hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-27 17:55:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

Python: Accept deprecation warnings for old tests

Browse Source
This commit is contained in:
Rasmus Wriedt Larsen
2022-01-20 10:55:04 +01:00
parent 438a01e911
commit 2e788ea86e
34 changed files with 34 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
python/ql/test/library-tests/security/command-execution/CommandSinks.expected
View File

@@ -1,3 +1,4 @@
WARNING: Type CommandSink has been deprecated and may be removed in future (CommandSinks.ql:5,6-17)
| fabric_v1_test.py:8:7:8:28 | FabricV1Commands | externally controlled string |
| fabric_v1_test.py:9:5:9:27 | FabricV1Commands | externally controlled string |
| fabric_v1_test.py:10:6:10:38 | FabricV1Commands | externally controlled string |

1
python/ql/test/library-tests/security/sensitive/Sources.expected
View File

@@ -1,3 +1,4 @@
WARNING: Module SensitiveData has been deprecated and may be removed in future (Sources.ql:4,6-19)
| test.py:16:1:16:14 | test.py:16 | a call returning a password |
| test.py:17:1:17:12 | test.py:17 | a call returning a password |
| test.py:18:1:18:12 | test.py:18 | a call returning a secret |

1
python/ql/test/library-tests/web/bottle/HttpResponseSinks.expected
View File

@@ -1,3 +1,4 @@
WARNING: Type HttpResponseTaintSink has been deprecated and may be removed in future (HttpResponseSinks.ql:5,6-27)
| test.py:9:12:9:26 | bottle handler function result | externally controlled string |
| test.py:13:12:13:24 | bottle handler function result | externally controlled string |
| test.py:19:12:19:33 | bottle handler function result | externally controlled string |

1
python/ql/test/library-tests/web/bottle/HttpSources.expected
View File

@@ -1,3 +1,4 @@
WARNING: Type HttpRequestTaintSource has been deprecated and may be removed in future (HttpSources.ql:5,6-28)
| ../../../query-tests/Security/lib/bottle.py:64:11:64:24 | LocalRequest() | bottle.request |
| test.py:3:35:3:41 | ImportMember | bottle.request |
| test.py:8:11:8:14 | name | externally controlled string |

1
python/ql/test/library-tests/web/bottle/Routing.expected
View File

@@ -1,3 +1,4 @@
WARNING: Type BottleRoute has been deprecated and may be removed in future (Routing.ql:4,6-17)
| /args | test.py:31:1:31:14 | Function unsafe2 |
| /bye/<name> | test.py:12:1:12:25 | Function bye |
| /hello/<name> | test.py:8:1:8:27 | Function hello |

1
python/ql/test/library-tests/web/cherrypy/HttpResponseSinks.expected
View File

@@ -1,3 +1,4 @@
WARNING: Type HttpResponseTaintSink has been deprecated and may be removed in future (HttpResponseSinks.ql:5,6-27)
| red.py:8:16:8:20 | cherrypy handler function result | externally controlled string |
| test.py:11:16:11:29 | cherrypy handler function result | externally controlled string |
| test.py:17:16:17:27 | cherrypy handler function result | externally controlled string |

1
python/ql/test/library-tests/web/cherrypy/HttpSources.expected
View File

@@ -1,3 +1,4 @@
WARNING: Type HttpRequestTaintSource has been deprecated and may be removed in future (HttpSources.ql:5,6-28)
| ../../../query-tests/Security/lib/cherrypy/__init__.py:10:11:10:38 | _ThreadLocalProxy() | cherrypy.request |
| test.py:10:17:10:19 | arg | externally controlled string |
| test.py:16:17:16:19 | arg | externally controlled string |

1
python/ql/test/library-tests/web/client/requests/ClientHttpRequests.expected
View File

@@ -1,2 +1,3 @@
WARNING: Module Client has been deprecated and may be removed in future (ClientHttpRequests.ql:5,6-12)
| test.py:3:1:3:27 | ControlFlowNode for Attribute() | test.py:3:14:3:26 | ControlFlowNode for Str | GET |
| test.py:4:1:4:28 | ControlFlowNode for Attribute() | test.py:4:15:4:27 | ControlFlowNode for Str | POST |

