python: Add summaries for container constructors

Also: - turn on flow summaries for taint - do not restrict node type (as now we need summary nodes)
2026-05-03 04:39:29 +02:00 · 2023-05-15 11:00:43 +02:00
parent 145eaf3947
commit 5b4f98d6c4
16 changed files with 302 additions and 30 deletions
--- a/python/ql/test/experimental/dataflow/basic/callGraphSinks.expected
+++ b/python/ql/test/experimental/dataflow/basic/callGraphSinks.expected
@@ -1,4 +1,9 @@
+| file://:0:0:0:0 | parameter position 0 of builtins.dict |
+| file://:0:0:0:0 | parameter position 0 of builtins.frozenset |
+| file://:0:0:0:0 | parameter position 0 of builtins.list |
 | file://:0:0:0:0 | parameter position 0 of builtins.reversed |
+| file://:0:0:0:0 | parameter position 0 of builtins.set |
+| file://:0:0:0:0 | parameter position 0 of builtins.tuple |
 | file://:0:0:0:0 | parameter position 1 of dict.setdefault |
 | test.py:1:1:1:21 | SynthDictSplatParameterNode |
 | test.py:1:19:1:19 | ControlFlowNode for x |
--- a/python/ql/test/experimental/dataflow/basic/callGraphSources.expected
+++ b/python/ql/test/experimental/dataflow/basic/callGraphSources.expected
@@ -1,4 +1,9 @@
+| file://:0:0:0:0 | [summary] to write: return (return) in builtins.dict |
+| file://:0:0:0:0 | [summary] to write: return (return) in builtins.frozenset |
+| file://:0:0:0:0 | [summary] to write: return (return) in builtins.list |
 | file://:0:0:0:0 | [summary] to write: return (return) in builtins.reversed |
+| file://:0:0:0:0 | [summary] to write: return (return) in builtins.set |
+| file://:0:0:0:0 | [summary] to write: return (return) in builtins.tuple |
 | file://:0:0:0:0 | [summary] to write: return (return) in dict.setdefault |
 | test.py:4:10:4:10 | ControlFlowNode for z |
 | test.py:7:19:7:19 | ControlFlowNode for a |
--- a/python/ql/test/experimental/dataflow/basic/global.expected
+++ b/python/ql/test/experimental/dataflow/basic/global.expected
@@ -1,4 +1,14 @@
+| file://:0:0:0:0 | [summary] read: argument position 0.List element in builtins.frozenset | file://:0:0:0:0 | [summary] to write: return (return).Set element in builtins.frozenset |
+| file://:0:0:0:0 | [summary] read: argument position 0.List element in builtins.list | file://:0:0:0:0 | [summary] to write: return (return).List element in builtins.list |
 | file://:0:0:0:0 | [summary] read: argument position 0.List element in builtins.reversed | file://:0:0:0:0 | [summary] to write: return (return).List element in builtins.reversed |
+| file://:0:0:0:0 | [summary] read: argument position 0.List element in builtins.set | file://:0:0:0:0 | [summary] to write: return (return).Set element in builtins.set |
+| file://:0:0:0:0 | [summary] read: argument position 0.Set element in builtins.frozenset | file://:0:0:0:0 | [summary] to write: return (return).Set element in builtins.frozenset |
+| file://:0:0:0:0 | [summary] read: argument position 0.Set element in builtins.list | file://:0:0:0:0 | [summary] to write: return (return).List element in builtins.list |
+| file://:0:0:0:0 | [summary] read: argument position 0.Set element in builtins.set | file://:0:0:0:0 | [summary] to write: return (return).Set element in builtins.set |
+| file://:0:0:0:0 | [summary] read: argument position 0.Tuple element at index 0 in builtins.frozenset | file://:0:0:0:0 | [summary] to write: return (return).Set element in builtins.frozenset |
+| file://:0:0:0:0 | [summary] read: argument position 0.Tuple element at index 0 in builtins.list | file://:0:0:0:0 | [summary] to write: return (return).List element in builtins.list |
+| file://:0:0:0:0 | [summary] read: argument position 0.Tuple element at index 0 in builtins.set | file://:0:0:0:0 | [summary] to write: return (return).Set element in builtins.set |
+| file://:0:0:0:0 | [summary] read: argument position 0.Tuple element at index 0 in builtins.tuple | file://:0:0:0:0 | [summary] to write: return (return).Tuple element at index 0 in builtins.tuple |
 | file://:0:0:0:0 | parameter position 1 of dict.setdefault | file://:0:0:0:0 | [summary] to write: return (return) in dict.setdefault |
 | test.py:1:1:1:21 | ControlFlowNode for FunctionExpr | test.py:1:5:1:17 | GSSA Variable obfuscated_id |
 | test.py:1:1:1:21 | ControlFlowNode for FunctionExpr | test.py:7:5:7:17 | ControlFlowNode for obfuscated_id |
--- a/python/ql/test/experimental/dataflow/basic/globalStep.expected
+++ b/python/ql/test/experimental/dataflow/basic/globalStep.expected
@@ -1,4 +1,14 @@
