Python: Fix shared taint tracking tests

Since there was a .ql file, qltest tried to run a test in test/experimental/dataflow/taintracking/ which failed since there was no code.
2026-05-02 04:05:14 +02:00 · 2020-08-25 11:15:11 +02:00
parent d96ef73033
commit 483bd0e863
5 changed files with 30 additions and 24 deletions
--- a/python/ql/test/experimental/dataflow/tainttracking/TestTaintLib.qll
+++ b/python/ql/test/experimental/dataflow/tainttracking/TestTaintLib.qll
@@ -42,25 +42,31 @@ private string repr(Expr e) {
  result = repr(e.(Attribute).getObject()) + "." + e.(Attribute).getName()
 }

-from Call call, Expr arg, boolean expected_taint, boolean has_taint, string test_res
-where
-  call.getLocation().getFile().getShortName() = "test.py" and
-  (
-    call.getFunc().(Name).getId() = "ensure_tainted" and
-    expected_taint = true
-    or
-    call.getFunc().(Name).getId() = "ensure_not_tainted" and
-    expected_taint = false
-  ) and
-  arg = call.getAnArg() and
-  (
-    // TODO: Replace with `hasFlowToExpr` once that is working
-    if
-      exists(TaintTracking::Configuration c |
-        c.hasFlowTo(any(DataFlow::Node n | n.(DataFlow::CfgNode).getNode() = arg.getAFlowNode()))
-      )
-    then has_taint = true
-    else has_taint = false
-  ) and
-  if expected_taint = has_taint then test_res = "ok  " else test_res = "fail"
-select arg.getLocation().toString(), test_res, call.getScope().(Function).getName(), repr(arg)
+query predicate test_taint(string arg_location, string test_res, string function_name, string repr) {
+  exists(Call call, Expr arg, boolean expected_taint, boolean has_taint |
+    call.getLocation().getFile().getShortName() = "test.py" and
+    (
+      call.getFunc().(Name).getId() = "ensure_tainted" and
+      expected_taint = true
+      or
+      call.getFunc().(Name).getId() = "ensure_not_tainted" and
+      expected_taint = false
+    ) and
+    arg = call.getAnArg() and
+    (
+      // TODO: Replace with `hasFlowToExpr` once that is working
+      if
+        exists(TaintTracking::Configuration c |
+          c.hasFlowTo(any(DataFlow::Node n | n.(DataFlow::CfgNode).getNode() = arg.getAFlowNode()))
+        )
+      then has_taint = true
+      else has_taint = false
+    ) and
+    (if expected_taint = has_taint then test_res = "ok  " else test_res = "fail") and
+    // select
+    arg_location = arg.getLocation().toString() and
+    test_res = test_res and
+    function_name = call.getScope().(Function).getName() and
+    repr = repr(arg)
+  )
+}
--- a/python/ql/test/experimental/dataflow/tainttracking/string-py3/TestTaint.ql
+++ b/python/ql/test/experimental/dataflow/tainttracking/string-py3/TestTaint.ql
@@ -0,0 +1 @@
+import experimental.dataflow.tainttracking.TestTaintLib
--- a/python/ql/test/experimental/dataflow/tainttracking/string-py3/TestTaint.qlref
+++ b/python/ql/test/experimental/dataflow/tainttracking/string-py3/TestTaint.qlref
@@ -1 +0,0 @@
-../TestTaint.ql
--- a/python/ql/test/experimental/dataflow/tainttracking/string/TestTaint.ql
+++ b/python/ql/test/experimental/dataflow/tainttracking/string/TestTaint.ql
@@ -0,0 +1 @@
+import experimental.dataflow.tainttracking.TestTaintLib
--- a/python/ql/test/experimental/dataflow/tainttracking/string/TestTaint.qlref
+++ b/python/ql/test/experimental/dataflow/tainttracking/string/TestTaint.qlref
@@ -1 +0,0 @@
-../TestTaint.ql
				`@@ -0,0 +1 @@`
				`import experimental.dataflow.tainttracking.TestTaintLib`