hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 11:15:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Python: Add tests for ExternalFileObject

Browse Source
This commit is contained in:
Rasmus Wriedt Larsen
2020-04-23 10:36:51 +02:00
parent c479a77d55
commit 7385ea5024
4 changed files with 29 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
python/ql/test/library-tests/taint/strings/Taint.qll
View File

@@ -34,3 +34,11 @@ class ExceptionInfoSource extends TaintSource {
override string toString() { result = "Exception info source" }
}
class ExternalFileObjectSource extends TaintSource {
ExternalFileObjectSource() { this.(NameNode).getId() = "TAINTED_FILE" }
override predicate isSourceOf(TaintKind kind) { kind instanceof ExternalFileObject }
override string toString() { result = "Tainted file source" }
}

6
python/ql/test/library-tests/taint/strings/TestStep.expected
View File

@@ -62,6 +62,12 @@
| Taint externally controlled string | test.py:66 | test.py:66:22:66:35 | TAINTED_STRING | | --> | Taint externally controlled string | test.py:68 | test.py:68:29:68:42 | tainted_string | |
| Taint externally controlled string | test.py:67 | test.py:67:29:67:42 | tainted_string | | --> | Taint [externally controlled string] | test.py:67 | test.py:67:20:67:43 | urlsplit() | |
| Taint externally controlled string | test.py:68 | test.py:68:29:68:42 | tainted_string | | --> | Taint [externally controlled string] | test.py:68 | test.py:68:20:68:43 | urlparse() | |
| Taint file[externally controlled string] | test.py:72 | test.py:72:20:72:31 | TAINTED_FILE | | --> | Taint file[externally controlled string] | test.py:74 | test.py:74:9:74:20 | tainted_file | |
| Taint file[externally controlled string] | test.py:72 | test.py:72:20:72:31 | TAINTED_FILE | | --> | Taint file[externally controlled string] | test.py:75 | test.py:75:9:75:20 | tainted_file | |
| Taint file[externally controlled string] | test.py:72 | test.py:72:20:72:31 | TAINTED_FILE | | --> | Taint file[externally controlled string] | test.py:76 | test.py:76:9:76:20 | tainted_file | |
| Taint file[externally controlled string] | test.py:72 | test.py:72:20:72:31 | TAINTED_FILE | | --> | Taint file[externally controlled string] | test.py:77 | test.py:77:9:77:20 | tainted_file | |
| Taint file[externally controlled string] | test.py:72 | test.py:72:20:72:31 | TAINTED_FILE | | --> | Taint file[externally controlled string] | test.py:78 | test.py:78:27:78:38 | tainted_file | |
| Taint file[externally controlled string] | test.py:75 | test.py:75:9:75:20 | tainted_file | | --> | Taint externally controlled string | test.py:75 | test.py:75:9:75:27 | Attribute() | |
| Taint json[externally controlled string] | test.py:6 | test.py:6:20:6:45 | Attribute() | | --> | Taint json[externally controlled string] | test.py:7 | test.py:7:9:7:20 | tainted_json | |
| Taint json[externally controlled string] | test.py:7 | test.py:7:9:7:20 | tainted_json | | --> | Taint externally controlled string | test.py:7 | test.py:7:9:7:25 | Subscript | |
| Taint json[externally controlled string] | test.py:7 | test.py:7:9:7:20 | tainted_json | | --> | Taint json[externally controlled string] | test.py:7 | test.py:7:9:7:25 | Subscript | |

5
python/ql/test/library-tests/taint/strings/TestTaint.expected
View File

@@ -22,3 +22,8 @@
| test.py:58 | test_untrusted | res | externally controlled string |
| test.py:69 | test_urlsplit_urlparse | urlparse_res | [externally controlled string] |
| test.py:69 | test_urlsplit_urlparse | urlsplit_res | [externally controlled string] |
| test.py:74 | test_tainted_file | tainted_file | file[externally controlled string] |
| test.py:75 | test_tainted_file | Attribute() | externally controlled string |
| test.py:76 | test_tainted_file | Attribute() | NO TAINT |
| test.py:77 | test_tainted_file | Attribute() | NO TAINT |
| test.py:78 | test_tainted_file | ListComp | NO TAINT |

10
python/ql/test/library-tests/taint/strings/test.py
View File

@@ -67,3 +67,13 @@ def test_urlsplit_urlparse():
urlsplit_res = urlsplit(tainted_string)
urlparse_res = urlparse(tainted_string)
test(urlsplit_res, urlparse_res)
def test_tainted_file():
tainted_file = TAINTED_FILE
test(
tainted_file,
tainted_file.read(),
tainted_file.readline(),
tainted_file.readlines(),
[line for line in tainted_file],
)