Python: Port getCyclomaticComplexity function

tausbn · tausbn · commit 156d2c09a0f1 · 2026-03-09T17:22:01.000Z
Note that this does not give the exact same results as the old function,
however it's not clear to me that the old results were actually correct
(it _looks_ like `read()` might be doing an IO operation, but in fact
`read` is not defined, so at best this will raise a NameError, not an
IOError).
diff --git a/python/ql/lib/LegacyPointsTo.qll b/python/ql/lib/LegacyPointsTo.qll
@@ -433,38 +433,6 @@ private predicate exits_early(BasicBlock b) {
 
 /** The metrics for a function that require points-to analysis */
 class FunctionMetricsWithPointsTo extends FunctionMetrics {
-  /**
-   * Gets the cyclomatic complexity of the function:
-   * The number of linearly independent paths through the source code.
-   * Computed as     E - N + 2P,
-   * where
-   *  E = the number of edges of the graph.
-   *  N = the number of nodes of the graph.
-   *  P = the number of connected components, which for a single function is 1.
-   */
-  int getCyclomaticComplexity() {
-    exists(int e, int n |
-      n = count(BasicBlockWithPointsTo b | b = this.getABasicBlock() and b.likelyReachable()) and
-      e =
-        count(BasicBlockWithPointsTo b1, BasicBlockWithPointsTo b2 |
-          b1 = this.getABasicBlock() and
-          b1.likelyReachable() and
-          b2 = this.getABasicBlock() and
-          b2.likelyReachable() and
-          b2 = b1.getASuccessor() and
-          not b1.unlikelySuccessor(b2)
-        )
-    |
-      result = e - n + 2
-    )
-  }
-
-  private BasicBlock getABasicBlock() {
-    result = this.getEntryNode().getBasicBlock()
-    or
-    exists(BasicBlock mid | mid = this.getABasicBlock() and result = mid.getASuccessor())
-  }
-
   /**
    * Dependency of Callables
    * One callable "this" depends on another callable "result"
diff --git a/python/ql/lib/semmle/python/Metrics.qll b/python/ql/lib/semmle/python/Metrics.qll
@@ -1,5 +1,6 @@
 import python
 private import semmle.python.SelfAttribute
+private import semmle.python.dataflow.new.internal.DataFlowDispatch
 
 /** The metrics for a function */
 class FunctionMetrics extends Function {
@@ -27,6 +28,32 @@ class FunctionMetrics extends Function {
   int getStatementNestingDepth() { result = max(Stmt s | s.getScope() = this | getNestingDepth(s)) }
 
   int getNumberOfCalls() { result = count(Call c | c.getScope() = this) }
+
+  /**
+   * Gets the cyclomatic complexity of the function:
+   * The number of linearly independent paths through the source code.
+   * Computed as     E - N + 2P,
+   * where
+   *  E = the number of edges of the graph.
+   *  N = the number of nodes of the graph.
+   *  P = the number of connected components, which for a single function is 1.
+   */
+  int getCyclomaticComplexity() {
+    exists(int n, int e |
+      n = count(BasicBlock b | b.getScope() = this and Reachability::likelyReachable(b)) and
+      e =
+        count(BasicBlock b1, BasicBlock b2 |
+          b1.getScope() = this and
+          Reachability::likelyReachable(b1) and
+          b2.getScope() = this and
+          Reachability::likelyReachable(b2) and
+          b2 = b1.getASuccessor() and
+          not Reachability::unlikelySuccessor(b1.getLastNode(), b2.firstNode())
+        )
+    |
+      result = e - n + 2
+    )
+  }
 }
 
 /** The metrics for a class */
diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowDispatch.qll b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowDispatch.qll
@@ -2345,6 +2345,19 @@ module Reachability {
     )
   }
 
+  /**
+   * Holds if `node` is unlikely to raise an exception. This includes entry nodes
+   * and simple name lookups.
+   */
+  private predicate unlikelyToRaise(ControlFlowNode node) {
+    exists(node.getAnExceptionalSuccessor()) and
+    (
+      node.getNode() instanceof Name
+      or
+      exists(Scope s | s.getEntryNode() = node)
+    )
+  }
+
   /**
    * Holds if it is highly unlikely for control to flow from `node` to `succ`.
    */
@@ -2357,6 +2370,10 @@ module Reachability {
     succ = node.getASuccessor() and
     not succ = node.getAnExceptionalSuccessor() and
     not succ.getNode() instanceof Yield
+    or
+    // Exception edge from a node that is unlikely to raise
+    unlikelyToRaise(node) and
+    succ = node.getAnExceptionalSuccessor()
   }
 
   private predicate startBbLikelyReachable(BasicBlock b) {
diff --git a/python/ql/src/Metrics/CyclomaticComplexity.ql b/python/ql/src/Metrics/CyclomaticComplexity.ql
@@ -13,8 +13,8 @@
  */
 
 import python
-private import LegacyPointsTo
+import semmle.python.Metrics
 
-from FunctionMetricsWithPointsTo func, int complexity
+from FunctionMetrics func, int complexity
 where complexity = func.getCyclomaticComplexity()
 select func, complexity order by complexity desc
diff --git a/python/ql/test/query-tests/Metrics/cyclo/CyclomaticComplexity.expected b/python/ql/test/query-tests/Metrics/cyclo/CyclomaticComplexity.expected
@@ -1,6 +1,6 @@
+| code.py:35:1:35:21 | Function exceptions | 5 |
 | code.py:23:1:23:17 | Function nested | 4 |
 | code.py:12:1:12:21 | Function two_branch | 3 |
 | code.py:6:1:6:18 | Function one_branch | 2 |
-| code.py:35:1:35:21 | Function exceptions | 2 |
 | code.py:1:1:1:16 | Function f_linear | 1 |
 | code.py:45:1:45:39 | Function must_be_positive | 1 |
