyObject { + define .closure_wrapper closure:dummy:2.call(__this: *closure:dummy:2, locals: *PyLocals) : *PyObject { #entry: - n0:*PyGlobals::dummy = load &globals - n1:*PyLocals = load &locals - n2 = dummy.D(n0, n1) - ret n2 + n0:*closure:dummy:2 = load &__this + n1:*PyGlobals::dummy = load n0.?.globals + n2:*PyLocals = load &locals + n3 = dummy.D(n1, n2) + ret n3 } - type .final closure:dummy:1 = {} + type .final closure:dummy:1 = {globals: *PyGlobals::dummy} - define .closure_wrapper .async closure:dummy:1.call(__this: *closure:dummy:1, globals: *PyGlobals::dummy, locals: *PyLocals) : *PyObject { + define .closure_wrapper .async closure:dummy:1.call(__this: *closure:dummy:1, locals: *PyLocals) : *PyObject { #entry: - n0:*PyGlobals::dummy = load &globals - n1:*PyLocals = load &locals - n2 = dummy.g(n0, n1) - ret n2 + n0:*closure:dummy:1 = load &__this + n1:*PyGlobals::dummy = load n0.?.globals + n2:*PyLocals = load &locals + n3 = dummy.g(n1, n2) + ret n3 } - type .final closure:dummy:0 = {} + type .final closure:dummy:0 = {globals: *PyGlobals::dummy} - define .closure_wrapper .args = "y,l" closure:dummy:0.call(__this: *closure:dummy:0, globals: *PyGlobals::dummy, locals: *PyLocals) : *PyObject { + define .closure_wrapper .args = "y,l" closure:dummy:0.call(__this: *closure:dummy:0, locals: *PyLocals) : *PyObject { #entry: - n0:*PyGlobals::dummy = load &globals - n1:*PyLocals = load &locals - n2 = dummy.f(n0, n1) - ret n2 + n0:*closure:dummy:0 = load &__this + n1:*PyGlobals::dummy = load n0.?.globals + n2:*PyLocals = load &locals + n3 = dummy.f(n1, n2) + ret n3 } @@ -379,50 +385,56 @@ class C: n20:*PyGlobals::dummy = load &globals n21 = $builtins.py_make_int(0) n22 = $builtins.py_store_name("x", n19, n20, n21) - n23 = __sil_allocate() - n25 = $builtins.py_make_none() + n23:*PyGlobals::dummy = load &globals + n24 = __sil_allocate() + store n24.?.globals <- n23:*PyGlobals::dummy n26 = $builtins.py_make_none() n27 = $builtins.py_make_none() n28 = $builtins.py_make_none() - n2 = $builtins.py_make_function(n23, n25, n26, n27, n28) - n29:*PyLocals = load &locals - n30:*PyGlobals::dummy = load &globals - n31 = $builtins.py_store_name("f", n29, n30, n2) - n32 = __sil_allocate() - n34 = $builtins.py_make_none() - n35 = $builtins.py_make_none() + n29 = $builtins.py_make_none() + n2 = $builtins.py_make_function(n24, n26, n27, n28, n29) + n30:*PyLocals = load &locals + n31:*PyGlobals::dummy = load &globals + n32 = $builtins.py_store_name("f", n30, n31, n2) + n33:*PyGlobals::dummy = load &globals + n34 = __sil_allocate() + store n34.?.globals <- n33:*PyGlobals::dummy n36 = $builtins.py_make_none() n37 = $builtins.py_make_none() - n3 = $builtins.py_make_function(n32, n34, n35, n36, n37) - n38:*PyLocals = load &locals - n39:*PyGlobals::dummy = load &globals - n40 = $builtins.py_store_name("g", n38, n39, n3) - n41 = __sil_allocate() - n43 = $builtins.py_make_none() - n44 = $builtins.py_make_none() - n45 = $builtins.py_make_none() + n38 = $builtins.py_make_none() + n39 = $builtins.py_make_none() + n3 = $builtins.py_make_function(n34, n36, n37, n38, n39) + n40:*PyLocals = load &locals + n41:*PyGlobals::dummy = load &globals + n42 = $builtins.py_store_name("g", n40, n41, n3) + n43:*PyGlobals::dummy = load &globals + n44 = __sil_allocate() + store n44.?.globals <- n43:*PyGlobals::dummy n46 = $builtins.py_make_none() - n4 = $builtins.py_make_function(n41, n43, n44, n45, n46) - n47:*PyGlobals::dummy = load &globals - n48 = $builtins.py_make_string("D") - n5 = $builtins.py_build_class(n47, n4, n48) - n49:*PyLocals = load &locals - n50:*PyGlobals::dummy = load &globals - n51 = $builtins.py_store_name("D", n49, n50, n5) - n52 = __sil_allocate() - n54 = $builtins.py_make_none() - n55 = $builtins.py_make_none() - n56 = $builtins.py_make_none() + n47 = $builtins.py_make_none() + n48 = $builtins.py_make_none() + n49 = $builtins.py_make_none() + n4 = $builtins.py_make_function(n44, n46, n47, n48, n49) + n50 = $builtins.py_make_string("D") + n5 = $builtins.py_build_class(n4, n50) + n51:*PyLocals = load &locals + n52:*PyGlobals::dummy = load &globals + n53 = $builtins.py_store_name("D", n51, n52, n5) + n54:*PyGlobals::dummy = load &globals + n55 = __sil_allocate() + store n55.?.globals <- n54:*PyGlobals::dummy n57 = $builtins.py_make_none() - n6 = $builtins.py_make_function(n52, n54, n55, n56, n57) - n58:*PyGlobals::dummy = load &globals - n59 = $builtins.py_make_string("C") - n7 = $builtins.py_build_class(n58, n6, n59) - n60:*PyLocals = load &locals - n61:*PyGlobals::dummy = load &globals - n62 = $builtins.py_store_name("C", n60, n61, n7) - n63 = $builtins.py_make_none() - ret n63 + n58 = $builtins.py_make_none() + n59 = $builtins.py_make_none() + n60 = $builtins.py_make_none() + n6 = $builtins.py_make_function(n55, n57, n58, n59, n60) + n61 = $builtins.py_make_string("C") + n7 = $builtins.py_build_class(n6, n61) + n62:*PyLocals = load &locals + n63:*PyGlobals::dummy = load &globals + n64 = $builtins.py_store_name("C", n62, n63, n7) + n65 = $builtins.py_make_none() + ret n65 } @@ -438,17 +450,19 @@ class C: n8:*PyGlobals::dummy = load &globals n9 = $builtins.py_make_string("C") n10 = $builtins.py_store_name("__qualname__", n7, n8, n9) - n11 = __sil_allocate() - n13 = $builtins.py_make_none() + n11:*PyGlobals::dummy = load &globals + n12 = __sil_allocate() + store n12.?.globals <- n11:*PyGlobals::dummy n14 = $builtins.py_make_none() n15 = $builtins.py_make_none() n16 = $builtins.py_make_none() - n1 = $builtins.py_make_function(n11, n13, n14, n15, n16) - n17:*PyLocals = load &locals - n18:*PyGlobals::dummy = load &globals - n19 = $builtins.py_store_name("foo", n17, n18, n1) - n20 = $builtins.py_make_none() - ret n20 + n17 = $builtins.py_make_none() + n1 = $builtins.py_make_function(n12, n14, n15, n16, n17) + n18:*PyLocals = load &locals + n19:*PyGlobals::dummy = load &globals + n20 = $builtins.py_store_name("foo", n18, n19, n1) + n21 = $builtins.py_make_none() + ret n21 } @@ -471,17 +485,19 @@ class C: n8:*PyGlobals::dummy = load &globals n9 = $builtins.py_make_string("D") n10 = $builtins.py_store_name("__qualname__", n7, n8, n9) - n11 = __sil_allocate() - n13 = $builtins.py_make_none() + n11:*PyGlobals::dummy = load &globals + n12 = __sil_allocate() + store n12.?.globals <- n11:*PyGlobals::dummy n14 = $builtins.py_make_none() n15 = $builtins.py_make_none() n16 = $builtins.py_make_none() - n1 = $builtins.py_make_function(n11, n13, n14, n15, n16) - n17:*PyLocals = load &locals - n18:*PyGlobals::dummy = load &globals - n19 = $builtins.py_store_name("foo", n17, n18, n1) - n20 = $builtins.py_make_none() - ret n20 + n17 = $builtins.py_make_none() + n1 = $builtins.py_make_function(n12, n14, n15, n16, n17) + n18:*PyLocals = load &locals + n19:*PyGlobals::dummy = load &globals + n20 = $builtins.py_store_name("foo", n18, n19, n1) + n21 = $builtins.py_make_none() + ret n21 } @@ -504,19 +520,18 @@ class C: n10 = $builtins.py_load_global("g", n14) n15:*PyLocals = load &locals n11 = $builtins.py_load_fast("y", n15) - n16:*PyGlobals::dummy = load &globals - n17 = $builtins.py_make_none() - n18 = $builtins.py_make_int(0) - n12 = $builtins.py_call(n10, n16, n17, n18, n11) - n19:*PyLocals = load &locals - n20 = $builtins.py_nullify_locals(n19, "i") - n21 = $builtins.py_make_none() - ret n21 + n16 = $builtins.py_make_none() + n17 = $builtins.py_make_int(0) + n12 = $builtins.py_call(n10, n16, n17, n11) + n18:*PyLocals = load &locals + n19 = $builtins.py_nullify_locals(n18, "i") + n20 = $builtins.py_make_none() + ret n20 #b2: prune __sil_lnot(n0) - n22:*PyLocals = load &locals - n1 = $builtins.py_load_fast("l", n22) + n21:*PyLocals = load &locals + n1 = $builtins.py_load_fast("l", n21) n2 = $builtins.py_get_iter(n1) jmp b3 @@ -527,28 +542,26 @@ class C: #b4: prune n4 - n23:*PyLocals = load &locals - n24 = $builtins.py_store_fast("i", n23, n3) - n25:*PyGlobals::dummy = load &globals - n7 = $builtins.py_load_global("print", n25) - n26:*PyLocals = load &locals - n8 = $builtins.py_load_fast("i", n26) - n27:*PyGlobals::dummy = load &globals - n28 = $builtins.py_make_none() - n9 = $builtins.py_call(n7, n27, n28, n8) + n22:*PyLocals = load &locals + n23 = $builtins.py_store_fast("i", n22, n3) + n24:*PyGlobals::dummy = load &globals + n7 = $builtins.py_load_global("print", n24) + n25:*PyLocals = load &locals + n8 = $builtins.py_load_fast("i", n25) + n26 = $builtins.py_make_none() + n9 = $builtins.py_call(n7, n26, n8) jmp b3 #b5: prune __sil_lnot(n4) - n29:*PyGlobals::dummy = load &globals - n5 = $builtins.py_load_global("done", n29) - n30:*PyGlobals::dummy = load &globals + n27:*PyGlobals::dummy = load &globals + n5 = $builtins.py_load_global("done", n27) + n28 = $builtins.py_make_none() + n6 = $builtins.py_call(n5, n28) + n29:*PyLocals = load &locals + n30 = $builtins.py_nullify_locals(n29, "i") n31 = $builtins.py_make_none() - n6 = $builtins.py_call(n5, n30, n31) - n32:*PyLocals = load &locals - n33 = $builtins.py_nullify_locals(n32, "i") - n34 = $builtins.py_make_none() - ret n34 + ret n31 } @@ -557,14 +570,13 @@ class C: n4 = $builtins.py_gen_start_coroutine() n5:*PyGlobals::dummy = load &globals n0 = $builtins.py_load_global("sleep", n5) - n6:*PyGlobals::dummy = load &globals - n7 = $builtins.py_make_none() - n8 = $builtins.py_make_int(1) - n1 = $builtins.py_call(n0, n6, n7, n8) + n6 = $builtins.py_make_none() + n7 = $builtins.py_make_int(1) + n1 = $builtins.py_call(n0, n6, n7) n2 = $builtins.py_get_awaitable(n1) + n8 = $builtins.py_make_none() + n3 = $builtins.py_yield_from(n2, n8) n9 = $builtins.py_make_none() - n3 = $builtins.py_yield_from(n2, n9) - n10 = $builtins.py_make_none() - ret n10 + ret n9 } |}] diff --git a/infer/tests/codetoanalyze/python/pulse/issues.exp b/infer/tests/codetoanalyze/python/pulse/issues.exp index 77723f2352..281c47e541 100644 --- a/infer/tests/codetoanalyze/python/pulse/issues.exp +++ b/infer/tests/codetoanalyze/python/pulse/issues.exp @@ -3,16 +3,17 @@ async_level0.py, async_level0.call_sleep_bad, 1, PULSE_UNAWAITED_AWAITABLE, no_b async_level0.py, async_level0.call_sleep_with_branchs_bad1, 3, PULSE_UNAWAITED_AWAITABLE, no_bucket, ERROR, [allocation part of the trace starts here,allocated by async call here,awaitable becomes unreachable here] async_level0.py, async_level0.call_sleep_with_branchs_bad2, 4, PULSE_UNAWAITED_AWAITABLE, no_bucket, ERROR, [allocation part of the trace starts here,allocated by async call here,awaitable becomes unreachable here] async_level1.py, async_level1.D::main, 1, PULSE_UNAWAITED_AWAITABLE, no_bucket, ERROR, [allocation part of the trace starts here,allocated by async call here,awaitable becomes unreachable here] -taint_import_with_package.py, taint_import_with_package.