Merge pull request #21296 from yoff/python/bool-comparison-guards

Python: Handle guards being compared to boolean literals
2026-03-30 20:28:15 +02:00 · 2026-02-26 21:13:51 +01:00
parent 4280d35bf3 89e5a9bd72
commit 600f585a31
6 changed files with 94 additions and 31 deletions
--- a/python/ql/test/library-tests/dataflow/tainttracking/customSanitizer/InlineTaintTest.expected
+++ b/python/ql/test/library-tests/dataflow/tainttracking/customSanitizer/InlineTaintTest.expected
@@ -22,4 +22,12 @@ isSanitizer
 | test_logical.py:176:24:176:24 | ControlFlowNode for s |
 | test_logical.py:185:24:185:24 | ControlFlowNode for s |
 | test_logical.py:193:24:193:24 | ControlFlowNode for s |
+| test_logical.py:199:28:199:28 | ControlFlowNode for s |
+| test_logical.py:206:28:206:28 | ControlFlowNode for s |
+| test_logical.py:211:28:211:28 | ControlFlowNode for s |
+| test_logical.py:214:28:214:28 | ControlFlowNode for s |
+| test_logical.py:219:28:219:28 | ControlFlowNode for s |
+| test_logical.py:226:28:226:28 | ControlFlowNode for s |
+| test_logical.py:231:28:231:28 | ControlFlowNode for s |
+| test_logical.py:234:28:234:28 | ControlFlowNode for s |
 | test_reference.py:31:28:31:28 | ControlFlowNode for s |
--- a/python/ql/test/library-tests/dataflow/tainttracking/customSanitizer/test_logical.py
+++ b/python/ql/test/library-tests/dataflow/tainttracking/customSanitizer/test_logical.py
@@ -192,6 +192,49 @@ def test_with_exception_neg():

    ensure_not_tainted(s)

+def test_comparison_with_bool():
+    s = TAINTED_STRING
+
+    if is_safe(s) == True:
+        ensure_not_tainted(s)
+    else:
+        ensure_tainted(s) # $ tainted
+
+    if is_safe(s) == False:
+        ensure_tainted(s) # $ tainted
+    else:
+        ensure_not_tainted(s)
+
+    if is_safe(s) != True:
+        ensure_tainted(s) # $ tainted
+    else:
+        ensure_not_tainted(s)
+
+    if is_safe(s) != False:
+        ensure_not_tainted(s)
+    else:
+        ensure_tainted(s) # $ tainted
+
+    if is_safe(s) is True:
+        ensure_not_tainted(s)
+    else:
+        ensure_tainted(s) # $ tainted
+
+    if is_safe(s) is False:
+        ensure_tainted(s) # $ tainted
+    else:
+        ensure_not_tainted(s)
+
+    if is_safe(s) is not True:
+        ensure_tainted(s) # $ tainted
+    else:
+        ensure_not_tainted(s)
+
+    if is_safe(s) is not False:
+        ensure_not_tainted(s)
+    else:
+        ensure_tainted(s) # $ tainted   
+
 # Make tests runable

 test_basic()
@@ -211,3 +254,4 @@ try:
    test_with_exception_neg()
 except:
    pass
+test_comparison_with_bool()