github · RasmusWL · Mar 30, 2020 · Mar 30, 2020 · Mar 30, 2020 · Mar 30, 2020
diff --git a/python/ql/examples/snippets/builtin_object.ql b/python/ql/examples/snippets/builtin_object.ql
@@ -6,7 +6,7 @@
  *       builtin
  *       object
  */
- 
+
 import python
 
 from Expr e, string name

diff --git a/python/ql/examples/snippets/call.ql b/python/ql/examples/snippets/call.ql
@@ -5,7 +5,7 @@
  * @tags call
  *       function
  */
- 
+
 import python
 
 from Value len, CallNode call

diff --git a/python/ql/examples/snippets/catch_exception.ql b/python/ql/examples/snippets/catch_exception.ql
@@ -6,11 +6,11 @@
  *       try
  *       exception
  */
- 
+
 import python
 
 from ExceptStmt ex, ClassValue cls
-where 
+where
     cls.getName() = "MyExceptionClass" and
     ex.getType().pointsTo(cls)
 select ex
diff --git a/python/ql/examples/snippets/conditional_expression.ql b/python/ql/examples/snippets/conditional_expression.ql
@@ -11,7 +11,8 @@
 import python
 
 from IfExp e, ClassObject cls1, ClassObject cls2
-where 
-    e.getBody().refersTo(_, cls1, _) and e.getOrelse().refersTo(_, cls2, _) and
+where
+    e.getBody().refersTo(_, cls1, _) and
+    e.getOrelse().refersTo(_, cls2, _) and
     cls1 != cls2
-select e
+select e
diff --git a/python/ql/examples/snippets/emptyblock.ql b/python/ql/examples/snippets/emptyblock.ql
@@ -6,7 +6,7 @@
  *       block
  *       statement
  */
- 
+
 import python
 
 from StmtList blk

diff --git a/python/ql/examples/snippets/emptythen.ql b/python/ql/examples/snippets/emptythen.ql
@@ -1,21 +1,21 @@
 /**
  * @id py/examples/emptythen
  * @name If statements with empty then branch
- * @description Finds 'if' statements where the "then" branch 
+ * @description Finds 'if' statements where the "then" branch
  *              consists entirely of Pass statements
  * @tags if
  *       then
  *       empty
  *       conditional
  *       branch
  */
- 
+
 import python
 
 from If i
 where
     not exists(Stmt s |
-        i.getStmt(_) = s and 
+        i.getStmt(_) = s and
         not s instanceof Pass
     )
 select i
diff --git a/python/ql/examples/snippets/eq_true.ql b/python/ql/examples/snippets/eq_true.ql
@@ -6,7 +6,7 @@
  *       test
  *       boolean
  */
- 
+
 import python
 
 from Compare eq

diff --git a/python/ql/examples/snippets/equalitystmt.ql b/python/ql/examples/snippets/equalitystmt.ql
@@ -6,7 +6,7 @@
  *       equality
  *       expression statement
  */
- 
+
 import python
 
 from ExprStmt e, Compare eq

diff --git a/python/ql/examples/snippets/extend_class.ql b/python/ql/examples/snippets/extend_class.ql
@@ -9,11 +9,11 @@
  *       subtype
  *       supertype
  */
- 
+
 import python
 
 from ClassObject sub, ClassObject base
-where 
+where
     base.getName() = "MyClass" and
     sub.getABaseType() = base
 select sub
diff --git a/python/ql/examples/snippets/filename.ql b/python/ql/examples/snippets/filename.ql
@@ -4,7 +4,7 @@
  * @description Finds files called `spam.py`
  * @tags file
  */
- 
+
 import python
 
 from File f

diff --git a/python/ql/examples/snippets/generator.ql b/python/ql/examples/snippets/generator.ql
@@ -10,4 +10,4 @@ import python
 
 from Function f
 where f.isGenerator()
-select f
+select f
diff --git a/python/ql/examples/snippets/integer_literal.ql b/python/ql/examples/snippets/integer_literal.ql
@@ -5,7 +5,7 @@
  * @tags integer
  *       literal
  */
- 
+
 import python
 
 from IntegerLiteral literal

diff --git a/python/ql/examples/snippets/method_call.ql b/python/ql/examples/snippets/method_call.ql
@@ -5,11 +5,11 @@
  * @tags call
  *       method
  */
- 
+
 import python
 
 from AstNode call, PythonFunctionValue method
-where 
+where
     method.getQualifiedName() = "MyClass.methodName" and
     method.getACall().getNode() = call
 select call
diff --git a/python/ql/examples/snippets/new_instance.ql b/python/ql/examples/snippets/new_instance.ql
@@ -6,7 +6,7 @@
  *       constructor
  *       new
  */
- 
+
 import python
 
