Add qtil.python

Author: MichaelRFairhurst

python/src/codeql-pack.lock.yml

@@ -0,0 +1,26 @@
+---
+lockVersion: 1.0.0
+dependencies:
+  codeql/dataflow:
+    version: 1.1.6
+  codeql/mad:
+    version: 1.0.12
+  codeql/python-all:
+    version: 2.2.0
+  codeql/regex:
+    version: 1.0.12
+  codeql/ssa:
+    version: 1.0.12
+  codeql/threat-models:
+    version: 1.0.12
+  codeql/tutorial:
+    version: 1.0.12
+  codeql/typetracking:
+    version: 1.0.12
+  codeql/util:
+    version: 1.0.12
+  codeql/xml:
+    version: 1.0.12
+  codeql/yaml:
+    version: 1.0.12
+compiled: false

python/src/qlpack.yml

@@ -0,0 +1,8 @@
+name: mfairhurst/qtil-python
+library: true
+warnOnImplicitThis: false
+version: 0.0.1
+license: MIT
+dependencies:
+  codeql/python-all: '>=0.0.1 <5.0.0'
+  mfairhurst/qtil: 0.0.1

python/src/qtil/Python.qll

@@ -0,0 +1,8 @@
+module Qtil {
+  private import qtil.Qtil as Common
+  // Importing qtil.Cpp should import all of Qtil.
+  import Common::Qtil
+  import qtil.python.ast.TwoOperands 
+  import qtil.python.format.QlFormat
+  import qtil.python.graph.CustomPathProblem
+}

python/src/qtil/python/ast/TwoOperands.qll

@@ -0,0 +1,63 @@
+import python as python
+import qtil.parameterization.SignatureTypes
+import qtil.parameterization.Finalize
+
+/**
+ * A module for dealing with pairs of exclusive operands in C++ ASTs.
+ *
+ * For instance, to find cases where one operand is an integer and the other is a constant, you
+ * will want to to perform checks on each operand separately and consistently without worrying about
+ * order. This module makes this common pattern easy to implement.
+ *
+ * This module takes two type parameters:
+ *  - `Operand`: the type of the operands (e.g. `Expr`)
+ *  - `HasOperands`: a type that has operands of type `Operand` (e.g. `BinaryExpr`)
+ *
+ * ```ql
+ * // Using this module:
+ * predicate myBinaryTestNew(BinaryExpr e) {
+ *   exists(TwoOperands<BinaryExpr>::Set set |
+ *     set.getOperation() = e and
+ *     set.someOperand().isInteger() and
+ *     set.otherOperand().isConstant()
+ *   )
+ * }
+ *
+ * // Is roughly equivalent to:
+ * predicate myBinaryTestOld(BinaryExpr e) {
+ *   exists(Expr a, Expr b |
+ *     e.getAnOperand() = a and
+ *     e.getAnOperand() = b and
+ *     a != b and
+ *     a.isInteger() and
+ *     b.isConstant()
+ *   )
+ * }
+ * ```
+ *
+ * Some caution about using this module: for each use, two `Set` objects exst. If you do not
+ * properly constrain the usage of `someOperand()` and `otherOperand()`, then these members could
+ * hold for different `Set`s. Therefore, `someOperand()` and `otherOperand()` may be the same
+ * operand. This will not happen if the `Set` is properly constrained across the two member
+ * invocations.
+ *
+ * ```ql
+ * predicate bug(BinaryExpr e) {
+ *   // Bad: the two sets are not constrained to the same instance, therefore the operands not
+ *   // guaranteed to be different.
+ *   TwoOperands<BinaryExpr>::getASet(e).someOperand().isInteger() and
+ *   TwoOperands<BinaryExpr>::getASet(e).otherOperand().isConstant()
+ * }
+ * ```
+ */
+module TwoOperands<Signature<python::BinaryExpr>::Type BinOp> {
+  private import qtil.ast.TwoOperands as Make
+
+  // The `TwoOperands` module expects a `getAnOperand` member to be defined in the `BinOp` type, so
+  // we define it here. The `TwoOperands` module should still work for any `BinaryExpr`.
+  private class AddGetAnOperand extends Final<BinOp>::Type {
+    python::Expr getAnOperand() { result = getLeft() or result = getRight() }
+  }
+
+  import Make::TwoOperands<python::Expr, AddGetAnOperand>
+}

python/src/qtil/python/format/QlFormat.qll

@@ -0,0 +1,5 @@
+private import qtil.format.QLFormat
+private import python
+private import qtil.python.locations.Locatable
+
+import QlFormat<Location, PythonLocatableConfig>

python/src/qtil/python/graph/CustomPathProblem.qll

@@ -0,0 +1,6 @@
+private import qtil.locations.CustomPathProblem
+private import qtil.python.locations.Locatable
+private import python
+
+// Import the python specific configuration for making custom path problems.
+import PathProblem<Location, PythonLocatableConfig>

python/src/qtil/python/locations/Locatable.qll

@@ -0,0 +1,9 @@
+private import qtil.locations.Locatable
+private import python as python
+
+/**
+ * A module to declare `Locatable`s specific to python for use in other qtil modules.
+ */
+module PythonLocatableConfig implements LocatableConfig<python::Location> {
+  class Locatable = python::AstNode;
+}

python/test/codeql-pack.lock.yml

@@ -0,0 +1,26 @@
+---
+lockVersion: 1.0.0
+dependencies:
+  codeql/dataflow:
+    version: 1.1.6
+  codeql/mad:
+    version: 1.0.12
+  codeql/python-all:
+    version: 2.2.0
+  codeql/regex:
+    version: 1.0.12
+  codeql/ssa:
+    version: 1.0.12
+  codeql/threat-models:
+    version: 1.0.12
+  codeql/tutorial:
+    version: 1.0.12
+  codeql/typetracking:
+    version: 1.0.12
+  codeql/util:
+    version: 1.0.12
+  codeql/xml:
+    version: 1.0.12
+  codeql/yaml:
+    version: 1.0.12
+compiled: false

python/test/qlpack.yml

@@ -0,0 +1,8 @@
+name: mfairhurst/qtil-python-test
+library: true
+warnOnImplicitThis: false
+version: 0.0.1
+license: MIT
+dependencies:
+  mfairhurst/qtil-python: "*"
+extractor: python

python/test/qtil/python/ast/TwoOperandsTest.expected

@@ -0,0 +1,2 @@
+| test.py:3:5:3:9 | BinaryExpr | test.py:3:5:3:5 | a | test.py:3:9:3:9 | b |
+| test.py:4:5:4:9 | BinaryExpr | test.py:4:9:4:9 | a | test.py:4:5:4:5 | b |