1
python/ql/test/library-tests/web/client/six/ClientHttpRequests.expected
View File

@@ -1,3 +1,4 @@
WARNING: Module Client has been deprecated and may be removed in future (ClientHttpRequests.ql:5,6-12)
| test.py:6:5:6:32 | ControlFlowNode for Attribute() | test.py:5:27:5:39 | ControlFlowNode for Str | GET |
| test.py:6:5:6:32 | ControlFlowNode for Attribute() | test.py:6:25:6:31 | ControlFlowNode for Str | GET |
| test.py:15:5:15:33 | ControlFlowNode for Attribute() | test.py:10:28:10:40 | ControlFlowNode for Str | POST |

1
python/ql/test/library-tests/web/client/stdlib/ClientHttpRequests.expected
View File

@@ -1,3 +1,4 @@
WARNING: Module Client has been deprecated and may be removed in future (ClientHttpRequests.ql:5,6-12)
| test.py:13:5:13:32 | ControlFlowNode for Attribute() | test.py:12:27:12:39 | ControlFlowNode for Str | GET |
| test.py:13:5:13:32 | ControlFlowNode for Attribute() | test.py:13:25:13:31 | ControlFlowNode for Str | GET |
| test.py:22:5:22:33 | ControlFlowNode for Attribute() | test.py:17:28:17:40 | ControlFlowNode for Str | POST |

1
python/ql/test/library-tests/web/django/HttpRedirectSinks.expected
View File

@@ -1,3 +1,4 @@
WARNING: Type HttpRedirectTaintSink has been deprecated and may be removed in future (HttpRedirectSinks.ql:5,6-27)
| test_1x.py:13:21:13:24 | DjangoShortcutsRedirectSink | externally controlled string |
| test_2x_3x.py:13:21:13:24 | DjangoShortcutsRedirectSink | externally controlled string |
| views_1x.py:99:33:99:55 | DjangoRedirectResponseSink | externally controlled string |

1
python/ql/test/library-tests/web/django/HttpResponseSinks.expected
View File

@@ -1,3 +1,4 @@
WARNING: Type HttpResponseTaintSink has been deprecated and may be removed in future (HttpResponseSinks.ql:5,6-27)
| views_1x.py:8:25:8:63 | django.Response(...) | externally controlled string |
| views_1x.py:12:25:12:52 | django.Response(...) | externally controlled string |
| views_1x.py:16:25:16:53 | django.Response(...) | externally controlled string |

1
python/ql/test/library-tests/web/django/HttpSources.expected
View File

@@ -1,3 +1,4 @@
WARNING: Type HttpRequestTaintSource has been deprecated and may be removed in future (HttpSources.ql:5,6-28)
| test_1x.py:6:19:6:25 | request | django.request.HttpRequest |
| test_1x.py:6:28:6:31 | path | externally controlled string |
| test_1x.py:12:19:12:25 | request | django.request.HttpRequest |

1
python/ql/test/library-tests/web/falcon/HttpSources.expected
View File

@@ -1,3 +1,4 @@
WARNING: Type HttpRequestTaintSource has been deprecated and may be removed in future (HttpSources.ql:5,6-28)
| test.py:9:22:9:24 | req | falcon.request |
| test.py:19:23:19:25 | req | falcon.request |
| test.py:22:25:22:27 | req | falcon.request |

1
python/ql/test/library-tests/web/falcon/Routing.expected
View File

@@ -1,3 +1,4 @@
WARNING: Type FalconRoute has been deprecated and may be removed in future (Routing.ql:4,6-17)
| /hello | delete | test.py:22:5:22:35 | Function on_delete |
| /hello | get | test.py:9:5:9:32 | Function on_get |
| /hello | post | test.py:19:5:19:33 | Function on_post |

