hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add query suite tests for swift with shared logic

Browse Source
This commit is contained in:
Tamas Vajk
2025-04-23 13:28:20 +02:00
parent 432435f1a6
commit 4c9aee2cc7
8 changed files with 163 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
java/ql/integration-tests/java/query-suite/test.py
View File

@@ -1,29 +1,23 @@
import os
import runs_on import runs_on
import pytest import pytest
import sys
def get_test_module(semmle_code_dir):
import importlib.util
spec = importlib.util.spec_from_file_location('test-module', semmle_code_dir / 'ql' / 'misc' / 'pytest' / 'lib' / 'query-suite-test.py')
mod = importlib.util.module_from_spec(spec)
sys.modules["test-module"] = mod
spec.loader.exec_module(mod)
return mod
well_known_query_suites = ['java-code-quality.qls', 'java-security-and-quality.qls', 'java-security-extended.qls', 'java-code-scanning.qls'] well_known_query_suites = ['java-code-quality.qls', 'java-security-and-quality.qls', 'java-security-extended.qls', 'java-code-scanning.qls']
@runs_on.posix @runs_on.posix
@pytest.mark.parametrize("query_suite", well_known_query_suites) @pytest.mark.parametrize("query_suite", well_known_query_suites)
def test(codeql, java, cwd, expected_files, semmle_code_dir, query_suite): def test(codeql, java, cwd, expected_files, semmle_code_dir, query_suite):
actual = codeql.resolve.queries(query_suite, _capture=True).strip() get_test_module(semmle_code_dir).test(codeql, cwd, expected_files, semmle_code_dir, query_suite)
actual = sorted(actual.splitlines())
actual = [os.path.relpath(q, semmle_code_dir) for q in actual]
actual_file_name = query_suite + '.actual'
expected_files.add(actual_file_name)
(cwd / actual_file_name).write_text('\n'.join(actual)+'\n')
@runs_on.posix @runs_on.posix
def test_not_included_queries(codeql, java, cwd, expected_files, semmle_code_dir): def test_not_included_queries(codeql, java, cwd, expected_files, semmle_code_dir):
all_queries = codeql.resolve.queries(semmle_code_dir / 'ql' / 'java' / 'ql' / 'src', _capture=True).strip().splitlines() get_test_module(semmle_code_dir).test_not_included_queries(codeql, 'java', cwd, expected_files, semmle_code_dir, well_known_query_suites)
included_in_qls = set()
for query_suite in well_known_query_suites:
included_in_qls |= set(codeql.resolve.queries(query_suite, _capture=True).strip().splitlines())
not_included = sorted(set(all_queries) - included_in_qls)
not_included = [os.path.relpath(q, semmle_code_dir) for q in not_included]
not_included_file_name = 'not_included_in_qls.actual'
expected_files.add(not_included_file_name)
(cwd / not_included_file_name).write_text('\n'.join(not_included)+'\n')

23
misc/pytest/lib/query-suite-test.py Normal file
View File

@@ -0,0 +1,23 @@
import os
def test(codeql, cwd, expected_files, semmle_code_dir, query_suite):
actual = codeql.resolve.queries(query_suite, _capture=True).strip()
actual = sorted(actual.splitlines())
actual = [os.path.relpath(q, semmle_code_dir) for q in actual]
actual_file_name = query_suite + '.actual'
expected_files.add(actual_file_name)
(cwd / actual_file_name).write_text('\n'.join(actual)+'\n')
def test_not_included_queries(codeql, lang_folder_name, cwd, expected_files, semmle_code_dir, query_suites):
all_queries = codeql.resolve.queries(semmle_code_dir / 'ql' / lang_folder_name / 'ql' / 'src', _capture=True).strip().splitlines()
included_in_qls = set()
for query_suite in query_suites:
included_in_qls |= set(codeql.resolve.queries(query_suite, _capture=True).strip().splitlines())
not_included = sorted(set(all_queries) - included_in_qls)
not_included = [os.path.relpath(q, semmle_code_dir) for q in not_included]
not_included_file_name = 'not_included_in_qls.actual'
expected_files.add(not_included_file_name)
(cwd / not_included_file_name).write_text('\n'.join(not_included)+'\n')

9
swift/ql/integration-tests/posix/query-suite/not_included_in_qls.expected Normal file
View File

@@ -0,0 +1,9 @@
ql/swift/ql/src/AlertSuppression.ql
ql/swift/ql/src/experimental/Security/CWE-022/UnsafeUnpack.ql
ql/swift/ql/src/queries/Summary/FlowSources.ql
ql/swift/ql/src/queries/Summary/QuerySinks.ql
ql/swift/ql/src/queries/Summary/RegexEvals.ql
ql/swift/ql/src/queries/Summary/SensitiveExprs.ql
ql/swift/ql/src/queries/Summary/SummaryStats.ql
ql/swift/ql/src/queries/Summary/TaintReach.ql
ql/swift/ql/src/queries/ide-contextual-queries/printAst.ql

