hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 11:15:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Python: simplejson load/dump only works with lib installed

Browse Source 
Which I had done locally. Problem is the same about not having PostUpdateNode
when points-to is not able to resolve the call, so I'm happy to just make CI
happy right now, and hopefully we'll get a fix to the underlying problem soon 😊
This commit is contained in:
Rasmus Wriedt Larsen
2021-05-10 16:21:29 +02:00
parent c2a6b811fc
commit 1b0d5053e7
1 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
python/ql/test/library-tests/frameworks/simplejson/taint_test.py
View File

@@ -21,8 +21,8 @@ def test():
tainted_filelike.seek(0)
ensure_tainted(
tainted_filelike, # $ tainted
simplejson.load(tainted_filelike), # $ tainted decodeOutput=Attribute() decodeFormat=JSON decodeInput=tainted_filelike
tainted_filelike, # $ MISSING: tainted
simplejson.load(tainted_filelike), # $ decodeOutput=Attribute() decodeFormat=JSON decodeInput=tainted_filelike MISSING: tainted
)
# load/dump with file-like using keyword-args
@@ -31,8 +31,8 @@ def test():
tainted_filelike.seek(0)
ensure_tainted(
tainted_filelike, # $ tainted
simplejson.load(fp=tainted_filelike), # $ tainted decodeOutput=Attribute() decodeFormat=JSON decodeInput=tainted_filelike
tainted_filelike, # $ MISSING: tainted
simplejson.load(fp=tainted_filelike), # $ decodeOutput=Attribute() decodeFormat=JSON decodeInput=tainted_filelike MISSING: tainted
)
# To make things runable