hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 19:26:02 +02:00
Code Issues Packages Projects Releases Wiki Activity

Python: Show that e, f, g = tainted_list doesn't work

Browse Source
This commit is contained in:
Rasmus Wriedt Larsen
2020-01-20 11:46:48 +01:00
parent a55c13e61c
commit 0da78f216a
4 changed files with 90 additions and 87 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
python/ql/test/library-tests/taint/strings/DistinctStringKinds.expected
View File

@@ -1,16 +1,16 @@
| Taint exception.info | test.py:59 | test.py:59:22:59:26 | taint | p1 = exception.info |
| Taint exception.info | test.py:60 | test.py:60:12:60:22 | func() | p1 = exception.info |
| Taint exception.info | test.py:60 | test.py:60:17:60:21 | taint | p1 = exception.info |
| Taint exception.info | test.py:63 | test.py:63:12:63:33 | TAINTED_EXCEPTION_INFO | |
| Taint exception.info | test.py:64 | test.py:64:11:64:41 | cross_over() | |
| Taint exception.info | test.py:64 | test.py:64:37:64:40 | info | |
| Taint exception.info | test.py:66 | test.py:66:19:66:21 | arg | p0 = exception.info |
| Taint exception.info | test.py:67 | test.py:67:12:67:14 | arg | p0 = exception.info |
| Taint externally controlled string | test.py:59 | test.py:59:22:59:26 | taint | p1 = externally controlled string |
| Taint externally controlled string | test.py:60 | test.py:60:12:60:22 | func() | p1 = externally controlled string |
| Taint externally controlled string | test.py:60 | test.py:60:17:60:21 | taint | p1 = externally controlled string |
| Taint externally controlled string | test.py:66 | test.py:66:19:66:21 | arg | p0 = externally controlled string |
| Taint externally controlled string | test.py:67 | test.py:67:12:67:14 | arg | p0 = externally controlled string |
| Taint externally controlled string | test.py:70 | test.py:70:11:70:33 | TAINTED_EXTERNAL_STRING | |
| Taint externally controlled string | test.py:71 | test.py:71:11:71:41 | cross_over() | |
| Taint externally controlled string | test.py:71 | test.py:71:38:71:40 | ext | |
| Taint exception.info | test.py:60 | test.py:60:22:60:26 | taint | p1 = exception.info |
| Taint exception.info | test.py:61 | test.py:61:12:61:22 | func() | p1 = exception.info |
| Taint exception.info | test.py:61 | test.py:61:17:61:21 | taint | p1 = exception.info |
| Taint exception.info | test.py:64 | test.py:64:12:64:33 | TAINTED_EXCEPTION_INFO | |
| Taint exception.info | test.py:65 | test.py:65:11:65:41 | cross_over() | |
| Taint exception.info | test.py:65 | test.py:65:37:65:40 | info | |
| Taint exception.info | test.py:67 | test.py:67:19:67:21 | arg | p0 = exception.info |
| Taint exception.info | test.py:68 | test.py:68:12:68:14 | arg | p0 = exception.info |
| Taint externally controlled string | test.py:60 | test.py:60:22:60:26 | taint | p1 = externally controlled string |
| Taint externally controlled string | test.py:61 | test.py:61:12:61:22 | func() | p1 = externally controlled string |
| Taint externally controlled string | test.py:61 | test.py:61:17:61:21 | taint | p1 = externally controlled string |
| Taint externally controlled string | test.py:67 | test.py:67:19:67:21 | arg | p0 = externally controlled string |
| Taint externally controlled string | test.py:68 | test.py:68:12:68:14 | arg | p0 = externally controlled string |
| Taint externally controlled string | test.py:71 | test.py:71:11:71:33 | TAINTED_EXTERNAL_STRING | |
| Taint externally controlled string | test.py:72 | test.py:72:11:72:41 | cross_over() | |
| Taint externally controlled string | test.py:72 | test.py:72:38:72:40 | ext | |

71