1
swift/ql/integration-tests/posix/query-suite/swift-code-quality.qls.expected Normal file
View File

@@ -0,0 +1 @@

31
swift/ql/integration-tests/posix/query-suite/swift-code-scanning.qls.expected Normal file
View File

@@ -0,0 +1,31 @@
ql/swift/ql/src/diagnostics/ExtractedFiles.ql
ql/swift/ql/src/diagnostics/SuccessfullyExtractedLines.ql
ql/swift/ql/src/diagnostics/internal/AstNodes.ql
ql/swift/ql/src/diagnostics/internal/ExtractionErrors.ql
ql/swift/ql/src/diagnostics/internal/UnresolvedAstNodes.ql
ql/swift/ql/src/queries/Security/CWE-020/IncompleteHostnameRegex.ql
ql/swift/ql/src/queries/Security/CWE-020/MissingRegexAnchor.ql
ql/swift/ql/src/queries/Security/CWE-022/PathInjection.ql
ql/swift/ql/src/queries/Security/CWE-078/CommandInjection.ql
ql/swift/ql/src/queries/Security/CWE-079/UnsafeWebViewFetch.ql
ql/swift/ql/src/queries/Security/CWE-089/SqlInjection.ql
ql/swift/ql/src/queries/Security/CWE-116/BadTagFilter.ql
ql/swift/ql/src/queries/Security/CWE-1204/StaticInitializationVector.ql
ql/swift/ql/src/queries/Security/CWE-1333/ReDoS.ql
ql/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatString.ql
ql/swift/ql/src/queries/Security/CWE-135/StringLengthConflation.ql
ql/swift/ql/src/queries/Security/CWE-259/ConstantPassword.ql
ql/swift/ql/src/queries/Security/CWE-311/CleartextStorageDatabase.ql
ql/swift/ql/src/queries/Security/CWE-311/CleartextTransmission.ql
ql/swift/ql/src/queries/Security/CWE-312/CleartextLogging.ql
ql/swift/ql/src/queries/Security/CWE-312/CleartextStoragePreferences.ql
ql/swift/ql/src/queries/Security/CWE-321/HardcodedEncryptionKey.ql
ql/swift/ql/src/queries/Security/CWE-327/ECBEncryption.ql
ql/swift/ql/src/queries/Security/CWE-328/WeakPasswordHashing.ql
ql/swift/ql/src/queries/Security/CWE-328/WeakSensitiveDataHashing.ql
ql/swift/ql/src/queries/Security/CWE-611/XXE.ql
ql/swift/ql/src/queries/Security/CWE-730/RegexInjection.ql
ql/swift/ql/src/queries/Security/CWE-757/InsecureTLS.ql
ql/swift/ql/src/queries/Security/CWE-760/ConstantSalt.ql
ql/swift/ql/src/queries/Security/CWE-916/InsufficientHashIterations.ql
ql/swift/ql/src/queries/Security/CWE-943/PredicateInjection.ql

32
swift/ql/integration-tests/posix/query-suite/swift-security-and-quality.qls.expected Normal file
View File

@@ -0,0 +1,32 @@
ql/swift/ql/src/diagnostics/ExtractedFiles.ql
ql/swift/ql/src/diagnostics/SuccessfullyExtractedLines.ql
ql/swift/ql/src/diagnostics/internal/AstNodes.ql
ql/swift/ql/src/diagnostics/internal/ExtractionErrors.ql
ql/swift/ql/src/diagnostics/internal/UnresolvedAstNodes.ql
ql/swift/ql/src/queries/Security/CWE-020/IncompleteHostnameRegex.ql
ql/swift/ql/src/queries/Security/CWE-020/MissingRegexAnchor.ql
ql/swift/ql/src/queries/Security/CWE-022/PathInjection.ql
ql/swift/ql/src/queries/Security/CWE-078/CommandInjection.ql
ql/swift/ql/src/queries/Security/CWE-079/UnsafeWebViewFetch.ql
ql/swift/ql/src/queries/Security/CWE-089/SqlInjection.ql
ql/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.ql
ql/swift/ql/src/queries/Security/CWE-116/BadTagFilter.ql
ql/swift/ql/src/queries/Security/CWE-1204/StaticInitializationVector.ql
ql/swift/ql/src/queries/Security/CWE-1333/ReDoS.ql
ql/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatString.ql
ql/swift/ql/src/queries/Security/CWE-135/StringLengthConflation.ql
ql/swift/ql/src/queries/Security/CWE-259/ConstantPassword.ql
ql/swift/ql/src/queries/Security/CWE-311/CleartextStorageDatabase.ql
ql/swift/ql/src/queries/Security/CWE-311/CleartextTransmission.ql
ql/swift/ql/src/queries/Security/CWE-312/CleartextLogging.ql
ql/swift/ql/src/queries/Security/CWE-312/CleartextStoragePreferences.ql
ql/swift/ql/src/queries/Security/CWE-321/HardcodedEncryptionKey.ql
ql/swift/ql/src/queries/Security/CWE-327/ECBEncryption.ql
ql/swift/ql/src/queries/Security/CWE-328/WeakPasswordHashing.ql
ql/swift/ql/src/queries/Security/CWE-328/WeakSensitiveDataHashing.ql
ql/swift/ql/src/queries/Security/CWE-611/XXE.ql
ql/swift/ql/src/queries/Security/CWE-730/RegexInjection.ql
ql/swift/ql/src/queries/Security/CWE-757/InsecureTLS.ql
ql/swift/ql/src/queries/Security/CWE-760/ConstantSalt.ql
ql/swift/ql/src/queries/Security/CWE-916/InsufficientHashIterations.ql
ql/swift/ql/src/queries/Security/CWE-943/PredicateInjection.ql