+| file://:0:0:0:0 | [summary] read: argument position 0.List element in builtins.frozenset | file://:0:0:0:0 | [summary] to write: return (return).Set element in builtins.frozenset |
+| file://:0:0:0:0 | [summary] read: argument position 0.List element in builtins.list | file://:0:0:0:0 | [summary] to write: return (return).List element in builtins.list |
 | file://:0:0:0:0 | [summary] read: argument position 0.List element in builtins.reversed | file://:0:0:0:0 | [summary] to write: return (return).List element in builtins.reversed |
+| file://:0:0:0:0 | [summary] read: argument position 0.List element in builtins.set | file://:0:0:0:0 | [summary] to write: return (return).Set element in builtins.set |
+| file://:0:0:0:0 | [summary] read: argument position 0.Set element in builtins.frozenset | file://:0:0:0:0 | [summary] to write: return (return).Set element in builtins.frozenset |
+| file://:0:0:0:0 | [summary] read: argument position 0.Set element in builtins.list | file://:0:0:0:0 | [summary] to write: return (return).List element in builtins.list |
+| file://:0:0:0:0 | [summary] read: argument position 0.Set element in builtins.set | file://:0:0:0:0 | [summary] to write: return (return).Set element in builtins.set |
+| file://:0:0:0:0 | [summary] read: argument position 0.Tuple element at index 0 in builtins.frozenset | file://:0:0:0:0 | [summary] to write: return (return).Set element in builtins.frozenset |
+| file://:0:0:0:0 | [summary] read: argument position 0.Tuple element at index 0 in builtins.list | file://:0:0:0:0 | [summary] to write: return (return).List element in builtins.list |
+| file://:0:0:0:0 | [summary] read: argument position 0.Tuple element at index 0 in builtins.set | file://:0:0:0:0 | [summary] to write: return (return).Set element in builtins.set |
+| file://:0:0:0:0 | [summary] read: argument position 0.Tuple element at index 0 in builtins.tuple | file://:0:0:0:0 | [summary] to write: return (return).Tuple element at index 0 in builtins.tuple |
 | file://:0:0:0:0 | parameter position 1 of dict.setdefault | file://:0:0:0:0 | [summary] to write: return (return) in dict.setdefault |
 | test.py:1:1:1:21 | ControlFlowNode for FunctionExpr | test.py:1:5:1:17 | GSSA Variable obfuscated_id |
 | test.py:1:1:1:21 | ControlFlowNode for FunctionExpr | test.py:1:5:1:17 | GSSA Variable obfuscated_id |
--- a/python/ql/test/experimental/dataflow/basic/local.expected
+++ b/python/ql/test/experimental/dataflow/basic/local.expected
@@ -1,9 +1,43 @@
+| file://:0:0:0:0 | [summary] read: argument position 0.List element in builtins.frozenset | file://:0:0:0:0 | [summary] read: argument position 0.List element in builtins.frozenset |
+| file://:0:0:0:0 | [summary] read: argument position 0.List element in builtins.frozenset | file://:0:0:0:0 | [summary] to write: return (return).Set element in builtins.frozenset |
+| file://:0:0:0:0 | [summary] read: argument position 0.List element in builtins.list | file://:0:0:0:0 | [summary] read: argument position 0.List element in builtins.list |
+| file://:0:0:0:0 | [summary] read: argument position 0.List element in builtins.list | file://:0:0:0:0 | [summary] to write: return (return).List element in builtins.list |
 | file://:0:0:0:0 | [summary] read: argument position 0.List element in builtins.reversed | file://:0:0:0:0 | [summary] read: argument position 0.List element in builtins.reversed |
 | file://:0:0:0:0 | [summary] read: argument position 0.List element in builtins.reversed | file://:0:0:0:0 | [summary] to write: return (return).List element in builtins.reversed |
+| file://:0:0:0:0 | [summary] read: argument position 0.List element in builtins.set | file://:0:0:0:0 | [summary] read: argument position 0.List element in builtins.set |
+| file://:0:0:0:0 | [summary] read: argument position 0.List element in builtins.set | file://:0:0:0:0 | [summary] to write: return (return).Set element in builtins.set |
+| file://:0:0:0:0 | [summary] read: argument position 0.Set element in builtins.frozenset | file://:0:0:0:0 | [summary] read: argument position 0.Set element in builtins.frozenset |
+| file://:0:0:0:0 | [summary] read: argument position 0.Set element in builtins.frozenset | file://:0:0:0:0 | [summary] to write: return (return).Set element in builtins.frozenset |
+| file://:0:0:0:0 | [summary] read: argument position 0.Set element in builtins.list | file://:0:0:0:0 | [summary] read: argument position 0.Set element in builtins.list |