python/ql/test/library-tests/taint/strings/TestNode.expected
View File

@@ -5,7 +5,8 @@
| Taint [externally controlled string] | test.py:15 | test.py:15:9:15:25 | Subscript | |
| Taint [externally controlled string] | test.py:16 | test.py:16:9:16:20 | tainted_list | |
| Taint [externally controlled string] | test.py:16 | test.py:16:9:16:27 | Attribute() | |
| Taint [externally controlled string] | test.py:23 | test.py:23:14:23:34 | Attribute() | |
| Taint [externally controlled string] | test.py:17 | test.py:17:15:17:26 | tainted_list | |
| Taint [externally controlled string] | test.py:24 | test.py:24:14:24:34 | Attribute() | |
| Taint externally controlled string | test.py:5 | test.py:5:22:5:28 | TAINTED | |
| Taint externally controlled string | test.py:6 | test.py:6:31:6:44 | tainted_string | |
| Taint externally controlled string | test.py:7 | test.py:7:9:7:25 | Subscript | |
@@ -15,39 +16,39 @@
| Taint externally controlled string | test.py:9 | test.py:9:9:9:14 | Subscript | |
| Taint externally controlled string | test.py:13 | test.py:13:9:13:23 | Subscript | |
| Taint externally controlled string | test.py:14 | test.py:14:9:14:23 | Subscript | |
| Taint externally controlled string | test.py:20 | test.py:20:9:20:28 | Subscript | |
| Taint externally controlled string | test.py:21 | test.py:21:9:21:23 | Subscript | |
| Taint externally controlled string | test.py:23 | test.py:23:5:23:35 | For | |
| Taint externally controlled string | test.py:24 | test.py:24:9:24:9 | d | |
| Taint externally controlled string | test.py:30 | test.py:30:22:30:28 | TAINTED | |
| Taint externally controlled string | test.py:31 | test.py:31:9:31:22 | tainted_string | |
| Taint externally controlled string | test.py:31 | test.py:31:9:31:31 | Attribute() | |
| Taint externally controlled string | test.py:21 | test.py:21:9:21:28 | Subscript | |
| Taint externally controlled string | test.py:22 | test.py:22:9:22:23 | Subscript | |
| Taint externally controlled string | test.py:24 | test.py:24:5:24:35 | For | |
| Taint externally controlled string | test.py:25 | test.py:25:9:25:9 | d | |
| Taint externally controlled string | test.py:31 | test.py:31:22:31:28 | TAINTED | |
| Taint externally controlled string | test.py:32 | test.py:32:9:32:22 | tainted_string | |
| Taint externally controlled string | test.py:32 | test.py:32:9:32:29 | Attribute() | |
| Taint externally controlled string | test.py:32 | test.py:32:9:32:31 | Attribute() | |
| Taint externally controlled string | test.py:33 | test.py:33:9:33:22 | tainted_string | |
| Taint externally controlled string | test.py:33 | test.py:33:9:33:25 | Subscript | |
| Taint externally controlled string | test.py:33 | test.py:33:9:33:29 | Attribute() | |
| Taint externally controlled string | test.py:34 | test.py:34:9:34:22 | tainted_string | |
| Taint externally controlled string | test.py:34 | test.py:34:9:34:27 | Subscript | |
| Taint externally controlled string | test.py:35 | test.py:35:9:35:32 | reversed() | |
| Taint externally controlled string | test.py:35 | test.py:35:18:35:31 | tainted_string | |
| Taint externally controlled string | test.py:36 | test.py:36:9:36:28 | copy() | |
| Taint externally controlled string | test.py:36 | test.py:36:14:36:27 | tainted_string | |
| Taint externally controlled string | test.py:37 | test.py:37:9:37:22 | tainted_string | |
| Taint externally controlled string | test.py:37 | test.py:37:9:37:30 | Attribute() | |
| Taint externally controlled string | test.py:40 | test.py:40:22:40:28 | TAINTED | |
| Taint externally controlled string | test.py:41 | test.py:41:8:41:21 | tainted_string | |
