diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 0b0034b..0db91ee 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -18,35 +18,41 @@ jobs: analyze: name: Analyze runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write strategy: fail-fast: false matrix: - # Override automatic language detection by changing the below list - # Supported options are ['csharp', 'cpp', 'go', 'java', 'javascript', 'python'] language: ['cpp', 'python'] - # Learn more... - # https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#overriding-automatic-language-detection + # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ] + # Use only 'java' to analyze code written in Java, Kotlin or both + # Use only 'javascript' to analyze code written in JavaScript, TypeScript or both + # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support steps: - name: Checkout repository - uses: actions/checkout@v2 + uses: actions/checkout@v3 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v1 + uses: github/codeql-action/init@v2 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. # By default, queries listed here will override any specified in a config file. # Prefix the list here with "+" to use these queries and those in the config file. - # queries: ./path/to/local/query, your-org/your-repo/queries@main - # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). + # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs + # queries: security-extended,security-and-quality + + # Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java). # If this step fails, then you should remove it and run the build manually (see below) - if: matrix.language == 'python' name: Autobuild Python - uses: github/codeql-action/autobuild@v1 + uses: github/codeql-action/autobuild@v2 - if: matrix.language == 'cpp' name: Build C++ @@ -56,4 +62,6 @@ jobs: make - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v1 + uses: github/codeql-action/analyze@v2 + with: + category: "/language:${{matrix.language}}" diff --git a/ASTree.cpp b/ASTree.cpp index 217283e..723a288 100644 --- a/ASTree.cpp +++ b/ASTree.cpp @@ -474,6 +474,7 @@ PycRef BuildFromCode(PycRef code, PycModule* mod) stack.push(new ASTTuple(values)); } break; + case Pyc::CALL_A: case Pyc::CALL_FUNCTION_A: { int kwparams = (operand & 0xFF00) >> 8; @@ -546,6 +547,9 @@ PycRef BuildFromCode(PycRef code, PycModule* mod) } PycRef func = stack.top(); stack.pop(); + if (opcode == Pyc::CALL_A && stack.top() == nullptr) + stack.pop(); + stack.push(new ASTCall(func, pparamList, kwparamList)); } break; @@ -1033,8 +1037,6 @@ PycRef BuildFromCode(PycRef code, PycModule* mod) } break; case Pyc::GET_ITER: - /* We just entirely ignore this */ - break; case Pyc::GET_YIELD_FROM_ITER: /* We just entirely ignore this */ break; @@ -2547,14 +2549,18 @@ PycRef BuildFromCode(PycRef code, PycModule* mod) case Pyc::SETUP_ANNOTATIONS: variable_annotations = true; break; + case Pyc::PRECALL_A: + case Pyc::RESUME_A: + /* We just entirely ignore this / no-op */ + break; case Pyc::CACHE: /* These "fake" opcodes are used as placeholders for optimizing certain opcodes in Python 3.11+. Since we have no need for that during disassembly/decompilation, we can just treat these as no-ops. */ break; - case Pyc::RESUME_A: - /* Treated as no-op for decompyle purposes */ + case Pyc::PUSH_NULL: + stack.push(nullptr); break; default: fprintf(stderr, "Unsupported opcode: %s\n", Pyc::OpcodeName(opcode & 0xFF)); diff --git a/tests/compiled/test_calls.3.1.pyc b/tests/compiled/test_calls.3.1.pyc new file mode 100644 index 0000000..63dd6e5 Binary files /dev/null and b/tests/compiled/test_calls.3.1.pyc differ diff --git a/tests/compiled/test_calls.3.10.pyc b/tests/compiled/test_calls.3.10.pyc new file mode 100644 index 0000000..a4886aa Binary files /dev/null and b/tests/compiled/test_calls.3.10.pyc differ diff --git a/tests/compiled/test_calls.3.11.pyc b/tests/compiled/test_calls.3.11.pyc new file mode 100644 index 0000000..09cb36f Binary files /dev/null and b/tests/compiled/test_calls.3.11.pyc differ diff --git a/tests/compiled/test_calls.3.5.pyc b/tests/compiled/test_calls.3.5.pyc new file mode 100644 index 0000000..3e7d6f6 Binary files /dev/null and b/tests/compiled/test_calls.3.5.pyc differ diff --git a/tests/compiled/test_calls.3.8.pyc b/tests/compiled/test_calls.3.8.pyc new file mode 100644 index 0000000..5a68f9d Binary files /dev/null and b/tests/compiled/test_calls.3.8.pyc differ diff --git a/tests/input/test_calls.py b/tests/input/test_calls.py new file mode 100644 index 0000000..c2ec4d0 --- /dev/null +++ b/tests/input/test_calls.py @@ -0,0 +1,9 @@ +import sys +import os + +sys.stdout.write('Test\n') +sys.stdout.write(os.path.join('foo', 'bar')) + +print('\n') +print(eval('4 * 13')) +print() diff --git a/tests/tokenized/test_calls.txt b/tests/tokenized/test_calls.txt new file mode 100644 index 0000000..3300e23 --- /dev/null +++ b/tests/tokenized/test_calls.txt @@ -0,0 +1,7 @@ +import sys +import os +sys . stdout . write ( 'Test\n' ) +sys . stdout . write ( os . path . join ( 'foo' , 'bar' ) ) +print ( '\n' ) +print ( eval ( '4 * 13' ) ) +print ( )