+| file://:0:0:0:0 | [summary] read: argument position 0.Set element in builtins.list | file://:0:0:0:0 | [summary] to write: return (return).List element in builtins.list |
+| file://:0:0:0:0 | [summary] read: argument position 0.Set element in builtins.set | file://:0:0:0:0 | [summary] read: argument position 0.Set element in builtins.set |
+| file://:0:0:0:0 | [summary] read: argument position 0.Set element in builtins.set | file://:0:0:0:0 | [summary] to write: return (return).Set element in builtins.set |
+| file://:0:0:0:0 | [summary] read: argument position 0.Tuple element at index 0 in builtins.frozenset | file://:0:0:0:0 | [summary] read: argument position 0.Tuple element at index 0 in builtins.frozenset |
+| file://:0:0:0:0 | [summary] read: argument position 0.Tuple element at index 0 in builtins.frozenset | file://:0:0:0:0 | [summary] to write: return (return).Set element in builtins.frozenset |
+| file://:0:0:0:0 | [summary] read: argument position 0.Tuple element at index 0 in builtins.list | file://:0:0:0:0 | [summary] read: argument position 0.Tuple element at index 0 in builtins.list |
+| file://:0:0:0:0 | [summary] read: argument position 0.Tuple element at index 0 in builtins.list | file://:0:0:0:0 | [summary] to write: return (return).List element in builtins.list |
+| file://:0:0:0:0 | [summary] read: argument position 0.Tuple element at index 0 in builtins.set | file://:0:0:0:0 | [summary] read: argument position 0.Tuple element at index 0 in builtins.set |
+| file://:0:0:0:0 | [summary] read: argument position 0.Tuple element at index 0 in builtins.set | file://:0:0:0:0 | [summary] to write: return (return).Set element in builtins.set |
+| file://:0:0:0:0 | [summary] read: argument position 0.Tuple element at index 0 in builtins.tuple | file://:0:0:0:0 | [summary] read: argument position 0.Tuple element at index 0 in builtins.tuple |
+| file://:0:0:0:0 | [summary] read: argument position 0.Tuple element at index 0 in builtins.tuple | file://:0:0:0:0 | [summary] to write: return (return).Tuple element at index 0 in builtins.tuple |
+| file://:0:0:0:0 | [summary] to write: return (return) in builtins.dict | file://:0:0:0:0 | [summary] to write: return (return) in builtins.dict |
+| file://:0:0:0:0 | [summary] to write: return (return) in builtins.frozenset | file://:0:0:0:0 | [summary] to write: return (return) in builtins.frozenset |
+| file://:0:0:0:0 | [summary] to write: return (return) in builtins.list | file://:0:0:0:0 | [summary] to write: return (return) in builtins.list |
 | file://:0:0:0:0 | [summary] to write: return (return) in builtins.reversed | file://:0:0:0:0 | [summary] to write: return (return) in builtins.reversed |
+| file://:0:0:0:0 | [summary] to write: return (return) in builtins.set | file://:0:0:0:0 | [summary] to write: return (return) in builtins.set |
+| file://:0:0:0:0 | [summary] to write: return (return) in builtins.tuple | file://:0:0:0:0 | [summary] to write: return (return) in builtins.tuple |
 | file://:0:0:0:0 | [summary] to write: return (return) in dict.setdefault | file://:0:0:0:0 | [summary] to write: return (return) in dict.setdefault |
+| file://:0:0:0:0 | [summary] to write: return (return).List element in builtins.list | file://:0:0:0:0 | [summary] to write: return (return).List element in builtins.list |
 | file://:0:0:0:0 | [summary] to write: return (return).List element in builtins.reversed | file://:0:0:0:0 | [summary] to write: return (return).List element in builtins.reversed |
+| file://:0:0:0:0 | [summary] to write: return (return).Set element in builtins.frozenset | file://:0:0:0:0 | [summary] to write: return (return).Set element in builtins.frozenset |
+| file://:0:0:0:0 | [summary] to write: return (return).Set element in builtins.set | file://:0:0:0:0 | [summary] to write: return (return).Set element in builtins.set |
+| file://:0:0:0:0 | [summary] to write: return (return).Tuple element at index 0 in builtins.tuple | file://:0:0:0:0 | [summary] to write: return (return).Tuple element at index 0 in builtins.tuple |
+| file://:0:0:0:0 | parameter position 0 of builtins.dict | file://:0:0:0:0 | parameter position 0 of builtins.dict |
+| file://:0:0:0:0 | parameter position 0 of builtins.frozenset | file://:0:0:0:0 | parameter position 0 of builtins.frozenset |
+| file://:0:0:0:0 | parameter position 0 of builtins.list | file://:0:0:0:0 | parameter position 0 of builtins.list |
 | file://:0:0:0:0 | parameter position 0 of builtins.reversed | file://:0:0:0:0 | parameter position 0 of builtins.reversed |
