From 627363d6eab353db7bca063531eea6e9afab53bd Mon Sep 17 00:00:00 2001 From: Rasmus Wriedt Larsen Date: Thu, 27 Aug 2020 11:37:56 +0200 Subject: [PATCH] Python: Test taint step for string augmented assignment Apprently it just works :confused: :magic: --- .../TestTaint.expected | 104 +++++++++--------- .../defaultAdditionalTaintStep/string_.py | 5 + 2 files changed, 58 insertions(+), 51 deletions(-) diff --git a/python/ql/test/experimental/dataflow/tainttracking/defaultAdditionalTaintStep/TestTaint.expected b/python/ql/test/experimental/dataflow/tainttracking/defaultAdditionalTaintStep/TestTaint.expected index f631f593ef7..f0fd72cd2ed 100644 --- a/python/ql/test/experimental/dataflow/tainttracking/defaultAdditionalTaintStep/TestTaint.expected +++ b/python/ql/test/experimental/dataflow/tainttracking/defaultAdditionalTaintStep/TestTaint.expected @@ -71,57 +71,59 @@ | string_.py:33 | ok | str_operations | str(..) | | string_.py:34 | ok | str_operations | bytes(..) | | string_.py:35 | ok | str_operations | unicode(..) | -| string_.py:44 | ok | str_methods | ts.capitalize() | -| string_.py:45 | ok | str_methods | ts.center(..) | -| string_.py:46 | ok | str_methods | ts.expandtabs() | -| string_.py:48 | ok | str_methods | ts.format() | -| string_.py:49 | ok | str_methods | "{}".format(..) | -| string_.py:50 | ok | str_methods | "{unsafe}".format(..) | -| string_.py:52 | ok | str_methods | ts.join(..) | -| string_.py:53 | ok | str_methods | "".join(..) | -| string_.py:55 | ok | str_methods | ts.ljust(..) | -| string_.py:56 | ok | str_methods | ts.lstrip() | -| string_.py:57 | ok | str_methods | ts.lower() | -| string_.py:59 | ok | str_methods | ts.replace(..) | -| string_.py:60 | ok | str_methods | "safe".replace(..) | -| string_.py:62 | ok | str_methods | ts.rjust(..) | -| string_.py:63 | ok | str_methods | ts.rstrip() | -| string_.py:64 | ok | str_methods | ts.strip() | -| string_.py:65 | ok | str_methods | ts.swapcase() | -| string_.py:66 | ok | str_methods | ts.title() | -| string_.py:67 | ok | str_methods | ts.upper() | -| string_.py:68 | ok | str_methods | ts.zfill(..) | -| string_.py:70 | ok | str_methods | ts.encode(..) | -| string_.py:71 | ok | str_methods | ts.encode(..).decode(..) | -| string_.py:73 | ok | str_methods | tb.decode(..) | -| string_.py:74 | ok | str_methods | tb.decode(..).encode(..) | -| string_.py:77 | ok | str_methods | ts.partition(..) | -| string_.py:78 | ok | str_methods | ts.rpartition(..) | -| string_.py:79 | ok | str_methods | ts.rsplit(..) | -| string_.py:80 | ok | str_methods | ts.split(..) | -| string_.py:81 | ok | str_methods | ts.splitlines() | -| string_.py:86 | ok | str_methods | "safe".replace(..) | -| string_.py:88 | fail | str_methods | ts.join(..) | -| string_.py:89 | fail | str_methods | ts.join(..) | -| string_.py:99 | fail | non_syntactic | meth() | -| string_.py:100 | fail | non_syntactic | _str(..) | -| string_.py:109 | ok | percent_fmt | BinaryExpr | -| string_.py:110 | ok | percent_fmt | BinaryExpr | -| string_.py:111 | ok | percent_fmt | BinaryExpr | -| string_.py:121 | fail | binary_decode_encode | base64.b64encode(..) | -| string_.py:122 | fail | binary_decode_encode | base64.b64decode(..) | -| string_.py:124 | fail | binary_decode_encode | base64.standard_b64encode(..) | -| string_.py:125 | fail | binary_decode_encode | base64.standard_b64decode(..) | -| string_.py:127 | fail | binary_decode_encode | base64.urlsafe_b64encode(..) | -| string_.py:128 | fail | binary_decode_encode | base64.urlsafe_b64decode(..) | -| string_.py:130 | fail | binary_decode_encode | base64.b32encode(..) | -| string_.py:131 | fail | binary_decode_encode | base64.b32decode(..) | -| string_.py:133 | fail | binary_decode_encode | base64.b16encode(..) | -| string_.py:134 | fail | binary_decode_encode | base64.b16decode(..) | -| string_.py:137 | fail | binary_decode_encode | base64.encodestring(..) | -| string_.py:138 | fail | binary_decode_encode | base64.decodestring(..) | -| string_.py:143 | fail | binary_decode_encode | quopri.encodestring(..) | -| string_.py:144 | fail | binary_decode_encode | quopri.decodestring(..) | +| string_.py:39 | ok | str_operations | aug_assignment | +| string_.py:41 | ok | str_operations | aug_assignment | +| string_.py:49 | ok | str_methods | ts.capitalize() | +| string_.py:50 | ok | str_methods | ts.center(..) | +| string_.py:51 | ok | str_methods | ts.expandtabs() | +| string_.py:53 | ok | str_methods | ts.format() | +| string_.py:54 | ok | str_methods | "{}".format(..) | +| string_.py:55 | ok | str_methods | "{unsafe}".format(..) | +| string_.py:57 | ok | str_methods | ts.join(..) | +| string_.py:58 | ok | str_methods | "".join(..) | +| string_.py:60 | ok | str_methods | ts.ljust(..) | +| string_.py:61 | ok | str_methods | ts.lstrip() | +| string_.py:62 | ok | str_methods | ts.lower() | +| string_.py:64 | ok | str_methods | ts.replace(..) | +| string_.py:65 | ok | str_methods | "safe".replace(..) | +| string_.py:67 | ok | str_methods | ts.rjust(..) | +| string_.py:68 | ok | str_methods | ts.rstrip() | +| string_.py:69 | ok | str_methods | ts.strip() | +| string_.py:70 | ok | str_methods | ts.swapcase() | +| string_.py:71 | ok | str_methods | ts.title() | +| string_.py:72 | ok | str_methods | ts.upper() | +| string_.py:73 | ok | str_methods | ts.zfill(..) | +| string_.py:75 | ok | str_methods | ts.encode(..) | +| string_.py:76 | ok | str_methods | ts.encode(..).decode(..) | +| string_.py:78 | ok | str_methods | tb.decode(..) | +| string_.py:79 | ok | str_methods | tb.decode(..).encode(..) | +| string_.py:82 | ok | str_methods | ts.partition(..) | +| string_.py:83 | ok | str_methods | ts.rpartition(..) | +| string_.py:84 | ok | str_methods | ts.rsplit(..) | +| string_.py:85 | ok | str_methods | ts.split(..) | +| string_.py:86 | ok | str_methods | ts.splitlines() | +| string_.py:91 | ok | str_methods | "safe".replace(..) | +| string_.py:93 | fail | str_methods | ts.join(..) | +| string_.py:94 | fail | str_methods | ts.join(..) | +| string_.py:104 | fail | non_syntactic | meth() | +| string_.py:105 | fail | non_syntactic | _str(..) | +| string_.py:114 | ok | percent_fmt | BinaryExpr | +| string_.py:115 | ok | percent_fmt | BinaryExpr | +| string_.py:116 | ok | percent_fmt | BinaryExpr | +| string_.py:126 | fail | binary_decode_encode | base64.b64encode(..) | +| string_.py:127 | fail | binary_decode_encode | base64.b64decode(..) | +| string_.py:129 | fail | binary_decode_encode | base64.standard_b64encode(..) | +| string_.py:130 | fail | binary_decode_encode | base64.standard_b64decode(..) | +| string_.py:132 | fail | binary_decode_encode | base64.urlsafe_b64encode(..) | +| string_.py:133 | fail | binary_decode_encode | base64.urlsafe_b64decode(..) | +| string_.py:135 | fail | binary_decode_encode | base64.b32encode(..) | +| string_.py:136 | fail | binary_decode_encode | base64.b32decode(..) | +| string_.py:138 | fail | binary_decode_encode | base64.b16encode(..) | +| string_.py:139 | fail | binary_decode_encode | base64.b16decode(..) | +| string_.py:142 | fail | binary_decode_encode | base64.encodestring(..) | +| string_.py:143 | fail | binary_decode_encode | base64.decodestring(..) | +| string_.py:148 | fail | binary_decode_encode | quopri.encodestring(..) | +| string_.py:149 | fail | binary_decode_encode | quopri.decodestring(..) | | unpacking_.py:16 | ok | unpacking | a | | unpacking_.py:16 | ok | unpacking | b | | unpacking_.py:16 | ok | unpacking | c | diff --git a/python/ql/test/experimental/dataflow/tainttracking/defaultAdditionalTaintStep/string_.py b/python/ql/test/experimental/dataflow/tainttracking/defaultAdditionalTaintStep/string_.py index 2ef419cef47..4ede960d2f8 100644 --- a/python/ql/test/experimental/dataflow/tainttracking/defaultAdditionalTaintStep/string_.py +++ b/python/ql/test/experimental/dataflow/tainttracking/defaultAdditionalTaintStep/string_.py @@ -35,6 +35,11 @@ def str_operations(): unicode(ts), ) + aug_assignment = "safe" + ensure_not_tainted(aug_assignment) + aug_assignment += TAINTED_STRING + ensure_tainted(aug_assignment) + def str_methods(): print("\n# str_methods")