| Taint externally controlled string | test.py:44 | test.py:44:23:44:36 | tainted_string | |
| Taint externally controlled string | test.py:47 | test.py:47:22:47:28 | TAINTED | |
| Taint externally controlled string | test.py:48 | test.py:48:8:48:21 | tainted_string | |
| Taint externally controlled string | test.py:48 | test.py:48:34:48:47 | tainted_string | |
| Taint externally controlled string | test.py:51 | test.py:51:23:51:36 | tainted_string | |
| Taint externally controlled string | test.py:54 | test.py:54:22:54:28 | TAINTED | |
| Taint externally controlled string | test.py:55 | test.py:55:9:55:27 | str() | |
| Taint externally controlled string | test.py:55 | test.py:55:13:55:26 | tainted_string | |
| Taint externally controlled string | test.py:56 | test.py:56:9:56:29 | bytes() | |
| Taint externally controlled string | test.py:56 | test.py:56:15:56:28 | tainted_string | |
| Taint externally controlled string | test.py:57 | test.py:57:9:57:46 | bytes() | |
| Taint externally controlled string | test.py:34 | test.py:34:9:34:25 | Subscript | |
| Taint externally controlled string | test.py:35 | test.py:35:9:35:22 | tainted_string | |
| Taint externally controlled string | test.py:35 | test.py:35:9:35:27 | Subscript | |
| Taint externally controlled string | test.py:36 | test.py:36:9:36:32 | reversed() | |
| Taint externally controlled string | test.py:36 | test.py:36:18:36:31 | tainted_string | |
| Taint externally controlled string | test.py:37 | test.py:37:9:37:28 | copy() | |
| Taint externally controlled string | test.py:37 | test.py:37:14:37:27 | tainted_string | |
| Taint externally controlled string | test.py:38 | test.py:38:9:38:22 | tainted_string | |
| Taint externally controlled string | test.py:38 | test.py:38:9:38:30 | Attribute() | |
| Taint externally controlled string | test.py:41 | test.py:41:22:41:28 | TAINTED | |
| Taint externally controlled string | test.py:42 | test.py:42:8:42:21 | tainted_string | |
| Taint externally controlled string | test.py:45 | test.py:45:23:45:36 | tainted_string | |
| Taint externally controlled string | test.py:48 | test.py:48:22:48:28 | TAINTED | |
| Taint externally controlled string | test.py:49 | test.py:49:8:49:21 | tainted_string | |
| Taint externally controlled string | test.py:49 | test.py:49:34:49:47 | tainted_string | |
| Taint externally controlled string | test.py:52 | test.py:52:23:52:36 | tainted_string | |
| Taint externally controlled string | test.py:55 | test.py:55:22:55:28 | TAINTED | |
| Taint externally controlled string | test.py:56 | test.py:56:9:56:27 | str() | |
| Taint externally controlled string | test.py:56 | test.py:56:13:56:26 | tainted_string | |
| Taint externally controlled string | test.py:57 | test.py:57:9:57:29 | bytes() | |
| Taint externally controlled string | test.py:57 | test.py:57:15:57:28 | tainted_string | |
| Taint externally controlled string | test.py:58 | test.py:58:9:58:46 | bytes() | |
| Taint externally controlled string | test.py:58 | test.py:58:15:58:28 | tainted_string | |
| Taint json[externally controlled string] | test.py:6 | test.py:6:20:6:45 | Attribute() | |
| Taint json[externally controlled string] | test.py:7 | test.py:7:9:7:20 | tainted_json | |
| Taint json[externally controlled string] | test.py:7 | test.py:7:9:7:25 | Subscript | |
@@ -55,10 +56,10 @@
| Taint json[externally controlled string] | test.py:8 | test.py:8:9:8:18 | Attribute() | |
| Taint json[externally controlled string] | test.py:9 | test.py:9:9:9:9 | b | |
| Taint json[externally controlled string] | test.py:9 | test.py:9:9:9:14 | Subscript | |