+| file://:0:0:0:0 | parameter position 0 of builtins.set | file://:0:0:0:0 | parameter position 0 of builtins.set |
+| file://:0:0:0:0 | parameter position 0 of builtins.tuple | file://:0:0:0:0 | parameter position 0 of builtins.tuple |
 | file://:0:0:0:0 | parameter position 1 of dict.setdefault | file://:0:0:0:0 | [summary] to write: return (return) in dict.setdefault |
 | file://:0:0:0:0 | parameter position 1 of dict.setdefault | file://:0:0:0:0 | parameter position 1 of dict.setdefault |
 | test.py:0:0:0:0 | GSSA Variable __name__ | test.py:0:0:0:0 | GSSA Variable __name__ |
--- a/python/ql/test/experimental/dataflow/basic/localStep.expected
+++ b/python/ql/test/experimental/dataflow/basic/localStep.expected
@@ -1,4 +1,14 @@
+| file://:0:0:0:0 | [summary] read: argument position 0.List element in builtins.frozenset | file://:0:0:0:0 | [summary] to write: return (return).Set element in builtins.frozenset |
+| file://:0:0:0:0 | [summary] read: argument position 0.List element in builtins.list | file://:0:0:0:0 | [summary] to write: return (return).List element in builtins.list |
 | file://:0:0:0:0 | [summary] read: argument position 0.List element in builtins.reversed | file://:0:0:0:0 | [summary] to write: return (return).List element in builtins.reversed |
+| file://:0:0:0:0 | [summary] read: argument position 0.List element in builtins.set | file://:0:0:0:0 | [summary] to write: return (return).Set element in builtins.set |
+| file://:0:0:0:0 | [summary] read: argument position 0.Set element in builtins.frozenset | file://:0:0:0:0 | [summary] to write: return (return).Set element in builtins.frozenset |
+| file://:0:0:0:0 | [summary] read: argument position 0.Set element in builtins.list | file://:0:0:0:0 | [summary] to write: return (return).List element in builtins.list |
+| file://:0:0:0:0 | [summary] read: argument position 0.Set element in builtins.set | file://:0:0:0:0 | [summary] to write: return (return).Set element in builtins.set |
+| file://:0:0:0:0 | [summary] read: argument position 0.Tuple element at index 0 in builtins.frozenset | file://:0:0:0:0 | [summary] to write: return (return).Set element in builtins.frozenset |
+| file://:0:0:0:0 | [summary] read: argument position 0.Tuple element at index 0 in builtins.list | file://:0:0:0:0 | [summary] to write: return (return).List element in builtins.list |
+| file://:0:0:0:0 | [summary] read: argument position 0.Tuple element at index 0 in builtins.set | file://:0:0:0:0 | [summary] to write: return (return).Set element in builtins.set |
+| file://:0:0:0:0 | [summary] read: argument position 0.Tuple element at index 0 in builtins.tuple | file://:0:0:0:0 | [summary] to write: return (return).Tuple element at index 0 in builtins.tuple |
 | file://:0:0:0:0 | parameter position 1 of dict.setdefault | file://:0:0:0:0 | [summary] to write: return (return) in dict.setdefault |
 | test.py:1:1:1:21 | ControlFlowNode for FunctionExpr | test.py:1:5:1:17 | GSSA Variable obfuscated_id |
 | test.py:1:5:1:17 | GSSA Variable obfuscated_id | test.py:7:5:7:17 | ControlFlowNode for obfuscated_id |
--- a/python/ql/test/experimental/dataflow/basic/sinks.expected
+++ b/python/ql/test/experimental/dataflow/basic/sinks.expected
@@ -1,8 +1,32 @@
+| file://:0:0:0:0 | [summary] read: argument position 0.List element in builtins.frozenset |
+| file://:0:0:0:0 | [summary] read: argument position 0.List element in builtins.list |
 | file://:0:0:0:0 | [summary] read: argument position 0.List element in builtins.reversed |
+| file://:0:0:0:0 | [summary] read: argument position 0.List element in builtins.set |
+| file://:0:0:0:0 | [summary] read: argument position 0.Set element in builtins.frozenset |
+| file://:0:0:0:0 | [summary] read: argument position 0.Set element in builtins.list |
+| file://:0:0:0:0 | [summary] read: argument position 0.Set element in builtins.set |
+| file://:0:0:0:0 | [summary] read: argument position 0.Tuple element at index 0 in builtins.frozenset |
+| file://:0:0:0:0 | [summary] read: argument position 0.Tuple element at index 0 in builtins.list |
+| file://:0:0:0:0 | [summary] read: argument position 0.Tuple element at index 0 in builtins.set |
+| file://:0:0:0:0 | [summary] read: argument position 0.Tuple element at index 0 in builtins.tuple |
+| file://:0:0:0:0 | [summary] to write: return (return) in builtins.dict |
+| file://:0:0:0:0 | [summary] to write: return (return) in builtins.frozenset |
+| file://:0:0:0:0 | [summary] to write: return (return) in builtins.list |
