Skip to content

Commit ba06990

Browse files
joefarebrotherjoefarebrother
committed
Add socketio models
1 parent 4d4a677 commit ba06990

File tree

1 file changed

+59
-0
lines changed

1 file changed

+59
-0
lines changed

python/ql/lib/semmle/python/frameworks/Socketio.qll

Lines changed: 59 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,59 @@
1+
/**
2+
* Provides definitions and modelling for the `python-socketio` PyPI package.
3+
* See https://python-socketio.readthedocs.io/en/stable/.
4+
*/
5+
6+
private import python
7+
private import semmle.python.dataflow.new.DataFlow
8+
private import semmle.python.dataflow.new.TaintTracking
9+
private import semmle.python.Concepts
10+
private import semmle.python.ApiGraphs
11+
private import semmle.python.frameworks.internal.PoorMansFunctionResolution
12+
13+
/**
14+
* Provides models for the `python-socketio` PyPI package.
15+
* See https://python-socketio.readthedocs.io/en/stable/.
16+
*/
17+
module SocketIO {
18+
/** An instance of a socketio `Server` or `AsyncServer`. */
19+
API::Node server() {
20+
result = API::moduleImport("socketio").getMember(["Server", "AsyncServer"]).getAnInstance()
21+
}
22+
23+
API::Node serverEventAnnotation() {
24+
result = server().getMember("event")
25+
or
26+
result = server().getMember("on").getReturn()
27+
}
28+
29+
private class EventHandler extends Http::Server::RequestHandler::Range {
30+
EventHandler() {
31+
serverEventAnnotation().getAValueReachableFromSource().asExpr() = this.getADecorator()
32+
}
33+
34+
override Parameter getARoutedParameter() { result = this.getAnArg() }
35+
36+
override string getFramework() { result = "socketio" }
37+
}
38+
39+
private class CallbackArgument extends DataFlow::Node {
40+
CallbackArgument() {
41+
exists(DataFlow::CallCfgNode c | c = server().getMember(["emit", "send"]).getACall() |
42+
this = c.getArgByName("callback")
43+
)
44+
or
45+
exists(DataFlow::CallCfgNode c | c = server().getMember("on").getACall() |
46+
this = c.getArg(1) or
47+
this = c.getArgByName("handler")
48+
)
49+
}
50+
}
51+
52+
private class CallbackHandler extends Http::Server::RequestHandler::Range {
53+
CallbackHandler() { any(CallbackArgument ca) = poorMansFunctionTracker(this) }
54+
55+
override Parameter getARoutedParameter() { result = this.getAnArg() }
56+
57+
override string getFramework() { result = "socketio" }
58+
}
59+
}

0 commit comments

Comments
 (0)