| Taint {externally controlled string} | test.py:19 | test.py:19:20:19:31 | TAINTED_DICT | |
| Taint {externally controlled string} | test.py:20 | test.py:20:9:20:20 | tainted_dict | |
| Taint {externally controlled string} | test.py:20 | test.py:20:20:20:31 | TAINTED_DICT | |
| Taint {externally controlled string} | test.py:21 | test.py:21:9:21:20 | tainted_dict | |
| Taint {externally controlled string} | test.py:22 | test.py:22:9:22:20 | tainted_dict | |
| Taint {externally controlled string} | test.py:22 | test.py:22:9:22:27 | Attribute() | |
| Taint {externally controlled string} | test.py:23 | test.py:23:14:23:25 | tainted_dict | |
| Taint {externally controlled string} | test.py:26 | test.py:26:17:26:28 | tainted_dict | |
| Taint {externally controlled string} | test.py:23 | test.py:23:9:23:20 | tainted_dict | |
| Taint {externally controlled string} | test.py:23 | test.py:23:9:23:27 | Attribute() | |
| Taint {externally controlled string} | test.py:24 | test.py:24:14:24:25 | tainted_dict | |
| Taint {externally controlled string} | test.py:27 | test.py:27:17:27:28 | tainted_dict | |

73
python/ql/test/library-tests/taint/strings/TestStep.expected
View File

@@ -2,41 +2,42 @@
| Taint [externally controlled string] | test.py:12 | test.py:12:20:12:31 | TAINTED_LIST | | --> | Taint [externally controlled string] | test.py:14 | test.py:14:9:14:20 | tainted_list | |
| Taint [externally controlled string] | test.py:12 | test.py:12:20:12:31 | TAINTED_LIST | | --> | Taint [externally controlled string] | test.py:15 | test.py:15:9:15:20 | tainted_list | |
| Taint [externally controlled string] | test.py:12 | test.py:12:20:12:31 | TAINTED_LIST | | --> | Taint [externally controlled string] | test.py:16 | test.py:16:9:16:20 | tainted_list | |
| Taint [externally controlled string] | test.py:12 | test.py:12:20:12:31 | TAINTED_LIST | | --> | Taint [externally controlled string] | test.py:17 | test.py:17:15:17:26 | tainted_list | |
| Taint [externally controlled string] | test.py:13 | test.py:13:9:13:20 | tainted_list | | --> | Taint externally controlled string | test.py:13 | test.py:13:9:13:23 | Subscript | |
| Taint [externally controlled string] | test.py:14 | test.py:14:9:14:20 | tainted_list | | --> | Taint externally controlled string | test.py:14 | test.py:14:9:14:23 | Subscript | |
| Taint [externally controlled string] | test.py:15 | test.py:15:9:15:20 | tainted_list | | --> | Taint [externally controlled string] | test.py:15 | test.py:15:9:15:25 | Subscript | |
| Taint [externally controlled string] | test.py:16 | test.py:16:9:16:20 | tainted_list | | --> | Taint [externally controlled string] | test.py:16 | test.py:16:9:16:27 | Attribute() | |
| Taint [externally controlled string] | test.py:23 | test.py:23:14:23:34 | Attribute() | | --> | Taint externally controlled string | test.py:23 | test.py:23:5:23:35 | For | |
| Taint [externally controlled string] | test.py:24 | test.py:24:14:24:34 | Attribute() | | --> | Taint externally controlled string | test.py:24 | test.py:24:5:24:35 | For | |
| Taint externally controlled string | test.py:5 | test.py:5:22:5:28 | TAINTED | | --> | Taint externally controlled string | test.py:6 | test.py:6:31:6:44 | tainted_string | |
| Taint externally controlled string | test.py:6 | test.py:6:31:6:44 | tainted_string | | --> | Taint json[externally controlled string] | test.py:6 | test.py:6:20:6:45 | Attribute() | |
| Taint externally controlled string | test.py:7 | test.py:7:9:7:25 | Subscript | | --> | Taint externally controlled string | test.py:8 | test.py:8:9:8:9 | a | |