 from Call new, ClassValue cls

diff --git a/python/ql/examples/snippets/override_method.ql b/python/ql/examples/snippets/override_method.ql
@@ -5,7 +5,7 @@
  * @tags method
  *       override
  */
- 
+
 import python
 
 from FunctionObject override, FunctionObject base

diff --git a/python/ql/examples/snippets/print.ql b/python/ql/examples/snippets/print.ql
@@ -4,11 +4,11 @@
  * @description Find print statements or calls to the builtin function 'print'
  * @tags print
  */
- 
+
 import python
 
 from AstNode print
-where 
+where
     /* Python 2 without `from __future__ import print_function` */
     print instanceof Print
     or

diff --git a/python/ql/examples/snippets/private_access.ql b/python/ql/examples/snippets/private_access.ql
@@ -1,19 +1,20 @@
 /**
  * @id py/examples/private-access
  * @name Private access
- * @description Find accesses to "private" attributes (those starting with an underscore) 
+ * @description Find accesses to "private" attributes (those starting with an underscore)
  * @tags access
  *       private
  */
- 
+
 import python
 
 predicate is_private(Attribute a) {
-    a.getName().matches("\\_%") and 
+    a.getName().matches("\\_%") and
     not a.getName().matches("\\_\\_%\\_\\_")
 }
 
 from Attribute access
-where is_private(access) and
-not access.getObject().(Name).getId() = "self"
+where
+    is_private(access) and
+    not access.getObject().(Name).getId() = "self"
 select access
diff --git a/python/ql/examples/snippets/raise_exception.ql b/python/ql/examples/snippets/raise_exception.ql
@@ -6,13 +6,11 @@
  *       raise
  *       exception
  */
- 
+
 import python
 
 from Raise raise, ClassValue ex
 where
     ex.getName() = "AnException" and
-    (
-        raise.getException().pointsTo(ex.getASuperType())
-    )
+    raise.getException().pointsTo(ex.getASuperType())
 select raise, "Don't raise instances of 'AnException'"
diff --git a/python/ql/examples/snippets/raw_string.ql b/python/ql/examples/snippets/raw_string.ql
@@ -1,11 +1,11 @@
 /**
  * @id py/examples/raw-string
  * @name Raw string literals
- * @description Finds string literals with an 'r' prefix 
+ * @description Finds string literals with an 'r' prefix
  * @tags string
  *       raw
  */
- 
+
 import python
 
 from StrConst s

diff --git a/python/ql/examples/snippets/store_none.ql b/python/ql/examples/snippets/store_none.ql
@@ -8,11 +8,11 @@
  *       collection
  *       add
  */
- 
+
 import python
 
 from SubscriptNode store
-where 
+where
     store.isStore() and
     store.getIndex().pointsTo(Value::named("None"))
 select store
diff --git a/python/ql/examples/snippets/tryfinally.ql b/python/ql/examples/snippets/tryfinally.ql
@@ -10,6 +10,7 @@
 import python
 
 from Try t
-where exists(t.getFinalbody())
-  and not exists(t.getAHandler())
+where
+    exists(t.getFinalbody()) and
+    not exists(t.getAHandler())
 select t
diff --git a/python/ql/src/Classes/ConflictingAttributesInBaseClasses.ql b/python/ql/src/Classes/ConflictingAttributesInBaseClasses.ql
@@ -15,13 +15,13 @@ import python
 
 predicate does_nothing(PyFunctionObject f) {
     not exists(Stmt s | s.getScope() = f.getFunction() |
-        not s instanceof Pass and not ((ExprStmt)s).getValue() = f.getFunction().getDocString()
+        not s instanceof Pass and not s.(ExprStmt).getValue() = f.getFunction().getDocString()
     )
 }
 
 /* If a method performs a super() call then it is OK as the 'overridden' method will get called */
 predicate calls_super(FunctionObject f) {
-    exists(Call sup, Call meth, Attribute attr, GlobalVariable v | 
+    exists(Call sup, Call meth, Attribute attr, GlobalVariable v |
         meth.getScope() = f.getFunction() and
         meth.getFunc() = attr and
         attr.getObject() = sup and
@@ -33,25 +33,29 @@ predicate calls_super(FunctionObject f) {
 
 /** Holds if the given name is white-listed for some reason */
 predicate whitelisted(string name) {
-    /* The standard library specifically recommends this :(
-     * See https://docs.python.org/3/library/socketserver.html#asynchronous-mixins */
+    /*
+     * The standard library specifically recommends this :(
+     * See https://docs.python.org/3/library/socketserver.html#asynchronous-mixins
+     */
+
     name = "process_request"
 }
 