32
swift/ql/integration-tests/posix/query-suite/swift-security-extended.qls.expected Normal file
View File

@@ -0,0 +1,32 @@
ql/swift/ql/src/diagnostics/ExtractedFiles.ql
ql/swift/ql/src/diagnostics/SuccessfullyExtractedLines.ql
ql/swift/ql/src/diagnostics/internal/AstNodes.ql
ql/swift/ql/src/diagnostics/internal/ExtractionErrors.ql
ql/swift/ql/src/diagnostics/internal/UnresolvedAstNodes.ql
ql/swift/ql/src/queries/Security/CWE-020/IncompleteHostnameRegex.ql
ql/swift/ql/src/queries/Security/CWE-020/MissingRegexAnchor.ql
ql/swift/ql/src/queries/Security/CWE-022/PathInjection.ql
ql/swift/ql/src/queries/Security/CWE-078/CommandInjection.ql
ql/swift/ql/src/queries/Security/CWE-079/UnsafeWebViewFetch.ql
ql/swift/ql/src/queries/Security/CWE-089/SqlInjection.ql
ql/swift/ql/src/queries/Security/CWE-094/UnsafeJsEval.ql
ql/swift/ql/src/queries/Security/CWE-116/BadTagFilter.ql
ql/swift/ql/src/queries/Security/CWE-1204/StaticInitializationVector.ql
ql/swift/ql/src/queries/Security/CWE-1333/ReDoS.ql
ql/swift/ql/src/queries/Security/CWE-134/UncontrolledFormatString.ql
ql/swift/ql/src/queries/Security/CWE-135/StringLengthConflation.ql
ql/swift/ql/src/queries/Security/CWE-259/ConstantPassword.ql
ql/swift/ql/src/queries/Security/CWE-311/CleartextStorageDatabase.ql
ql/swift/ql/src/queries/Security/CWE-311/CleartextTransmission.ql
ql/swift/ql/src/queries/Security/CWE-312/CleartextLogging.ql
ql/swift/ql/src/queries/Security/CWE-312/CleartextStoragePreferences.ql
ql/swift/ql/src/queries/Security/CWE-321/HardcodedEncryptionKey.ql
ql/swift/ql/src/queries/Security/CWE-327/ECBEncryption.ql
ql/swift/ql/src/queries/Security/CWE-328/WeakPasswordHashing.ql
ql/swift/ql/src/queries/Security/CWE-328/WeakSensitiveDataHashing.ql
ql/swift/ql/src/queries/Security/CWE-611/XXE.ql
ql/swift/ql/src/queries/Security/CWE-730/RegexInjection.ql
ql/swift/ql/src/queries/Security/CWE-757/InsecureTLS.ql
ql/swift/ql/src/queries/Security/CWE-760/ConstantSalt.ql
ql/swift/ql/src/queries/Security/CWE-916/InsufficientHashIterations.ql
ql/swift/ql/src/queries/Security/CWE-943/PredicateInjection.ql

23
swift/ql/integration-tests/posix/query-suite/test.py Normal file
View File

@@ -0,0 +1,23 @@
import runs_on
import pytest
import sys
def get_test_module(semmle_code_dir):
import importlib.util
spec = importlib.util.spec_from_file_location('test-module', semmle_code_dir / 'ql' / 'misc' / 'pytest' / 'lib' / 'query-suite-test.py')
mod = importlib.util.module_from_spec(spec)
sys.modules["test-module"] = mod
spec.loader.exec_module(mod)
return mod
well_known_query_suites = ['swift-code-quality.qls', 'swift-security-and-quality.qls', 'swift-security-extended.qls', 'swift-code-scanning.qls']
@runs_on.posix
@pytest.mark.parametrize("query_suite", well_known_query_suites)
def test(codeql, swift, cwd, expected_files, semmle_code_dir, query_suite):
get_test_module(semmle_code_dir).test(codeql, cwd, expected_files, semmle_code_dir, query_suite)
@runs_on.posix
def test_not_included_queries(codeql, swift, cwd, expected_files, semmle_code_dir):
get_test_module(semmle_code_dir).test_not_included_queries(codeql, 'swift', cwd, expected_files, semmle_code_dir, well_known_query_suites)