| Taint externally controlled string | test.py:8 | test.py:8:9:8:18 | Attribute() | | --> | Taint externally controlled string | test.py:9 | test.py:9:9:9:9 | b | |
| Taint externally controlled string | test.py:23 | test.py:23:5:23:35 | For | | --> | Taint externally controlled string | test.py:24 | test.py:24:9:24:9 | d | |
| Taint externally controlled string | test.py:30 | test.py:30:22:30:28 | TAINTED | | --> | Taint externally controlled string | test.py:31 | test.py:31:9:31:22 | tainted_string | |
| Taint externally controlled string | test.py:30 | test.py:30:22:30:28 | TAINTED | | --> | Taint externally controlled string | test.py:32 | test.py:32:9:32:22 | tainted_string | |
| Taint externally controlled string | test.py:30 | test.py:30:22:30:28 | TAINTED | | --> | Taint externally controlled string | test.py:33 | test.py:33:9:33:22 | tainted_string | |
| Taint externally controlled string | test.py:30 | test.py:30:22:30:28 | TAINTED | | --> | Taint externally controlled string | test.py:34 | test.py:34:9:34:22 | tainted_string | |
| Taint externally controlled string | test.py:30 | test.py:30:22:30:28 | TAINTED | | --> | Taint externally controlled string | test.py:35 | test.py:35:18:35:31 | tainted_string | |
| Taint externally controlled string | test.py:30 | test.py:30:22:30:28 | TAINTED | | --> | Taint externally controlled string | test.py:36 | test.py:36:14:36:27 | tainted_string | |
| Taint externally controlled string | test.py:30 | test.py:30:22:30:28 | TAINTED | | --> | Taint externally controlled string | test.py:37 | test.py:37:9:37:22 | tainted_string | |
| Taint externally controlled string | test.py:31 | test.py:31:9:31:22 | tainted_string | | --> | Taint externally controlled string | test.py:31 | test.py:31:9:31:31 | Attribute() | |
| Taint externally controlled string | test.py:32 | test.py:32:9:32:22 | tainted_string | | --> | Taint externally controlled string | test.py:32 | test.py:32:9:32:29 | Attribute() | |
| Taint externally controlled string | test.py:33 | test.py:33:9:33:22 | tainted_string | | --> | Taint externally controlled string | test.py:33 | test.py:33:9:33:25 | Subscript | |
| Taint externally controlled string | test.py:34 | test.py:34:9:34:22 | tainted_string | | --> | Taint externally controlled string | test.py:34 | test.py:34:9:34:27 | Subscript | |
| Taint externally controlled string | test.py:35 | test.py:35:18:35:31 | tainted_string | | --> | Taint externally controlled string | test.py:35 | test.py:35:9:35:32 | reversed() | |
| Taint externally controlled string | test.py:36 | test.py:36:14:36:27 | tainted_string | | --> | Taint externally controlled string | test.py:36 | test.py:36:9:36:28 | copy() | |
| Taint externally controlled string | test.py:37 | test.py:37:9:37:22 | tainted_string | | --> | Taint externally controlled string | test.py:37 | test.py:37:9:37:30 | Attribute() | |
| Taint externally controlled string | test.py:40 | test.py:40:22:40:28 | TAINTED | | --> | Taint externally controlled string | test.py:41 | test.py:41:8:41:21 | tainted_string | |
| Taint externally controlled string | test.py:40 | test.py:40:22:40:28 | TAINTED | | --> | Taint externally controlled string | test.py:44 | test.py:44:23:44:36 | tainted_string | |
| Taint externally controlled string | test.py:47 | test.py:47:22:47:28 | TAINTED | | --> | Taint externally controlled string | test.py:48 | test.py:48:8:48:21 | tainted_string | |
| Taint externally controlled string | test.py:47 | test.py:47:22:47:28 | TAINTED | | --> | Taint externally controlled string | test.py:48 | test.py:48:34:48:47 | tainted_string | |
