Change to Inline Expectations Test

2026-01-29 22:32:58 +01:00 · 2020-12-08 16:11:46 +00:00
parent e786fa07ee
commit 0b50ee7755
3 changed files with 33 additions and 37 deletions
--- a/ql/test/library-tests/semmle/go/frameworks/EvanphxJsonPatch/TaintFlows.expected
+++ b/ql/test/library-tests/semmle/go/frameworks/EvanphxJsonPatch/TaintFlows.expected
@@ -1,11 +0,0 @@
-| main.go:27:35:27:55 | call to getTaintedByteArray : slice type | main.go:28:16:28:17 | b1 | 27 |
-| main.go:30:55:30:75 | call to getTaintedByteArray : slice type | main.go:31:16:31:17 | b2 | 30 |
-| main.go:34:28:34:48 | call to getTaintedByteArray : slice type | main.go:35:16:35:17 | b3 | 34 |
-| main.go:37:48:37:68 | call to getTaintedByteArray : slice type | main.go:38:16:38:17 | b4 | 37 |
-| main.go:41:34:41:54 | call to getTaintedByteArray : slice type | main.go:42:16:42:17 | b5 | 41 |
-| main.go:44:54:44:74 | call to getTaintedByteArray : slice type | main.go:45:16:45:17 | b6 | 44 |
-| main.go:48:29:48:49 | call to getTaintedByteArray : slice type | main.go:49:12:49:13 | p7 | 48 |
-| main.go:52:32:52:52 | call to getTaintedByteArray : slice type | main.go:53:16:53:17 | b8 | 52 |
-| main.go:55:11:55:27 | call to getTaintedPatch : Patch | main.go:56:16:56:17 | b9 | 55 |
-| main.go:59:39:59:59 | call to getTaintedByteArray : slice type | main.go:60:16:60:18 | b10 | 59 |
-| main.go:62:12:62:28 | call to getTaintedPatch : Patch | main.go:63:16:63:18 | b11 | 62 |
--- a/ql/test/library-tests/semmle/go/frameworks/EvanphxJsonPatch/TaintFlows.ql
+++ b/ql/test/library-tests/semmle/go/frameworks/EvanphxJsonPatch/TaintFlows.ql
@@ -1,25 +1,32 @@
 import go
+import TestUtilities.InlineExpectationsTest

-class SourceFunction extends Function {
-  SourceFunction() { this.getName() = ["getTaintedByteArray", "getTaintedPatch"] }
-}
-
-class SinkFunction extends Function {
-  SinkFunction() { this.getName() = ["sinkByteArray", "sinkPatch"] }
-}
-
-class TestConfig extends TaintTracking::Configuration {
-  TestConfig() { this = "testconfig" }
+class Configuration extends TaintTracking::Configuration {
+  Configuration() { this = "test-configuration" }

  override predicate isSource(DataFlow::Node source) {
-    source = any(SourceFunction f).getACall().getAResult()
+    source =
+      any(DataFlow::CallNode c | c.getCalleeName() in ["getTaintedByteArray", "getTaintedPatch"])
+          .getResult(0)
  }

  override predicate isSink(DataFlow::Node sink) {
-    sink = any(SinkFunction f).getACall().getAnArgument()
+    sink =
+      any(DataFlow::CallNode c | c.getCalleeName() in ["sinkByteArray", "sinkPatch"]).getArgument(0)
  }
 }

-from TestConfig config, DataFlow::PathNode source, DataFlow::PathNode sink, int i
-where config.hasFlowPath(source, sink) and source.hasLocationInfo(_, i, _, _, _)
-select source, sink, i order by i
+class TaintFlowTest extends InlineExpectationsTest {
+  TaintFlowTest() { this = "TaintFlowTest" }
+
+  override string getARelevantTag() { result = "taintflow" }
+
+  override predicate hasActualResult(string file, int line, string element, string tag, string value) {
+    tag = "taintflow" and
+    exists(DataFlow::Node sink | any(Configuration c).hasFlow(_, sink) |
+      element = sink.toString() and
+      value = "" and
+      sink.hasLocationInfo(file, line, _, _, _)
+    )
+  }
+}
--- a/ql/test/library-tests/semmle/go/frameworks/EvanphxJsonPatch/main.go
+++ b/ql/test/library-tests/semmle/go/frameworks/EvanphxJsonPatch/main.go
@@ -25,40 +25,40 @@ func main() {

 	// func MergeMergePatches(patch1Data, patch2Data []byte) ([]byte, error)
 	b1, _ := patch.MergeMergePatches(getTaintedByteArray(), untaintedByteArray)
-	sinkByteArray(b1)
+	sinkByteArray(b1) // $taintflow

 	b2, _ := patch.MergeMergePatches(untaintedByteArray, getTaintedByteArray())
-	sinkByteArray(b2)
+	sinkByteArray(b2) // $taintflow

 	// func MergePatch(docData, patchData []byte) ([]byte, error)
 	b3, _ := patch.MergePatch(getTaintedByteArray(), untaintedByteArray)
-	sinkByteArray(b3)
+	sinkByteArray(b3) // $taintflow

 	b4, _ := patch.MergePatch(untaintedByteArray, getTaintedByteArray())
-	sinkByteArray(b4)
+	sinkByteArray(b4) // $taintflow

 	// func CreateMergePatch(originalJSON, modifiedJSON []byte) ([]byte, error)
 	b5, _ := patch.CreateMergePatch(getTaintedByteArray(), untaintedByteArray)
-	sinkByteArray(b5)
+	sinkByteArray(b5) // $taintflow

 	b6, _ := patch.CreateMergePatch(untaintedByteArray, getTaintedByteArray())
-	sinkByteArray(b6)
+	sinkByteArray(b6) // $taintflow

 	// func DecodePatch(buf []byte) (Patch, error)
 	p7, _ := patch.DecodePatch(getTaintedByteArray())
-	sinkPatch(p7)
+	sinkPatch(p7) // $taintflow

 	// func (p Patch) Apply(doc []byte) ([]byte, error)
 	b8, _ := untaintedPatch.Apply(getTaintedByteArray())
-	sinkByteArray(b8)
+	sinkByteArray(b8) // $taintflow

 	b9, _ := getTaintedPatch().Apply(untaintedByteArray)
-	sinkByteArray(b9)
+	sinkByteArray(b9) // $taintflow

 	// func (p Patch) ApplyIndent(doc []byte, indent string) ([]byte, error)
 	b10, _ := untaintedPatch.ApplyIndent(getTaintedByteArray(), "  ")
-	sinkByteArray(b10)
+	sinkByteArray(b10) // $taintflow

 	b11, _ := getTaintedPatch().ApplyIndent(untaintedByteArray, "  ")
-	sinkByteArray(b11)
+	sinkByteArray(b11) // $taintflow
 }