python taint mode fails on tracking list comprehension

[CyberKatze]

Describe the bug
opengrep can't find the the patterns in pattern-sink when it occurs inside a list comprehension.

To Reproduce
Steps to reproduce the behavior.

rules:
  - id: test-taint-list-comprehension
    mode: taint
    pattern-sources:
      - patterns:
          - pattern-inside: |
              def $func(..., $arg, ...):
                ...
          - focus-metavariable: $arg
    pattern-sinks:
      - pattern: dangerous_sink($sink)
    languages:
      - python
    severity: error
    message: "tainted data flows to dangerous_sink"

# poc: taint tracking fails inside list comprehension

def vulnerable_function(user_input):
    # this case is detected by taint mode
    result1 = dangerous_sink(user_input)
    
    # this case is not detected - taint lost in list comprehension
    result2 = [x for x in dangerous_sink(user_input)]
    
    return result1, result2

Expected behavior
taint works when the sink happen in a list comprehension python.

What is the priority of the bug to you?

• P0: blocking your adoption of Opengrep or workflow
• P1: important to fix or quite annoying
• P2: regular bug that should get fixed

Environment
opengrep --version : 1.15.1

[maciejpirog]

The basic functionality has been implemented in #564 and will be available in the next release. Support for full comprehension syntax is still a TODO (#565).