Python: add taint test for urllib

2026-04-25 16:55:19 +02:00 · 2024-09-24 20:49:05 +02:00
parent 91f1cf10a7
commit 0462809edc
3 changed files with 16 additions and 0 deletions
--- a/python/ql/test/library-tests/frameworks/urllib/InlineTaintTest.expected
+++ b/python/ql/test/library-tests/frameworks/urllib/InlineTaintTest.expected
@@ -0,0 +1,4 @@
+argumentToEnsureNotTaintedNotMarkedAsSpurious
+untaintedArgumentToEnsureTaintedNotMarkedAsMissing
+testFailures
+failures
--- a/python/ql/test/library-tests/frameworks/urllib/InlineTaintTest.ql
+++ b/python/ql/test/library-tests/frameworks/urllib/InlineTaintTest.ql
@@ -0,0 +1,2 @@
+import experimental.meta.InlineTaintTest
+import MakeInlineTaintTest<TestTaintTrackingConfig>
--- a/python/ql/test/library-tests/frameworks/urllib/taint_test.py
+++ b/python/ql/test/library-tests/frameworks/urllib/taint_test.py
@@ -0,0 +1,10 @@
+import urllib.parse
+
+def test():
+    ts = TAINTED_STRING
+
+    params = urllib.parse.parse_qs(ts)
+
+    ensure_tainted(
+        params, # $ MISSING: tainted
+    )