1
python/ql/test/library-tests/web/flask/HttpResponseSinks.expected
View File

@@ -1,3 +1,4 @@
WARNING: Type HttpResponseTaintSink has been deprecated and may be removed in future (HttpResponseSinks.ql:5,6-27)
| test.py:8:12:8:25 | flask.routed.response | externally controlled string |
| test.py:29:12:29:38 | flask.routed.response | externally controlled string |
| test.py:35:16:35:37 | flask.routed.response | externally controlled string |

1
python/ql/test/library-tests/web/flask/HttpSources.expected
View File

@@ -1,3 +1,4 @@
WARNING: Type HttpRequestTaintSource has been deprecated and may be removed in future (HttpSources.ql:5,6-28)
| test.py:29:12:29:23 | Attribute | {externally controlled string} |
| test.py:33:9:33:20 | Attribute | {externally controlled string} |
| test.py:35:16:35:27 | Attribute | {externally controlled string} |

1
python/ql/test/library-tests/web/flask/Routing.expected
View File

@@ -1,3 +1,4 @@
WARNING: Predicate flask_routing has been deprecated and may be removed in future (Routing.ql:5,7-20)
| / | Function hello_world |
| /complex/<string(length=2):lang_code> | Function complex |
| /dangerous | Function dangerous |

1
python/ql/test/library-tests/web/pyramid/HttpResponseSinks.expected
View File

@@ -1,3 +1,4 @@
WARNING: Type HttpResponseTaintSink has been deprecated and may be removed in future (HttpResponseSinks.ql:5,6-27)
| test.py:8:12:8:31 | pyramid.routed.response | externally controlled string |
| test.py:17:12:17:41 | pyramid.routed.response | externally controlled string |
| test.py:25:12:25:43 | pyramid.routed.response | externally controlled string |

1
python/ql/test/library-tests/web/pyramid/HttpSources.expected
View File

@@ -1,3 +1,4 @@
WARNING: Type HttpRequestTaintSource has been deprecated and may be removed in future (HttpSources.ql:5,6-28)
| test.py:7:10:7:16 | request | pyramid.request |
| test.py:15:11:15:17 | request | pyramid.request |
| test.py:24:11:24:17 | request | pyramid.request |

1
python/ql/test/library-tests/web/pyramid/Routing.expected
View File

@@ -1,3 +1,4 @@
WARNING: Predicate is_pyramid_view_function has been deprecated and may be removed in future (Routing.ql:5,7-31)
| test.py:7 | Function home |
| test.py:15 | Function greet |
| test.py:24 | Function stuff |

1
python/ql/test/library-tests/web/stdlib/HttpResponseSinks.expected
View File

@@ -1,2 +1,3 @@
WARNING: Type HttpResponseTaintSink has been deprecated and may be removed in future (HttpResponseSinks.ql:5,6-27)
| test.py:72:26:72:58 | Taint sink | externally controlled string |
| test.py:73:31:73:54 | Taint sink | [externally controlled string] |

1
python/ql/test/library-tests/web/stdlib/HttpSources.expected
View File

@@ -1,3 +1,4 @@
WARNING: Type HttpRequestTaintSource has been deprecated and may be removed in future (HttpSources.ql:5,6-28)
| test.py:18:13:18:16 | self | BaseHTTPRequestHandlerKind |
| test.py:20:13:20:16 | self | BaseHTTPRequestHandlerKind |
| test.py:22:13:22:16 | self | BaseHTTPRequestHandlerKind |

1
python/ql/test/library-tests/web/tornado/Classes.expected
View File

@@ -1,3 +1,4 @@
WARNING: Predicate aTornadoRequestHandlerClass has been deprecated and may be removed in future (Classes.ql:6,13-40)
| test.py:4 | class Handler1 |
| test.py:8 | class Handler2 |
| test.py:14 | class Handler3 |

1
python/ql/test/library-tests/web/tornado/HttpRedirectSinks.expected
View File

@@ -1 +1,2 @@
WARNING: Type HttpRedirectTaintSink has been deprecated and may be removed in future (HttpRedirectSinks.ql:5,6-27)
| test.py:20:23:20:25 | tornado.HttpRequestHandler.redirect | externally controlled string |