 | file://:0:0:0:0 | [summary] to write: return (return) in builtins.reversed |
+| file://:0:0:0:0 | [summary] to write: return (return) in builtins.set |
+| file://:0:0:0:0 | [summary] to write: return (return) in builtins.tuple |
 | file://:0:0:0:0 | [summary] to write: return (return) in dict.setdefault |
+| file://:0:0:0:0 | [summary] to write: return (return).List element in builtins.list |
 | file://:0:0:0:0 | [summary] to write: return (return).List element in builtins.reversed |
+| file://:0:0:0:0 | [summary] to write: return (return).Set element in builtins.frozenset |
+| file://:0:0:0:0 | [summary] to write: return (return).Set element in builtins.set |
+| file://:0:0:0:0 | [summary] to write: return (return).Tuple element at index 0 in builtins.tuple |
+| file://:0:0:0:0 | parameter position 0 of builtins.dict |
+| file://:0:0:0:0 | parameter position 0 of builtins.frozenset |
+| file://:0:0:0:0 | parameter position 0 of builtins.list |
 | file://:0:0:0:0 | parameter position 0 of builtins.reversed |
+| file://:0:0:0:0 | parameter position 0 of builtins.set |
+| file://:0:0:0:0 | parameter position 0 of builtins.tuple |
 | file://:0:0:0:0 | parameter position 1 of dict.setdefault |
 | test.py:0:0:0:0 | GSSA Variable __name__ |
 | test.py:0:0:0:0 | GSSA Variable __package__ |
--- a/python/ql/test/experimental/dataflow/basic/sources.expected
+++ b/python/ql/test/experimental/dataflow/basic/sources.expected
@@ -1,8 +1,32 @@
+| file://:0:0:0:0 | [summary] read: argument position 0.List element in builtins.frozenset |
+| file://:0:0:0:0 | [summary] read: argument position 0.List element in builtins.list |
 | file://:0:0:0:0 | [summary] read: argument position 0.List element in builtins.reversed |
+| file://:0:0:0:0 | [summary] read: argument position 0.List element in builtins.set |
+| file://:0:0:0:0 | [summary] read: argument position 0.Set element in builtins.frozenset |
+| file://:0:0:0:0 | [summary] read: argument position 0.Set element in builtins.list |
+| file://:0:0:0:0 | [summary] read: argument position 0.Set element in builtins.set |
+| file://:0:0:0:0 | [summary] read: argument position 0.Tuple element at index 0 in builtins.frozenset |
+| file://:0:0:0:0 | [summary] read: argument position 0.Tuple element at index 0 in builtins.list |
+| file://:0:0:0:0 | [summary] read: argument position 0.Tuple element at index 0 in builtins.set |
+| file://:0:0:0:0 | [summary] read: argument position 0.Tuple element at index 0 in builtins.tuple |
+| file://:0:0:0:0 | [summary] to write: return (return) in builtins.dict |
+| file://:0:0:0:0 | [summary] to write: return (return) in builtins.frozenset |
+| file://:0:0:0:0 | [summary] to write: return (return) in builtins.list |
 | file://:0:0:0:0 | [summary] to write: return (return) in builtins.reversed |
+| file://:0:0:0:0 | [summary] to write: return (return) in builtins.set |
+| file://:0:0:0:0 | [summary] to write: return (return) in builtins.tuple |
 | file://:0:0:0:0 | [summary] to write: return (return) in dict.setdefault |
+| file://:0:0:0:0 | [summary] to write: return (return).List element in builtins.list |
 | file://:0:0:0:0 | [summary] to write: return (return).List element in builtins.reversed |
+| file://:0:0:0:0 | [summary] to write: return (return).Set element in builtins.frozenset |
+| file://:0:0:0:0 | [summary] to write: return (return).Set element in builtins.set |
+| file://:0:0:0:0 | [summary] to write: return (return).Tuple element at index 0 in builtins.tuple |
+| file://:0:0:0:0 | parameter position 0 of builtins.dict |
+| file://:0:0:0:0 | parameter position 0 of builtins.frozenset |
+| file://:0:0:0:0 | parameter position 0 of builtins.list |
 | file://:0:0:0:0 | parameter position 0 of builtins.reversed |
+| file://:0:0:0:0 | parameter position 0 of builtins.set |
+| file://:0:0:0:0 | parameter position 0 of builtins.tuple |
 | file://:0:0:0:0 | parameter position 1 of dict.setdefault |
 | test.py:0:0:0:0 | GSSA Variable __name__ |
 | test.py:0:0:0:0 | GSSA Variable __package__ |
--- a/python/ql/test/experimental/dataflow/coverage/test_builtins.py
+++ b/python/ql/test/experimental/dataflow/coverage/test_builtins.py
@@ -41,8 +41,8 @@ def SINK_F(x):
 def test_list_from_list():
    l1 = [SOURCE, NONSOURCE]
    l2 = list(l1)
-    SINK(l2[0]) #$ MISSING: flow="SOURCE, l:-2 -> l2[0]"
-    SINK_F(l2[1]) # expecting FP due to imprecise flow
+    SINK(l2[0]) #$ flow="SOURCE, l:-2 -> l2[0]"
+    SINK_F(l2[1]) #$ SPURIOUS: flow="SOURCE, l:-3 -> l2[1]"

