hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 12:46:34 +01:00
Code Issues Packages Projects Releases Wiki Activity

Python: Test taint step for string augmented assignment

Browse Source 
Apprently it just works 😕 :magic:
This commit is contained in:
Rasmus Wriedt Larsen
2020-08-27 11:37:56 +02:00
parent d0081dfbfa
commit 627363d6ea
2 changed files with 58 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files

104
python/ql/test/experimental/dataflow/tainttracking/defaultAdditionalTaintStep/TestTaint.expected
View File

@@ -71,57 +71,59 @@
| string_.py:33 | ok | str_operations | str(..) |
| string_.py:34 | ok | str_operations | bytes(..) |
| string_.py:35 | ok | str_operations | unicode(..) |
| string_.py:44 | ok | str_methods | ts.capitalize() |
| string_.py:45 | ok | str_methods | ts.center(..) |
| string_.py:46 | ok | str_methods | ts.expandtabs() |
| string_.py:48 | ok | str_methods | ts.format() |
| string_.py:49 | ok | str_methods | "{}".format(..) |
| string_.py:50 | ok | str_methods | "{unsafe}".format(..) |
| string_.py:52 | ok | str_methods | ts.join(..) |
| string_.py:53 | ok | str_methods | "".join(..) |
| string_.py:55 | ok | str_methods | ts.ljust(..) |
| string_.py:56 | ok | str_methods | ts.lstrip() |
| string_.py:57 | ok | str_methods | ts.lower() |
| string_.py:59 | ok | str_methods | ts.replace(..) |
| string_.py:60 | ok | str_methods | "safe".replace(..) |
| string_.py:62 | ok | str_methods | ts.rjust(..) |
| string_.py:63 | ok | str_methods | ts.rstrip() |
| string_.py:64 | ok | str_methods | ts.strip() |
| string_.py:65 | ok | str_methods | ts.swapcase() |
| string_.py:66 | ok | str_methods | ts.title() |
| string_.py:67 | ok | str_methods | ts.upper() |
| string_.py:68 | ok | str_methods | ts.zfill(..) |
| string_.py:70 | ok | str_methods | ts.encode(..) |
| string_.py:71 | ok | str_methods | ts.encode(..).decode(..) |
| string_.py:73 | ok | str_methods | tb.decode(..) |
| string_.py:74 | ok | str_methods | tb.decode(..).encode(..) |
| string_.py:77 | ok | str_methods | ts.partition(..) |
| string_.py:78 | ok | str_methods | ts.rpartition(..) |
| string_.py:79 | ok | str_methods | ts.rsplit(..) |
| string_.py:80 | ok | str_methods | ts.split(..) |
| string_.py:81 | ok | str_methods | ts.splitlines() |
| string_.py:86 | ok | str_methods | "safe".replace(..) |
| string_.py:88 | fail | str_methods | ts.join(..) |
| string_.py:89 | fail | str_methods | ts.join(..) |
| string_.py:99 | fail | non_syntactic | meth() |
| string_.py:100 | fail | non_syntactic | _str(..) |
| string_.py:109 | ok | percent_fmt | BinaryExpr |
| string_.py:110 | ok | percent_fmt | BinaryExpr |
| string_.py:111 | ok | percent_fmt | BinaryExpr |
| string_.py:121 | fail | binary_decode_encode | base64.b64encode(..) |
| string_.py:122 | fail | binary_decode_encode | base64.b64decode(..) |
| string_.py:124 | fail | binary_decode_encode | base64.standard_b64encode(..) |
| string_.py:125 | fail | binary_decode_encode | base64.standard_b64decode(..) |
| string_.py:127 | fail | binary_decode_encode | base64.urlsafe_b64encode(..) |
| string_.py:128 | fail | binary_decode_encode | base64.urlsafe_b64decode(..) |
| string_.py:130 | fail | binary_decode_encode | base64.b32encode(..) |
| string_.py:131 | fail | binary_decode_encode | base64.b32decode(..) |
| string_.py:133 | fail | binary_decode_encode | base64.b16encode(..) |
| string_.py:134 | fail | binary_decode_encode | base64.b16decode(..) |
| string_.py:137 | fail | binary_decode_encode | base64.encodestring(..) |
| string_.py:138 | fail | binary_decode_encode | base64.decodestring(..) |
| string_.py:143 | fail | binary_decode_encode | quopri.encodestring(..) |
