codeql icon indicating copy to clipboard operation
codeql copied to clipboard

Published 20 hours ago verified publisher icon github

Python: Fix bug in handling of `**kwargs` in class bases

Open tausbn opened this issue 1 year ago • 0 comments
trafficstars

This caused a dataset check error on the python/cpython database, as we had a DictUnpacking node whose parent was not a dict_item_list, but rather an expr_list.

Investigating a bit further revealed that this was because in a construction like

class C[T](base, foo=bar, **kwargs): ...

we were mistakenly adding **kwargs to the same list as base (which is just a list of expressions), rather than the same list as foo=bar (which is a list of dictionary items)

The ultimate cause of this was the use of ! name in python.tsg to distinguish between bases and keyword arguments (only the latter of which have the name field). Because dictionary_splat doesn't have a name field either, these were mistakenly put in the wrong list, leading to the error.

Also, because our previous test of class statements did not include a **kwargs construction, we were not checking that the new parser behaved correctly in this case. For the most part this was not a problem, but on files that use syntax not supported by the old parser (like type parameters on classes), this became an issue. This is also why we did not see this error previously.

To fix this, we added ! value (which is a field present on dictionary_splat nodes) as a secondary filter, and added a third stanza to handle dictionary_splat nodes.

Pull Request checklist

All query authors

Internal query authors only

  • [ ] Autofixes generated based on these changes are valid, only needed if this PR makes significant changes to .ql, .qll, or .qhelp files. See the documentation (internal access required).
  • [ ] Changes are validated at scale (internal access required).
  • [ ] Adding a new query? Consider also adding the query to autofix.

tausbn avatar Oct 18 '24 15:10 tausbn