__module_body__, 62, TAINT_ERROR, no_bucket, ERROR, [in call to `dir1::testmod.__module_body__`,in call to `closure:taint:1.call`,source of the taint here: value returned from `taint.source` with kind `Simple`,return from call to `closure:taint:1.call`,return from call to `dir1::testmod.__module_body__`,when calling `closure:taint_import_with_package:0.call` here,when calling `taint_import_with_package.use1_bad` here,when calling `closure:taint:0.call` here,flows to this sink: value passed as argument `#1` to `taint.sink` with kind `Simple`], source: taint.source, sink: taint.sink, tainted expression: globals->tainted_global1 -taint_import_with_package.py, taint_import_with_package.__module_body__, 68, TAINT_ERROR, no_bucket, ERROR, [in call to `dir2::testmod.__module_body__`,in call to `closure:taint:1.call`,source of the taint here: value returned from `taint.source` with kind `Simple`,return from call to `closure:taint:1.call`,return from call to `dir2::testmod.__module_body__`,when calling `closure:taint_import_with_package:2.call` here,when calling `taint_import_with_package.use2_bad` here,when calling `closure:taint:0.call` here,flows to this sink: value passed as argument `#1` to `taint.sink` with kind `Simple`], source: taint.source, sink: taint.sink, tainted expression: globals->tainted_global2 -taint_import_with_package.py, taint_import_with_package.__module_body__, 74, TAINT_ERROR, no_bucket, ERROR, [in call to `dir1::dir3::testmod.__module_body__`,in call to `closure:taint:1.call`,source of the taint here: value returned from `taint.source` with kind `Simple`,return from call to `closure:taint:1.call`,return from call to `dir1::dir3::testmod.__module_body__`,when calling `closure:taint_import_with_package:4.call` here,when calling `taint_import_with_package.use3_bad` here,when calling `closure:taint:0.call` here,flows to this sink: value passed as argument `#1` to `taint.sink` with kind `Simple`], source: taint.source, sink: taint.sink, tainted expression: globals->tainted_global3 -taint_import_with_package.py, taint_import_with_package.__module_body__, 80, TAINT_ERROR, no_bucket, ERROR, [in call to `dir1::dir4::testmod.__module_body__`,in call to `closure:taint:1.call`,source of the taint here: value returned from `taint.source` with kind `Simple`,return from call to `closure:taint:1.call`,return from call to `dir1::dir4::testmod.__module_body__`,when calling `closure:taint_import_with_package:6.call` here,when calling `taint_import_with_package.use4_bad` here,when calling `closure:taint:0.call` here,flows to this sink: value passed as argument `#1` to `taint.sink` with kind `Simple`], source: taint.source, sink: taint.sink, tainted expression: globals->tainted_global4 -taint_import_with_package.py, taint_import_with_package.__module_body__, 86, TAINT_ERROR, no_bucket, ERROR, [in call to `dir2::dir5::testmod.__module_body__`,in call to `closure:taint:1.call`,source of the taint here: value returned from `taint.source` with kind `Simple`,return from call to `closure:taint:1.call`,return from call to `dir2::dir5::testmod.