1
python/ql/test/library-tests/web/tornado/HttpResponseSinks.expected
View File

@@ -1,3 +1,4 @@
WARNING: Type HttpResponseTaintSink has been deprecated and may be removed in future (HttpResponseSinks.ql:5,6-27)
| test.py:6:20:6:43 | tornado.HttpRequestHandler.write | externally controlled string |
| test.py:12:20:12:23 | tornado.HttpRequestHandler.write | externally controlled string |
| test.py:26:20:26:48 | tornado.HttpRequestHandler.write | externally controlled string |

1
python/ql/test/library-tests/web/tornado/HttpSources.expected
View File

@@ -1,3 +1,4 @@
WARNING: Type HttpRequestTaintSource has been deprecated and may be removed in future (HttpSources.ql:5,6-28)
| test.py:6:20:6:43 | Attribute() | externally controlled string |
| test.py:10:16:10:40 | Attribute() | [externally controlled string] |
| test.py:17:15:17:26 | Attribute | tornado.request.HttpRequest |

1
python/ql/test/library-tests/web/turbogears/Controller.expected
View File

@@ -1,3 +1,4 @@
WARNING: Type TurboGearsControllerMethod has been deprecated and may be removed in future (Controller.ql:4,6-32)
| test.py:7:5:7:32 | Function onerror |
| test.py:13:5:13:50 | Function ok_validated |
| test.py:18:5:18:57 | Function partially_validated |

1
python/ql/test/library-tests/web/turbogears/HttpResponseSinks.expected
View File

@@ -1,3 +1,4 @@
WARNING: Type HttpResponseTaintSink has been deprecated and may be removed in future (HttpResponseSinks.ql:5,6-27)
| test.py:8:16:8:69 | TurboGears ControllerMethodReturnValue | externally controlled string |
| test.py:14:16:14:50 | TurboGears ControllerMethodReturnValue | externally controlled string |
| test.py:19:16:19:50 | TurboGears ControllerMethodReturnValue | externally controlled string |

1
python/ql/test/library-tests/web/turbogears/HttpSources.expected
View File

@@ -1,3 +1,4 @@
WARNING: Type HttpRequestTaintSource has been deprecated and may be removed in future (HttpSources.ql:5,6-28)
| test.py:18:43:18:43 | b | externally controlled string |
| test.py:22:29:22:29 | a | externally controlled string |
| test.py:22:37:22:37 | b | externally controlled string |

1
python/ql/test/library-tests/web/twisted/Classes.expected
View File

@@ -1,3 +1,4 @@
WARNING: Predicate aTwistedRequestHandlerClass has been deprecated and may be removed in future (Classes.ql:6,13-40)
| class MyRequestHandler1 | test.py:3 |
| class MyRequestHandler2 | test.py:23 |
| class MyRequestHandler3 | test.py:27 |

1
python/ql/test/library-tests/web/twisted/HttpResponseSinks.expected
View File

@@ -1,3 +1,4 @@
WARNING: Type HttpResponseTaintSink has been deprecated and may be removed in future (HttpResponseSinks.ql:5,6-27)
| test.py:7:16:7:23 | Twisted response | externally controlled string |
| test.py:14:16:14:23 | Twisted response | externally controlled string |
| test.py:21:16:21:23 | Twisted response | externally controlled string |

1
python/ql/test/library-tests/web/twisted/HttpSources.expected
View File

@@ -1,3 +1,4 @@
WARNING: Type HttpRequestTaintSource has been deprecated and may be removed in future (HttpSources.ql:5,6-28)
| test.py:4:22:4:28 | request | twisted.request.http.Request |
| test.py:9:26:9:32 | request | twisted.request.http.Request |
| test.py:16:27:16:33 | request | twisted.request.http.Request |

1
python/ql/test/library-tests/web/twisted/Methods.expected
View File

@@ -1,3 +1,4 @@
WARNING: Predicate getTwistedRequestHandlerMethod has been deprecated and may be removed in future (Methods.ql:6,14-44)
| myrender | Function MyRequestHandler2.myrender | test.py:24 |
| render | Function MyRequestHandler1.render | test.py:4 |
| render | Function MyRequestHandler3.render | test.py:28 |