hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity

Inline Expectation Tests: Disallow tag[[[foo bar]

Browse Source
This commit is contained in:
Rasmus Wriedt Larsen
2022-06-17 17:36:04 +02:00
parent 50196d099b
commit 5fb41e4894
1 changed files with 6 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
python/ql/test/TestUtilities/InlineExpectationsTest.qll
View File

@@ -242,17 +242,21 @@ private string getColumnString(TColumn column) {
* more comma-separated tags optionally followed by `=` and the expected value. * more comma-separated tags optionally followed by `=` and the expected value.
* *
* Tags must be only letters, digits, `-` and `_` (note that the first character * Tags must be only letters, digits, `-` and `_` (note that the first character
* must not be a digit), but can contain anything enclosed in a square brackets. * must not be a digit), but can contain anything enclosed in a single set of
* square brackets.
* *
* Examples: * Examples:
* - `tag` * - `tag`
* - `tag=value` * - `tag=value`
* - `tag,tag2=value` * - `tag,tag2=value`
* - `tag[foo bar]=value` * - `tag[foo bar]=value`
*
* Not allowed:
* - `tag[[[foo bar]`
*/ */
private string expectationPattern() { private string expectationPattern() {
exists(string tag, string tags, string value | exists(string tag, string tags, string value |
tag = "[A-Za-z-_](?:[A-Za-z-_0-9]|\\[[^\\]]*\\])*" and tag = "[A-Za-z-_](?:[A-Za-z-_0-9]|\\[[^\\]\\]]*\\])*" and
tags = "((?:" + tag + ")(?:\\s*,\\s*" + tag + ")*)" and tags = "((?:" + tag + ")(?:\\s*,\\s*" + tag + ")*)" and
// In Python, we allow both `"` and `'` for strings, as well as the prefixes `bru`. // In Python, we allow both `"` and `'` for strings, as well as the prefixes `bru`.
// For example, `b"foo"`. // For example, `b"foo"`.