__module_body__`,when calling `closure:taint_import_with_package:8.call` here,when calling `taint_import_with_package.use5_bad` here,when calling `closure:taint:0.call` here,flows to this sink: value passed as argument `#1` to `taint.sink` with kind `Simple`], source: taint.source, sink: taint.sink, tainted expression: globals->tainted_global5 -taint_import_with_package.py, taint_import_with_package.__module_body__, 92, TAINT_ERROR, no_bucket, ERROR, [in call to `dir2::dir6::testmod.__module_body__`,in call to `closure:taint:1.call`,source of the taint here: value returned from `taint.source` with kind `Simple`,return from call to `closure:taint:1.call`,return from call to `dir2::dir6::testmod.__module_body__`,when calling `closure:taint_import_with_package:10.call` here,when calling `taint_import_with_package.use6_bad` here,when calling `closure:taint:0.call` here,flows to this sink: value passed as argument `#1` to `taint.sink` with kind `Simple`], source: taint.source, sink: taint.sink, tainted expression: globals->tainted_global6 +taint_import_simple.py, taint_import_simple.basic_flow_bad, 2, TAINT_ERROR, no_bucket, ERROR, [in call to `closure:taint:1.call`,source of the taint here: value returned from `taint.source` with kind `Simple`,return from call to `closure:taint:1.call`,when calling `closure:taint:0.call` here,flows to this sink: value passed as argument `#1` to `taint.sink` with kind `Simple`], source: taint.source, sink: taint.sink, tainted expression: UNKNOWN +taint_import_with_package.py, taint_import_with_package.__module_body__, 62, TAINT_ERROR, no_bucket, ERROR, [in call to `dir1::testmod.__module_body__`,in call to `closure:taint:1.call`,source of the taint here: value returned from `taint.source` with kind `Simple`,return from call to `closure:taint:1.call`,return from call to `dir1::testmod.__module_body__`,when calling `closure:taint_import_with_package:0.call` here,when calling `taint_import_with_package.use1_bad` here,when calling `closure:taint:0.call` here,flows to this sink: value passed as argument `#1` to `taint.sink` with kind `Simple`], source: taint.source, sink: taint.sink, tainted expression: globals->use1_bad->globals->tainted_global1 +taint_import_with_package.py, taint_import_with_package.__module_body__, 68, TAINT_ERROR, no_bucket, ERROR, [in call to `dir2::testmod.__module_body__`,in call to `closure:taint:1.call`,source of the taint here: value returned from `taint.source` with kind `Simple`,return from call to `closure:taint:1.call`,return from call to `dir2::testmod.__module_body__`,when calling `closure:taint_import_with_package:2.call` here,when calling `taint_import_with_package.use2_bad` here,when calling `closure:taint:0.call` here,flows to this sink: value passed as argument `#1` to `taint.sink` with kind `Simple`], source: taint.source, sink: taint.sink, tainted expression: globals->use2_bad->globals->tainted_global2 +taint_import_with_package.py, taint_import_with_package.__module_body__, 74, TAINT_ERROR, no_bucket, ERROR, [in call to `dir1::dir3::testmod.__module_body__`,in call to `closure:taint:1.call`,source of the taint here: value returned from `taint.source` with kind `Simple`,return from call to `closure:taint:1.call`,return from call to `dir1::dir3::testmod.