hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 11:15:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Python: reorganized and added to tests

Browse Source
This commit is contained in:
Rasmus Lerchedahl Petersen
2020-11-19 12:06:58 +01:00
parent 71830abda0
commit 39f134c1c1
4 changed files with 94 additions and 66 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
python/ql/test/experimental/dataflow/validTest.py
View File

@@ -53,5 +53,6 @@ if __name__ == "__main__":
check_tests_valid("coverage.classes")
check_tests_valid("coverage.test")
check_tests_valid("coverage.argumentPassing")
check_tests_valid("variable-capture.in")
check_tests_valid("variable-capture.nonlocal")
check_tests_valid("variable-capture.dict")

33
python/ql/test/experimental/dataflow/variable-capture/dict.py
View File

@@ -29,39 +29,6 @@ def SINK_F(x):
print("OK")
def In(tainted):
def captureIn1():
sinkI1 = tainted
SINK(sinkI1) #$ MISSING:captured
captureIn1()
def captureIn2():
def m():
sinkI2 = tainted
SINK(sinkI2) #$ MISSING:captured
m()
captureIn2()
# captureIn3 = lambda arg:(
# sinkI3 = tainted;
# check(sinkI3);
# return arg)
# [ captureIn3(x) for x in " " ]
def captureIn1NotCalled():
nonSink0 = tainted
SINK_F(nonSink0)
def captureIn2NotCalled():
def m():
nonSink0 = tainted
SINK_F(nonSink0)
captureIn2NotCalled()
@expects(2)
def test_In():
In(SOURCE)
def Out():
sinkO1 = { "x": "" }
def captureOut1():

93
python/ql/test/experimental/dataflow/variable-capture/in.py Normal file
View File

@@ -0,0 +1,93 @@
# All functions starting with "test_" should run and execute `print("OK")` exactly once.
# This can be checked by running validTest.py.
import sys
import os
sys.path.append(os.path.dirname(os.path.dirname((__file__))))
from testlib import *
# These are defined so that we can evaluate the test code.
NONSOURCE = "not a source"
SOURCE = "source"
def is_source(x):
return x == "source" or x == b"source" or x == 42 or x == 42.0 or x == 42j
def SINK(x):
if is_source(x):
print("OK")
else:
print("Unexpected flow", x)
def SINK_F(x):
if is_source(x):
print("Unexpected flow", x)
else:
print("OK")
def inParam(tainted):
def captureIn1():
sinkI1 = tainted
SINK(sinkI1) #$ MISSING:captured
captureIn1()
def captureIn2():
def m():
sinkI2 = tainted
SINK(sinkI2) #$ MISSING:captured
m()
captureIn2()
captureIn3 = lambda arg: SINK(tainted)
captureIn3("")
def captureIn1NotCalled():
nonSink0 = tainted
SINK_F(nonSink0)
def captureIn2NotCalled():
def m():
nonSink0 = tainted
SINK_F(nonSink0)
captureIn2NotCalled()
@expects(3)
def test_inParam():
inParam(SOURCE)
def inLocal():
tainted = SOURCE
def captureIn1():
sinkI1 = tainted
SINK(sinkI1) #$ MISSING:captured
captureIn1()
def captureIn2():
def m():
sinkI2 = tainted
SINK(sinkI2) #$ MISSING:captured
m()
captureIn2()
captureIn3 = lambda arg: SINK(tainted)
captureIn3("")
def captureIn1NotCalled():
nonSink0 = tainted
SINK_F(nonSink0)
def captureIn2NotCalled():
def m():
nonSink0 = tainted
SINK_F(nonSink0)
captureIn2NotCalled()
@expects(3)
def test_inLocal():
inLocal()

33
python/ql/test/experimental/dataflow/variable-capture/nonlocal.py
View File

@@ -29,39 +29,6 @@ def SINK_F(x):
print("OK")
def In(tainted):
def captureIn1():
sinkI1 = tainted
SINK(sinkI1) #$ MISSING:captured
captureIn1()
def captureIn2():
def m():
sinkI2 = tainted
SINK(sinkI2) #$ MISSING:captured
m()
captureIn2()
# captureIn3 = lambda arg:(
# sinkI3 = tainted;
# check(sinkI3);
# return arg)
# [ captureIn3(x) for x in " " ]
def captureIn1NotCalled():
nonSink0 = tainted
SINK_F(nonSink0)
def captureIn2NotCalled():
def m():
nonSink0 = tainted
SINK_F(nonSink0)
captureIn2NotCalled()
@expects(2)
def test_In():
In(SOURCE)
def Out():
sinkO1 = ""
def captureOut1():