| Taint externally controlled string | test.py:47 | test.py:47:22:47:28 | TAINTED | | --> | Taint externally controlled string | test.py:51 | test.py:51:23:51:36 | tainted_string | |
| Taint externally controlled string | test.py:54 | test.py:54:22:54:28 | TAINTED | | --> | Taint externally controlled string | test.py:55 | test.py:55:13:55:26 | tainted_string | |
| Taint externally controlled string | test.py:54 | test.py:54:22:54:28 | TAINTED | | --> | Taint externally controlled string | test.py:56 | test.py:56:15:56:28 | tainted_string | |
| Taint externally controlled string | test.py:54 | test.py:54:22:54:28 | TAINTED | | --> | Taint externally controlled string | test.py:57 | test.py:57:15:57:28 | tainted_string | |
| Taint externally controlled string | test.py:55 | test.py:55:13:55:26 | tainted_string | | --> | Taint externally controlled string | test.py:55 | test.py:55:9:55:27 | str() | |
| Taint externally controlled string | test.py:56 | test.py:56:15:56:28 | tainted_string | | --> | Taint externally controlled string | test.py:56 | test.py:56:9:56:29 | bytes() | |
| Taint externally controlled string | test.py:57 | test.py:57:15:57:28 | tainted_string | | --> | Taint externally controlled string | test.py:57 | test.py:57:9:57:46 | bytes() | |
| Taint externally controlled string | test.py:24 | test.py:24:5:24:35 | For | | --> | Taint externally controlled string | test.py:25 | test.py:25:9:25:9 | d | |
| Taint externally controlled string | test.py:31 | test.py:31:22:31:28 | TAINTED | | --> | Taint externally controlled string | test.py:32 | test.py:32:9:32:22 | tainted_string | |
| Taint externally controlled string | test.py:31 | test.py:31:22:31:28 | TAINTED | | --> | Taint externally controlled string | test.py:33 | test.py:33:9:33:22 | tainted_string | |
| Taint externally controlled string | test.py:31 | test.py:31:22:31:28 | TAINTED | | --> | Taint externally controlled string | test.py:34 | test.py:34:9:34:22 | tainted_string | |
| Taint externally controlled string | test.py:31 | test.py:31:22:31:28 | TAINTED | | --> | Taint externally controlled string | test.py:35 | test.py:35:9:35:22 | tainted_string | |
| Taint externally controlled string | test.py:31 | test.py:31:22:31:28 | TAINTED | | --> | Taint externally controlled string | test.py:36 | test.py:36:18:36:31 | tainted_string | |
| Taint externally controlled string | test.py:31 | test.py:31:22:31:28 | TAINTED | | --> | Taint externally controlled string | test.py:37 | test.py:37:14:37:27 | tainted_string | |
| Taint externally controlled string | test.py:31 | test.py:31:22:31:28 | TAINTED | | --> | Taint externally controlled string | test.py:38 | test.py:38:9:38:22 | tainted_string | |
| Taint externally controlled string | test.py:32 | test.py:32:9:32:22 | tainted_string | | --> | Taint externally controlled string | test.py:32 | test.py:32:9:32:31 | Attribute() | |
| Taint externally controlled string | test.py:33 | test.py:33:9:33:22 | tainted_string | | --> | Taint externally controlled string | test.py:33 | test.py:33:9:33:29 | Attribute() | |
| Taint externally controlled string | test.py:34 | test.py:34:9:34:22 | tainted_string | | --> | Taint externally controlled string | test.py:34 | test.py:34:9:34:25 | Subscript | |
| Taint externally controlled string | test.py:35 | test.py:35:9:35:22 | tainted_string | | --> | Taint externally controlled string | test.py:35 | test.py:35:9:35:27 | Subscript | |
| Taint externally controlled string | test.py:36 | test.py:36:18:36:31 | tainted_string | | --> | Taint externally controlled string | test.py:36 | test.py:36:9:36:32 | reversed() | |