 # -- skip list_from_string

@@ -50,13 +50,13 @@ def test_list_from_list():
 def test_list_from_tuple():
    t = (SOURCE, NONSOURCE)
    l = list(t)
-    SINK(l[0]) #$ MISSING: flow="SOURCE, l:-2 -> l[0]"
-    SINK_F(l[1]) # expecting FP due to imprecise flow
+    SINK(l[0]) #$ flow="SOURCE, l:-2 -> l[0]"
+    SINK_F(l[1]) #$ SPURIOUS: flow="SOURCE, l:-3 -> l[1]"

 def test_list_from_set():
    s = {SOURCE}
    l = list(s)
-    SINK(l[0]) #$ MISSING: flow="SOURCE, l:-2 -> l[0]"
+    SINK(l[0]) #$ flow="SOURCE, l:-2 -> l[0]"
    
@expects(2)
 def test_list_from_dict():
@@ -78,7 +78,7 @@ def test_tuple_from_list():
 def test_tuple_from_tuple():
    t0 = (SOURCE, NONSOURCE)
    t = tuple(t0)
-    SINK(t[0]) #$ MISSING: flow="SOURCE, l:-2 -> t[0]"
+    SINK(t[0]) #$ flow="SOURCE, l:-2 -> t[0]"
    SINK_F(t[1])

 def test_tuple_from_set():
@@ -100,19 +100,19 @@ def test_set_from_list():
    l = [SOURCE]
    s = set(l)
    v = s.pop()
-    SINK(v) #$ MISSING: flow="SOURCE, l:-3 -> v"
+    SINK(v) #$ flow="SOURCE, l:-3 -> v"

 def test_set_from_tuple():
    t = (SOURCE,)
    s = set(t)
    v = s.pop()
-    SINK(v) #$ MISSING: flow="SOURCE, l:-3 -> v"
+    SINK(v) #$ flow="SOURCE, l:-3 -> v"