| string_.py:144 | fail | binary_decode_encode | quopri.decodestring(..) |
| string_.py:39 | ok | str_operations | aug_assignment |
| string_.py:41 | ok | str_operations | aug_assignment |
| string_.py:49 | ok | str_methods | ts.capitalize() |
| string_.py:50 | ok | str_methods | ts.center(..) |
| string_.py:51 | ok | str_methods | ts.expandtabs() |
| string_.py:53 | ok | str_methods | ts.format() |
| string_.py:54 | ok | str_methods | "{}".format(..) |
| string_.py:55 | ok | str_methods | "{unsafe}".format(..) |
| string_.py:57 | ok | str_methods | ts.join(..) |
| string_.py:58 | ok | str_methods | "".join(..) |
| string_.py:60 | ok | str_methods | ts.ljust(..) |
| string_.py:61 | ok | str_methods | ts.lstrip() |
| string_.py:62 | ok | str_methods | ts.lower() |
| string_.py:64 | ok | str_methods | ts.replace(..) |
| string_.py:65 | ok | str_methods | "safe".replace(..) |
| string_.py:67 | ok | str_methods | ts.rjust(..) |
| string_.py:68 | ok | str_methods | ts.rstrip() |
| string_.py:69 | ok | str_methods | ts.strip() |
| string_.py:70 | ok | str_methods | ts.swapcase() |
| string_.py:71 | ok | str_methods | ts.title() |
| string_.py:72 | ok | str_methods | ts.upper() |
| string_.py:73 | ok | str_methods | ts.zfill(..) |
| string_.py:75 | ok | str_methods | ts.encode(..) |
| string_.py:76 | ok | str_methods | ts.encode(..).decode(..) |
| string_.py:78 | ok | str_methods | tb.decode(..) |
| string_.py:79 | ok | str_methods | tb.decode(..).encode(..) |
| string_.py:82 | ok | str_methods | ts.partition(..) |
| string_.py:83 | ok | str_methods | ts.rpartition(..) |
| string_.py:84 | ok | str_methods | ts.rsplit(..) |
| string_.py:85 | ok | str_methods | ts.split(..) |
| string_.py:86 | ok | str_methods | ts.splitlines() |
| string_.py:91 | ok | str_methods | "safe".replace(..) |
| string_.py:93 | fail | str_methods | ts.join(..) |
| string_.py:94 | fail | str_methods | ts.join(..) |
| string_.py:104 | fail | non_syntactic | meth() |
| string_.py:105 | fail | non_syntactic | _str(..) |
| string_.py:114 | ok | percent_fmt | BinaryExpr |
| string_.py:115 | ok | percent_fmt | BinaryExpr |
| string_.py:116 | ok | percent_fmt | BinaryExpr |
| string_.py:126 | fail | binary_decode_encode | base64.b64encode(..) |
| string_.py:127 | fail | binary_decode_encode | base64.b64decode(..) |
| string_.py:129 | fail | binary_decode_encode | base64.standard_b64encode(..) |
| string_.py:130 | fail | binary_decode_encode | base64.standard_b64decode(..) |
| string_.py:132 | fail | binary_decode_encode | base64.urlsafe_b64encode(..) |
| string_.py:133 | fail | binary_decode_encode | base64.urlsafe_b64decode(..) |
| string_.py:135 | fail | binary_decode_encode | base64.b32encode(..) |
| string_.py:136 | fail | binary_decode_encode | base64.b32decode(..) |
| string_.py:138 | fail | binary_decode_encode | base64.b16encode(..) |
| string_.py:139 | fail | binary_decode_encode | base64.b16decode(..) |
| string_.py:142 | fail | binary_decode_encode | base64.encodestring(..) |
| string_.py:143 | fail | binary_decode_encode | base64.decodestring(..) |
| string_.py:148 | fail | binary_decode_encode | quopri.encodestring(..) |
| string_.py:149 | fail | binary_decode_encode | quopri.decodestring(..) |
| unpacking_.py:16 | ok | unpacking | a |
| unpacking_.py:16 | ok | unpacking | b |
| unpacking_.py:16 | ok | unpacking | c |

5
python/ql/test/experimental/dataflow/tainttracking/defaultAdditionalTaintStep/string_.py
View File

@@ -35,6 +35,11 @@ def str_operations():
unicode(ts),
)
aug_assignment = "safe"
ensure_not_tainted(aug_assignment)
aug_assignment += TAINTED_STRING
ensure_tainted(aug_assignment)
def str_methods():
print("\n# str_methods")