| Taint externally controlled string | test.py:37 | test.py:37:14:37:27 | tainted_string | | --> | Taint externally controlled string | test.py:37 | test.py:37:9:37:28 | copy() | |
| Taint externally controlled string | test.py:38 | test.py:38:9:38:22 | tainted_string | | --> | Taint externally controlled string | test.py:38 | test.py:38:9:38:30 | Attribute() | |
| Taint externally controlled string | test.py:41 | test.py:41:22:41:28 | TAINTED | | --> | Taint externally controlled string | test.py:42 | test.py:42:8:42:21 | tainted_string | |
| Taint externally controlled string | test.py:41 | test.py:41:22:41:28 | TAINTED | | --> | Taint externally controlled string | test.py:45 | test.py:45:23:45:36 | tainted_string | |
| Taint externally controlled string | test.py:48 | test.py:48:22:48:28 | TAINTED | | --> | Taint externally controlled string | test.py:49 | test.py:49:8:49:21 | tainted_string | |
| Taint externally controlled string | test.py:48 | test.py:48:22:48:28 | TAINTED | | --> | Taint externally controlled string | test.py:49 | test.py:49:34:49:47 | tainted_string | |
| Taint externally controlled string | test.py:48 | test.py:48:22:48:28 | TAINTED | | --> | Taint externally controlled string | test.py:52 | test.py:52:23:52:36 | tainted_string | |
| Taint externally controlled string | test.py:55 | test.py:55:22:55:28 | TAINTED | | --> | Taint externally controlled string | test.py:56 | test.py:56:13:56:26 | tainted_string | |
| Taint externally controlled string | test.py:55 | test.py:55:22:55:28 | TAINTED | | --> | Taint externally controlled string | test.py:57 | test.py:57:15:57:28 | tainted_string | |
| Taint externally controlled string | test.py:55 | test.py:55:22:55:28 | TAINTED | | --> | Taint externally controlled string | test.py:58 | test.py:58:15:58:28 | tainted_string | |
| Taint externally controlled string | test.py:56 | test.py:56:13:56:26 | tainted_string | | --> | Taint externally controlled string | test.py:56 | test.py:56:9:56:27 | str() | |
| Taint externally controlled string | test.py:57 | test.py:57:15:57:28 | tainted_string | | --> | Taint externally controlled string | test.py:57 | test.py:57:9:57:29 | bytes() | |
| Taint externally controlled string | test.py:58 | test.py:58:15:58:28 | tainted_string | | --> | Taint externally controlled string | test.py:58 | test.py:58:9:58:46 | bytes() | |
| Taint json[externally controlled string] | test.py:6 | test.py:6:20:6:45 | Attribute() | | --> | Taint json[externally controlled string] | test.py:7 | test.py:7:9:7:20 | tainted_json | |
| Taint json[externally controlled string] | test.py:7 | test.py:7:9:7:20 | tainted_json | | --> | Taint externally controlled string | test.py:7 | test.py:7:9:7:25 | Subscript | |
| Taint json[externally controlled string] | test.py:7 | test.py:7:9:7:20 | tainted_json | | --> | Taint json[externally controlled string] | test.py:7 | test.py:7:9:7:25 | Subscript | |
@@ -46,12 +47,12 @@
| Taint json[externally controlled string] | test.py:8 | test.py:8:9:8:18 | Attribute() | | --> | Taint json[externally controlled string] | test.py:9 | test.py:9:9:9:9 | b | |
| Taint json[externally controlled string] | test.py:9 | test.py:9:9:9:9 | b | | --> | Taint externally controlled string | test.py:9 | test.py:9:9:9:14 | Subscript | |
| Taint json[externally controlled string] | test.py:9 | test.py:9:9:9:9 | b | | --> | Taint json[externally controlled string] | test.py:9 | test.py:9:9:9:14 | Subscript | |