 def test_set_from_set():
    s0 = {SOURCE}
    s = set(s0)
    v = s.pop()
-    SINK(v) #$ MISSING: flow="SOURCE, l:-3 -> v"
+    SINK(v) #$ flow="SOURCE, l:-3 -> v"

 def test_set_from_dict():
    d = {SOURCE: "val"}
@@ -126,7 +126,7 @@ def test_set_from_dict():
@expects(2)
 def test_dict_from_keyword():
    d = dict(k = SOURCE, k1 = NONSOURCE)
-    SINK(d["k"]) #$ MISSING: flow="SOURCE, l:-1 -> d[k]"
+    SINK(d["k"]) #$ flow="SOURCE, l:-1 -> d['k']"
    SINK_F(d["k1"])

@expects(2)
@@ -139,7 +139,7 @@ def test_dict_from_list():
 def test_dict_from_dict():
    d1 = {'k': SOURCE, 'k1': NONSOURCE}
    d2 = dict(d1)
-    SINK(d2["k"]) #$ MISSING: flow="SOURCE, l:-2 -> d[k]"
+    SINK(d2["k"]) #$ flow="SOURCE, l:-2 -> d2['k']"
    SINK_F(d2["k1"])

 ## Container methods
@@ -278,8 +278,8 @@ def test_reversed_list():
    l0 = [SOURCE, NONSOURCE]
    r = reversed(l0)
    l = list(r)
-    SINK_F(l[0])
-    SINK(l[1]) #$ MISSING: flow="SOURCE, l:-4 -> l[1]"
+    SINK_F(l[0]) #$ SPURIOUS: flow="SOURCE, l:-3 -> l[0]"
+    SINK(l[1]) #$ flow="SOURCE, l:-4 -> l[1]"

@expects(2)
 def test_reversed_tuple():
--- a/python/ql/test/experimental/dataflow/tainttracking/basic/LocalTaintStep.expected
+++ b/python/ql/test/experimental/dataflow/tainttracking/basic/LocalTaintStep.expected
@@ -1,4 +1,19 @@
+| file://:0:0:0:0 | [summary] read: argument position 0.List element in builtins.frozenset | file://:0:0:0:0 | [summary] to write: return (return).Set element in builtins.frozenset |
+| file://:0:0:0:0 | [summary] read: argument position 0.List element in builtins.list | file://:0:0:0:0 | [summary] to write: return (return).List element in builtins.list |
 | file://:0:0:0:0 | [summary] read: argument position 0.List element in builtins.reversed | file://:0:0:0:0 | [summary] to write: return (return).List element in builtins.reversed |
+| file://:0:0:0:0 | [summary] read: argument position 0.List element in builtins.set | file://:0:0:0:0 | [summary] to write: return (return).Set element in builtins.set |
+| file://:0:0:0:0 | [summary] read: argument position 0.Set element in builtins.frozenset | file://:0:0:0:0 | [summary] to write: return (return).Set element in builtins.frozenset |
+| file://:0:0:0:0 | [summary] read: argument position 0.Set element in builtins.list | file://:0:0:0:0 | [summary] to write: return (return).List element in builtins.list |
+| file://:0:0:0:0 | [summary] read: argument position 0.Set element in builtins.set | file://:0:0:0:0 | [summary] to write: return (return).Set element in builtins.set |
+| file://:0:0:0:0 | [summary] read: argument position 0.Tuple element at index 0 in builtins.frozenset | file://:0:0:0:0 | [summary] to write: return (return).Set element in builtins.frozenset |
+| file://:0:0:0:0 | [summary] read: argument position 0.Tuple element at index 0 in builtins.list | file://:0:0:0:0 | [summary] to write: return (return).List element in builtins.list |
+| file://:0:0:0:0 | [summary] read: argument position 0.Tuple element at index 0 in builtins.set | file://:0:0:0:0 | [summary] to write: return (return).Set element in builtins.set |
+| file://:0:0:0:0 | [summary] read: argument position 0.Tuple element at index 0 in builtins.tuple | file://:0:0:0:0 | [summary] to write: return (return).Tuple element at index 0 in builtins.tuple |
+| file://:0:0:0:0 | parameter position 0 of builtins.dict | file://:0:0:0:0 | [summary] to write: return (return) in builtins.dict |
+| file://:0:0:0:0 | parameter position 0 of builtins.frozenset | file://:0:0:0:0 | [summary] to write: return (return) in builtins.frozenset |
+| file://:0:0:0:0 | parameter position 0 of builtins.list | file://:0:0:0:0 | [summary] to write: return (return) in builtins.list |
+| file://:0:0:0:0 | parameter position 0 of builtins.set | file://:0:0:0:0 | [summary] to write: return (return) in builtins.set |
+| file://:0:0:0:0 | parameter position 0 of builtins.tuple | file://:0:0:0:0 | [summary] to write: return (return) in builtins.tuple |
 | file://:0:0:0:0 | parameter position 1 of dict.setdefault | file://:0:0:0:0 | [summary] to write: return (return) in dict.setdefault |
 | test.py:3:1:3:7 | GSSA Variable tainted | test.py:4:6:4:12 | ControlFlowNode for tainted |
 | test.py:3:11:3:16 | ControlFlowNode for SOURCE | test.py:3:1:3:7 | GSSA Variable tainted |
--- a/python/ql/test/experimental/dataflow/tainttracking/defaultAdditionalTaintStep/test_collections.py
+++ b/python/ql/test/experimental/dataflow/tainttracking/defaultAdditionalTaintStep/test_collections.py
@@ -28,19 +28,19 @@ def test_construction():
    )

