Python: Follow conventions of getASomething

RasmusWL · RasmusWL · commit adec76d04185 · 2020-02-17T16:55:55.000+01:00
When multiple results are available, we usually name the function
`getAnArgument` or `getASomething`. The support for django copied the way bottle
did things, so this commits cleans up both
diff --git a/python/ql/src/semmle/python/web/bottle/General.qll b/python/ql/src/semmle/python/web/bottle/General.qll
@@ -36,7 +36,7 @@ class BottleRoute extends ControlFlowNode {
 
     Function getFunction() { bottle_route(this, _, result) }
 
-    Parameter getNamedArgument() {
+    Parameter getANamedArgument() {
         exists(string name, Function func |
             func = this.getFunction() and
             func.getArgByName(name) = result and
diff --git a/python/ql/src/semmle/python/web/bottle/Request.qll b/python/ql/src/semmle/python/web/bottle/Request.qll
@@ -71,7 +71,7 @@ class UntrustedFile extends TaintKind {
 /** Parameter to a bottle request handler function */
 class BottleRequestParameter extends HttpRequestTaintSource {
     BottleRequestParameter() {
-        exists(BottleRoute route | route.getNamedArgument() = this.(ControlFlowNode).getNode())
+        exists(BottleRoute route | route.getANamedArgument() = this.(ControlFlowNode).getNode())
     }
 
     override predicate isSourceOf(TaintKind kind) { kind instanceof UntrustedStringKind }
diff --git a/python/ql/src/semmle/python/web/django/General.qll b/python/ql/src/semmle/python/web/django/General.qll
@@ -19,7 +19,7 @@ class DjangoRoute extends CallNode {
 
     FunctionValue getViewFunction() { django_route(this, _, result) }
 
-    string getNamedArgument() {
+    string getANamedArgument() {
         exists(DjangoRouteRegex regex |
             django_route(this, regex.getAFlowNode(), _) and
             regex.getGroupName(_, _) = result
@@ -32,8 +32,8 @@ class DjangoRoute extends CallNode {
       */
     int getNumPositionalArguments() {
         exists(DjangoRouteRegex regex |
+            not exists(this.getANamedArgument()) and
             django_route(this, regex.getAFlowNode(), _) and
-            not exists(string s | s = regex.getGroupName(_, _)) and
             result = count(regex.getGroupNumber(_, _))
         )
     }
diff --git a/python/ql/src/semmle/python/web/django/Request.qll b/python/ql/src/semmle/python/web/django/Request.qll
@@ -81,7 +81,7 @@ class DjangoRequestParameter extends HttpRequestTaintSource {
     DjangoRequestParameter() {
         exists(DjangoRoute route, Function f |
             f = route.getViewFunction().getScope() |
-            this.(ControlFlowNode).getNode() = f.getArgByName(route.getNamedArgument())
+            this.(ControlFlowNode).getNode() = f.getArgByName(route.getANamedArgument())
             or
             exists(int i | i >= 0 |
                 i < route.getNumPositionalArguments() and

Original file line number	Diff line number	Diff line change
`@@ -71,7 +71,7 @@ class UntrustedFile extends TaintKind {`
`71`	`71`	`/** Parameter to a bottle request handler function */`
`72`	`72`	`class BottleRequestParameter extends HttpRequestTaintSource {`
`73`	`73`	`BottleRequestParameter() {`
`74`		`- exists(BottleRoute route \| route.getNamedArgument() = this.(ControlFlowNode).getNode())`
	`74`	`+ exists(BottleRoute route \| route.getANamedArgument() = this.(ControlFlowNode).getNode())`
`75`	`75`	`}`
`76`	`76`
`77`	`77`	`override predicate isSourceOf(TaintKind kind) { kind instanceof UntrustedStringKind }`