mirror of
https://github.com/github/codeql.git
synced 2026-07-01 09:35:42 +02:00
Add test case with MISSING tag demonstrating instance-across-call shortcoming
This commit is contained in:
committed by
GitHub
parent
de8f489812
commit
4181855d09
@@ -161,6 +161,18 @@ print(instance.foo) # $ tracked MISSING: tracked=foo
|
||||
instance.print_foo() # $ MISSING: tracked=foo
|
||||
|
||||
|
||||
# attribute set in method, but the instance flows across a call/return before the read.
|
||||
# `instanceFieldStep` identifies the instance using only local flow from the constructor
|
||||
# call, so a value stored on `self.foo` is not seen once the instance has crossed a
|
||||
# function boundary.
|
||||
|
||||
def make_my_class2():
|
||||
return MyClass2()
|
||||
|
||||
returned_instance = make_my_class2()
|
||||
print(returned_instance.foo) # $ MISSING: tracked
|
||||
|
||||
|
||||
# attribute set from outside of class
|
||||
|
||||
class MyClass3(object):
|
||||
|
||||
Reference in New Issue
Block a user