    ensure_tainted(
-        list(tainted_list), # $ MISSING: tainted
-        list(tainted_tuple), # $ MISSING: tainted
-        list(tainted_set), # $ MISSING: tainted
-        list(tainted_dict.values()), # $ MISSING: tainted
-        list(tainted_dict.items()), # $ MISSING: tainted
+        list(tainted_list), # $ tainted
+        list(tainted_tuple), # $ tainted
+        list(tainted_set), # $ tainted
+        list(tainted_dict.values()), # $ tainted
+        list(tainted_dict.items()), # $ tainted

-        tuple(tainted_list), # $ MISSING: tainted
-        set(tainted_list), # $ MISSING: tainted
-        frozenset(tainted_list), # $ MISSING: tainted
-        dict(tainted_dict), # $ MISSING: tainted
-        dict(k = tainted_string)["k"], # $ MISSING: tainted
-        dict(dict(k = tainted_string))["k"], # $ MISSING: tainted
-        dict(["k", tainted_string]), # $ MISSING: tainted
+        tuple(tainted_list), # $ tainted
+        set(tainted_list), # $ tainted
+        frozenset(tainted_list), # $ tainted
+        dict(tainted_dict), # $ tainted
+        dict(k = tainted_string)["k"], # $ tainted
+        dict(dict(k = tainted_string))["k"], # $ tainted
+        dict(["k", tainted_string]), # $ tainted
    )

    ensure_not_tainted(
--- a/python/ql/test/library-tests/frameworks/aiohttp/taint_test.py
+++ b/python/ql/test/library-tests/frameworks/aiohttp/taint_test.py
@@ -42,7 +42,7 @@ async def test_taint(request: web.Request): # $ requestHandler
        request.cookies.keys(), # $ MISSING: tainted
        request.cookies.values(), # $ tainted
        request.cookies.items(), # $ tainted
-        list(request.cookies), # $ MISSING: tainted
+        list(request.cookies), # $ tainted
        iter(request.cookies), # $ tainted


--- a/python/ql/test/library-tests/frameworks/flask/taint_test.py
+++ b/python/ql/test/library-tests/frameworks/flask/taint_test.py
@@ -112,7 +112,7 @@ def test_taint(name = "World!", number="0", foo="foo"):  # $requestHandler route
        request.headers.popitem()[0], # $ tainted
        request.headers.popitem()[1], # $ tainted
        # two ways to get (k, v) lists
-        list(request.headers), # $ MISSING: tainted
+        list(request.headers), # $ tainted
        request.headers.to_wsgi_list(), # $ tainted

        request.json, # $ tainted
--- a/python/ql/test/library-tests/frameworks/multidict/taint_test.py
+++ b/python/ql/test/library-tests/frameworks/multidict/taint_test.py
@@ -16,7 +16,7 @@ ensure_tainted(
    mdp.values(), # $ tainted
    mdp.items(), # $ tainted
    mdp.copy(), # $ tainted
-    list(mdp), # $ MISSING: tainted
+    list(mdp), # $ tainted
    iter(mdp), # $ tainted
 )

@@ -36,6 +36,6 @@ ensure_tainted(
    ci_mdp.values(), # $ tainted
    ci_mdp.items(), # $ tainted
    ci_mdp.copy(), # $ tainted
-    list(ci_mdp), # $ MISSING: tainted
+    list(ci_mdp), # $ tainted
    iter(ci_mdp), # $ tainted
 )