python: add missing summaries

For append/add: The new results in the experimental tar slip query show that we do not recognize the sanitisers.
2026-05-05 05:35:13 +02:00 · 2023-06-09 16:08:02 +02:00
parent b72c93ff4f
commit 4b4b9bf9da
11 changed files with 388 additions and 47 deletions
--- a/python/ql/test/library-tests/frameworks/aiohttp/taint_test.py
+++ b/python/ql/test/library-tests/frameworks/aiohttp/taint_test.py
@@ -39,11 +39,11 @@ async def test_taint(request: web.Request): # $ requestHandler
        request.cookies, # $ tainted
        request.cookies["key"], # $ tainted
        request.cookies.get("key"), # $ tainted
-        request.cookies.keys(), # $ MISSING: tainted
-        request.cookies.values(), # $ MISSING: tainted
-        request.cookies.items(), # $ MISSING: tainted
+        request.cookies.keys(), # $ tainted
+        request.cookies.values(), # $ tainted
+        request.cookies.items(), # $ tainted
        list(request.cookies), # $ tainted
-        iter(request.cookies), # $ MISSING: tainted
+        iter(request.cookies), # $ tainted


        # aiohttp.StreamReader
--- a/python/ql/test/library-tests/frameworks/multidict/taint_test.py
+++ b/python/ql/test/library-tests/frameworks/multidict/taint_test.py
@@ -12,12 +12,12 @@ ensure_tainted(
    mdp.get("key"), # $ tainted
    mdp.getone("key"), # $ tainted
    mdp.getall("key"), # $ tainted
-    mdp.keys(), # $ MISSING: tainted
-    mdp.values(), # $ MISSING: tainted
-    mdp.items(), # $ MISSING: tainted
+    mdp.keys(), # $ tainted
+    mdp.values(), # $ tainted
+    mdp.items(), # $ tainted
    mdp.copy(), # $ tainted
    list(mdp), # $ tainted
-    iter(mdp), # $ MISSING: tainted
+    iter(mdp), # $ tainted
 )

 # TODO: This is an invalid CIMultiDictProxy construction... but for the purpose of
@@ -32,10 +32,10 @@ ensure_tainted(
    ci_mdp.get("key"), # $ tainted
    ci_mdp.getone("key"), # $ tainted
    ci_mdp.getall("key"), # $ tainted
-    ci_mdp.keys(), # $ MISSING: tainted
-    ci_mdp.values(), # $ MISSING: tainted
-    ci_mdp.items(), # $ MISSING: tainted
+    ci_mdp.keys(), # $ tainted
+    ci_mdp.values(), # $ tainted
+    ci_mdp.items(), # $ tainted
    ci_mdp.copy(), # $ tainted
    list(ci_mdp), # $ tainted
-    iter(ci_mdp), # $ MISSING: tainted
+    iter(ci_mdp), # $ tainted
 )
--- a/python/ql/test/library-tests/frameworks/stdlib/http_server.py
+++ b/python/ql/test/library-tests/frameworks/stdlib/http_server.py
@@ -60,8 +60,8 @@ class MyHandler(BaseHTTPRequestHandler):
            self.headers.get('Foo'), # $ tainted
            self.headers.get_all('Foo'), # $ tainted
            self.headers.keys(), # $ tainted
-            self.headers.values(), # $ MISSING: tainted
-            self.headers.items(), # $ MISSING: tainted
+            self.headers.values(), # $ tainted
+            self.headers.items(), # $ tainted
            self.headers.as_bytes(), # $ tainted
            self.headers.as_string(), # $ tainted
            str(self.headers), # $ tainted