| Taint {externally controlled string} | test.py:19 | test.py:19:20:19:31 | TAINTED_DICT | | --> | Taint {externally controlled string} | test.py:20 | test.py:20:9:20:20 | tainted_dict | |
| Taint {externally controlled string} | test.py:19 | test.py:19:20:19:31 | TAINTED_DICT | | --> | Taint {externally controlled string} | test.py:21 | test.py:21:9:21:20 | tainted_dict | |
| Taint {externally controlled string} | test.py:19 | test.py:19:20:19:31 | TAINTED_DICT | | --> | Taint {externally controlled string} | test.py:22 | test.py:22:9:22:20 | tainted_dict | |
| Taint {externally controlled string} | test.py:19 | test.py:19:20:19:31 | TAINTED_DICT | | --> | Taint {externally controlled string} | test.py:23 | test.py:23:14:23:25 | tainted_dict | |
| Taint {externally controlled string} | test.py:19 | test.py:19:20:19:31 | TAINTED_DICT | | --> | Taint {externally controlled string} | test.py:26 | test.py:26:17:26:28 | tainted_dict | |
| Taint {externally controlled string} | test.py:20 | test.py:20:9:20:20 | tainted_dict | | --> | Taint externally controlled string | test.py:20 | test.py:20:9:20:28 | Subscript | |
| Taint {externally controlled string} | test.py:21 | test.py:21:9:21:20 | tainted_dict | | --> | Taint externally controlled string | test.py:21 | test.py:21:9:21:23 | Subscript | |
| Taint {externally controlled string} | test.py:22 | test.py:22:9:22:20 | tainted_dict | | --> | Taint {externally controlled string} | test.py:22 | test.py:22:9:22:27 | Attribute() | |
| Taint {externally controlled string} | test.py:23 | test.py:23:14:23:25 | tainted_dict | | --> | Taint [externally controlled string] | test.py:23 | test.py:23:14:23:34 | Attribute() | |
| Taint {externally controlled string} | test.py:20 | test.py:20:20:20:31 | TAINTED_DICT | | --> | Taint {externally controlled string} | test.py:21 | test.py:21:9:21:20 | tainted_dict | |
| Taint {externally controlled string} | test.py:20 | test.py:20:20:20:31 | TAINTED_DICT | | --> | Taint {externally controlled string} | test.py:22 | test.py:22:9:22:20 | tainted_dict | |
| Taint {externally controlled string} | test.py:20 | test.py:20:20:20:31 | TAINTED_DICT | | --> | Taint {externally controlled string} | test.py:23 | test.py:23:9:23:20 | tainted_dict | |
| Taint {externally controlled string} | test.py:20 | test.py:20:20:20:31 | TAINTED_DICT | | --> | Taint {externally controlled string} | test.py:24 | test.py:24:14:24:25 | tainted_dict | |
| Taint {externally controlled string} | test.py:20 | test.py:20:20:20:31 | TAINTED_DICT | | --> | Taint {externally controlled string} | test.py:27 | test.py:27:17:27:28 | tainted_dict | |
| Taint {externally controlled string} | test.py:21 | test.py:21:9:21:20 | tainted_dict | | --> | Taint externally controlled string | test.py:21 | test.py:21:9:21:28 | Subscript | |
| Taint {externally controlled string} | test.py:22 | test.py:22:9:22:20 | tainted_dict | | --> | Taint externally controlled string | test.py:22 | test.py:22:9:22:23 | Subscript | |
| Taint {externally controlled string} | test.py:23 | test.py:23:9:23:20 | tainted_dict | | --> | Taint {externally controlled string} | test.py:23 | test.py:23:9:23:27 | Attribute() | |
| Taint {externally controlled string} | test.py:24 | test.py:24:14:24:25 | tainted_dict | | --> | Taint [externally controlled string] | test.py:24 | test.py:24:14:24:34 | Attribute() | |

1
python/ql/test/library-tests/taint/strings/test.py
View File

@@ -14,6 +14,7 @@ def test_list(x, y, z):
b = tainted_list[x]
c = tainted_list[y:z]
d = tainted_list.copy()
e, f, g = tainted_list # TODO: currently not handled
def test_dict(x):
tainted_dict = TAINTED_DICT