hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-28 10:15:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Python: Fixup modeling of os.open

Browse Source
This commit is contained in:
Rasmus Wriedt Larsen
2024-08-13 14:57:24 +02:00
parent d245db54a1
commit 7483075b7e
3 changed files with 11 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
python/ql/test/library-tests/frameworks/stdlib/FileSystemAccess.py
View File

@@ -87,8 +87,8 @@ def test_fspath():
os.fspath(path=TAINTED_STRING), # $ tainted
)
os.open("path", os.O_RDONLY) # $ getAPathArgument="path" SPURIOUS: threatModelSource[file]=os.open(..)
os.open(path="path", flags=os.O_RDONLY) # $ getAPathArgument="path" SPURIOUS: threatModelSource[file]=os.open(..)
os.open("path", os.O_RDONLY) # $ getAPathArgument="path"
os.open(path="path", flags=os.O_RDONLY) # $ getAPathArgument="path"
os.access("path", os.R_OK) # $ getAPathArgument="path"
os.access(path="path", mode=os.R_OK) # $ getAPathArgument="path"

2
python/ql/test/library-tests/frameworks/stdlib/threat_models.py
View File

@@ -58,7 +58,7 @@ ensure_tainted(
open("foo").readline(), # $ tainted threatModelSource[file]=open(..) getAPathArgument="foo"
open("foo").readlines(), # $ tainted threatModelSource[file]=open(..) getAPathArgument="foo"
os.read(os.open("foo"), 1024), # $ tainted threatModelSource[file]=os.read(..) SPURIOUS: threatModelSource[file]=os.open(..) getAPathArgument="foo"
os.read(os.open("foo"), 1024), # $ tainted threatModelSource[file]=os.read(..) getAPathArgument="foo"
)
########################################