Merge pull request #10265 from yoff/python/port-UnguardedNextInGenerator

Approved by tausbn

Author: codeql-ci

python/ql/src/Exceptions/UnguardedNextInGenerator.ql

@@ -11,17 +11,22 @@
  */
 
 import python
+private import semmle.python.ApiGraphs
 
-FunctionValue iter() { result = Value::named("iter") }
+API::Node iter() { result = API::builtin("iter") }
 
-BuiltinFunctionValue next() { result = Value::named("next") }
+API::Node next() { result = API::builtin("next") }
+
+API::Node stopIteration() { result = API::builtin("StopIteration") }
 
 predicate call_to_iter(CallNode call, EssaVariable sequence) {
-  sequence.getAUse() = iter().getArgumentForCall(call, 0)
+  call = iter().getACall().asCfgNode() and
+  call.getArg(0) = sequence.getAUse()
 }
 
 predicate call_to_next(CallNode call, ControlFlowNode iter) {
-  iter = next().getArgumentForCall(call, 0)
+  call = next().getACall().asCfgNode() and
+  call.getArg(0) = iter
 }
 
 predicate call_to_next_has_default(CallNode call) {
@@ -47,7 +52,7 @@ predicate iter_not_exhausted(EssaVariable iterator) {
 predicate stop_iteration_handled(CallNode call) {
   exists(Try t |
     t.containsInScope(call.getNode()) and
-    t.getAHandler().getType().pointsTo(ClassValue::stopIteration())
+    t.getAHandler().getType() = stopIteration().getAValueReachableFromSource().asExpr()
   )
 }
 
@@ -61,5 +66,11 @@ where
   ) and
   call.getNode().getScope().(Function).isGenerator() and
   not exists(Comp comp | comp.contains(call.getNode())) and
-  not stop_iteration_handled(call)
+  not stop_iteration_handled(call) and
+  // PEP 479 removes this concern from 3.7 onwards
+  // see: https://peps.python.org/pep-0479/
+  //
+  // However, we do not know the minor version of the analyzed code (only of the extractor),
+  // so we only alert on Python 2.
+  major_version() = 2
 select call, "Call to next() in a generator"