__module_body__`,when calling `closure:taint_import_with_package:4.call` here,when calling `taint_import_with_package.use3_bad` here,when calling `closure:taint:0.call` here,flows to this sink: value passed as argument `#1` to `taint.sink` with kind `Simple`], source: taint.source, sink: taint.sink, tainted expression: globals->use3_bad->globals->tainted_global3 +taint_import_with_package.py, taint_import_with_package.__module_body__, 80, TAINT_ERROR, no_bucket, ERROR, [in call to `dir1::dir4::testmod.__module_body__`,in call to `closure:taint:1.call`,source of the taint here: value returned from `taint.source` with kind `Simple`,return from call to `closure:taint:1.call`,return from call to `dir1::dir4::testmod.__module_body__`,when calling `closure:taint_import_with_package:6.call` here,when calling `taint_import_with_package.use4_bad` here,when calling `closure:taint:0.call` here,flows to this sink: value passed as argument `#1` to `taint.sink` with kind `Simple`], source: taint.source, sink: taint.sink, tainted expression: globals->use4_bad->globals->tainted_global4 +taint_import_with_package.py, taint_import_with_package.__module_body__, 86, TAINT_ERROR, no_bucket, ERROR, [in call to `dir2::dir5::testmod.__module_body__`,in call to `closure:taint:1.call`,source of the taint here: value returned from `taint.source` with kind `Simple`,return from call to `closure:taint:1.call`,return from call to `dir2::dir5::testmod.__module_body__`,when calling `closure:taint_import_with_package:8.call` here,when calling `taint_import_with_package.use5_bad` here,when calling `closure:taint:0.call` here,flows to this sink: value passed as argument `#1` to `taint.sink` with kind `Simple`], source: taint.source, sink: taint.sink, tainted expression: globals->use5_bad->globals->tainted_global5 +taint_import_with_package.py, taint_import_with_package.__module_body__, 92, TAINT_ERROR, no_bucket, ERROR, [in call to `dir2::dir6::testmod.__module_body__`,in call to `closure:taint:1.call`,source of the taint here: value returned from `taint.source` with kind `Simple`,return from call to `closure:taint:1.call`,return from call to `dir2::dir6::testmod.__module_body__`,when calling `closure:taint_import_with_package:10.call` here,when calling `taint_import_with_package.use6_bad` here,when calling `closure:taint:0.call` here,flows to this sink: value passed as argument `#1` to `taint.sink` with kind `Simple`], source: taint.source, sink: taint.sink, tainted expression: globals->use6_bad->globals->tainted_global6 taint_level0.py, taint_level0.__module_body__, 11, TAINT_ERROR, no_bucket, ERROR, [in call to `closure:taint:1.call`,source of the taint here: value returned from `taint.source` with kind `Simple`,return from call to `closure:taint:1.call`,when calling `closure:taint:0.call` here,flows to this sink: value passed as argument `#1` to `taint.sink` with kind `Simple`], source: taint.source, sink: taint.sink, tainted expression: UNKNOWN taint_level0.py, taint_level0.__module_body__, 19, TAINT_ERROR, no_bucket, ERROR, [in call to `closure:taint:1.call`,source of the taint here: value returned from `taint.source` with kind `Simple`,return from call to `closure:taint:1.call`,when calling `closure:taint:0.call` here,flows to this sink: value passed as argument `#1` to `taint.sink` with kind `Simple`], source: taint.source, sink: taint.sink, tainted expression: UNKNOWN taint_level1.py, taint_level1.basic_flow_bad, 2, TAINT_ERROR, no_bucket, ERROR, [in call to `closure:taint:1.call`,source of the taint here: value returned from `taint.source` with kind `Simple`,return from call to `closure:taint:1.call`,when calling `closure:taint:0.call` here,flows to this sink: value passed as argument `#1` to `taint.sink` with kind `Simple`], source: taint.source, sink: taint.sink, tainted expression: UNKNOWN taint_level1.py, taint_level1.call_fst_bad, 2, TAINT_ERROR, no_bucket, ERROR, [in call to `closure:taint:1.call`,source of the taint here: value returned from `taint.source` with kind `Simple`,return from call to `closure:taint:1.call`,when calling `closure:taint:0.call` here,flows to this sink: value passed as argument `#1` to `taint.sink` with kind `Simple`], source: taint.source, sink: taint.sink, tainted expression: UNKNOWN taint_level1.py, taint_level1.call_sink_fst_arg_bad, 1, TAINT_ERROR, no_bucket, ERROR, [in call to `closure:taint:1.call`,source of the taint here: value returned from `taint.source` with kind `Simple`,return from call to `closure:taint:1.call`,when calling `closure:taint_level1:5.call` here,when calling `taint_level1.sink_fst_arg` here,when calling `closure:taint:0.call` here,flows to this sink: value passed as argument `#1` to `taint.sink` with kind `Simple`], source: taint.source, sink: taint.sink, tainted expression: closure:taint:1.call() taint_level1.py, taint_level1.call_taint_sink_on_global_bad2, 3, TAINT_ERROR, no_bucket, ERROR, [in call to `closure:taint:1.call`,source of the taint here: value returned from `taint.source` with kind `Simple`,return from call to `closure:taint:1.call`,when calling `closure:taint:0.call` here,flows to this sink: value passed as argument `#1` to `taint.sink` with kind `Simple`], source: taint.source, sink: taint.sink, tainted expression: UNKNOWN -taint_level1.py, taint_level1.__module_body__, 60, TAINT_ERROR, no_bucket, ERROR, [in call to `closure:taint:1.call`,source of the taint here: value returned from `taint.source` with kind `Simple`,return from call to `closure:taint:1.call`,when calling `closure:taint_level1:8.call` here,when calling `taint_level1.call_taint_sink_on_global_bad1` here,when calling `closure:taint:0.call` here,flows to this sink: value passed as argument `#1` to `taint.sink` with kind `Simple`], source: taint.source, sink: taint.sink, tainted expression: globals->g +taint_level1.py, taint_level1.__module_body__, 60, TAINT_ERROR, no_bucket, ERROR, [in call to `closure:taint:1.call`,source of the taint here: value returned from `taint.source` with kind `Simple`,return from call to `closure:taint:1.call`,when calling `closure:taint_level1:8.call` here,when calling `taint_level1.call_taint_sink_on_global_bad1` here,when calling `closure:taint:0.call` here,flows to this sink: value passed as argument `#1` to `taint.sink` with kind `Simple`], source: taint.source, sink: taint.sink, tainted expression: globals->call_taint_sink_on_global_bad1->globals->g diff --git a/infer/tests/codetoanalyze/python/pulse/taint_import_simple.py b/infer/tests/codetoanalyze/python/pulse/taint_import_simple.py index 80a7806561..7e9f5f6a1b 100644 --- a/infer/tests/codetoanalyze/python/pulse/taint_import_simple.py +++ b/infer/tests/codetoanalyze/python/pulse/taint_import_simple.py @@ -6,12 +6,12 @@ import taint from taint import sink -def FN_basic_flow_bad() -> None: +def basic_flow_bad() -> None: tainted = taint.source() sink(tainted) def basic_flow_ok(untainted: int) -> None: sink(untainted) -FN_basic_flow_bad() +basic_flow_bad() basic_flow_ok(0)