-from ClassObject c, ClassObject b1, ClassObject b2, string name,
-int i1, int i2, Object o1, Object o2
-where c.getBaseType(i1) = b1 and
-c.getBaseType(i2) = b2 and 
-i1 < i2 and o1 != o2 and
-o1 = b1.lookupAttribute(name) and 
-o2 = b2.lookupAttribute(name) and
-not name.matches("\\_\\_%\\_\\_") and
-not calls_super(o1) and
-not does_nothing(o2) and
-not whitelisted(name) and
-not o1.overrides(o2) and
-not o2.overrides(o1) and
-not c.declaresAttribute(name)
-
-select c, "Base classes have conflicting values for attribute '" + name + "': $@ and $@.", o1, o1.toString(), o2, o2.toString()
-
+from
+    ClassObject c, ClassObject b1, ClassObject b2, string name, int i1, int i2, Object o1, Object o2
+where
+    c.getBaseType(i1) = b1 and
+    c.getBaseType(i2) = b2 and
+    i1 < i2 and
+    o1 != o2 and
+    o1 = b1.lookupAttribute(name) and
+    o2 = b2.lookupAttribute(name) and
+    not name.matches("\\_\\_%\\_\\_") and
+    not calls_super(o1) and
+    not does_nothing(o2) and
+    not whitelisted(name) and
+    not o1.overrides(o2) and
+    not o2.overrides(o1) and
+    not c.declaresAttribute(name)
+select c, "Base classes have conflicting values for attribute '" + name + "': $@ and $@.", o1,
+    o1.toString(), o2, o2.toString()
diff --git a/python/ql/src/Classes/DefineEqualsWhenAddingAttributes.ql b/python/ql/src/Classes/DefineEqualsWhenAddingAttributes.ql
@@ -15,7 +15,9 @@ import semmle.python.SelfAttribute
 import Equality
 
 predicate class_stores_to_attribute(ClassObject cls, SelfAttributeStore store, string name) {
-    exists(FunctionObject f | f = cls.declaredAttribute(_) and store.getScope() = f.getFunction() and store.getName() = name) and
+    exists(FunctionObject f |
+        f = cls.declaredAttribute(_) and store.getScope() = f.getFunction() and store.getName() = name
+    ) and
     /* Exclude classes used as metaclasses */
     not cls.getASuperType() = theTypeType()
 }
@@ -30,23 +32,26 @@ predicate should_override_eq(ClassObject cls, Object base_eq) {
     )
 }
 
-/** Does the non-overridden __eq__ method access the attribute,
+/**
+ * Does the non-overridden __eq__ method access the attribute,
  * which implies that the  __eq__ method does not need to be overridden.
  */
 predicate superclassEqExpectsAttribute(ClassObject cls, PyFunctionObject base_eq, string attrname) {
     not cls.declaresAttribute("__eq__") and
     exists(ClassObject sup | sup = cls.getABaseType() and sup.declaredAttribute("__eq__") = base_eq |
-        exists(SelfAttributeRead store |
-            store.getName() = attrname |
+        exists(SelfAttributeRead store | store.getName() = attrname |
             store.getScope() = base_eq.getFunction()
         )
     )
 }
 
 from ClassObject cls, SelfAttributeStore store, Object base_eq
-where class_stores_to_attribute(cls, store, _) and should_override_eq(cls, base_eq) and
-/* Don't report overridden unittest.TestCase. -- TestCase overrides __eq__, but subclasses do not really need to. */
-not cls.getASuperType().getName() = "TestCase" and
-not superclassEqExpectsAttribute(cls, base_eq, store.getName())
-
-select cls, "The class '" + cls.getName() + "' does not override $@, but adds the new attribute $@.", base_eq,  "'__eq__'", store, store.getName()
+where
+    class_stores_to_attribute(cls, store, _) and
+    should_override_eq(cls, base_eq) and
+    /* Don't report overridden unittest.TestCase. -- TestCase overrides __eq__, but subclasses do not really need to. */
+    not cls.getASuperType().getName() = "TestCase" and
+    not superclassEqExpectsAttribute(cls, base_eq, store.getName())
+select cls,
+    "The class '" + cls.getName() + "' does not override $@, but adds the new attribute $@.", base_eq,
+    "'__eq__'", store, store.getName()
-Original file line number
+Diff line change
@@ Expand Up / @@ -6,7 +6,7 @@ @@
      *       block
      *       statement
      */
     import python
     from StmtList blk
@@ Expand Down @@