Python: Enable consistency check (currently fails)

python/ql/test/experimental/dataflow/consistency/dataflow-consistency.expected

@@ -0,0 +1,137 @@
+uniqueEnclosingCallable
+| test.py:0:0:0:0 | Exit node for Module test | Node should have one enclosing callable but has 0. |
+| test.py:0:0:0:0 | GSSA Variable __name__ | Node should have one enclosing callable but has 0. |
+| test.py:0:0:0:0 | GSSA Variable __package__ | Node should have one enclosing callable but has 0. |
+| test.py:0:0:0:0 | GSSA Variable test23 | Node should have one enclosing callable but has 0. |
+| test.py:0:0:0:0 | GSSA Variable test24 | Node should have one enclosing callable but has 0. |
+| test.py:0:0:0:0 | GSSA Variable test_truth | Node should have one enclosing callable but has 0. |
+| test.py:0:0:0:0 | GSSA Variable test_update_extend | Node should have one enclosing callable but has 0. |
+| test.py:0:0:0:0 | SSA variable $ | Node should have one enclosing callable but has 0. |
+| test.py:6:1:6:12 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
+| test.py:6:5:6:9 | GSSA Variable test1 | Node should have one enclosing callable but has 0. |
+| test.py:9:1:9:12 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
+| test.py:9:1:9:12 | Exit node for Function test2 | Node should have one enclosing callable but has 0. |
+| test.py:9:5:9:9 | GSSA Variable test2 | Node should have one enclosing callable but has 0. |
+| test.py:13:1:13:13 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
+| test.py:13:5:13:10 | GSSA Variable source | Node should have one enclosing callable but has 0. |
+| test.py:16:1:16:14 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
+| test.py:16:1:16:14 | Exit node for Function sink | Node should have one enclosing callable but has 0. |
+| test.py:16:5:16:8 | GSSA Variable sink | Node should have one enclosing callable but has 0. |
+| test.py:19:1:19:12 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
+| test.py:19:1:19:12 | Exit node for Function test3 | Node should have one enclosing callable but has 0. |
+| test.py:19:5:19:9 | GSSA Variable test3 | Node should have one enclosing callable but has 0. |
+| test.py:23:1:23:12 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
+| test.py:23:1:23:12 | Exit node for Function test4 | Node should have one enclosing callable but has 0. |
+| test.py:23:5:23:9 | GSSA Variable test4 | Node should have one enclosing callable but has 0. |
+| test.py:27:1:27:12 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
+| test.py:27:1:27:12 | Exit node for Function test5 | Node should have one enclosing callable but has 0. |
+| test.py:27:5:27:9 | GSSA Variable test5 | Node should have one enclosing callable but has 0. |
+| test.py:31:1:31:16 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
+| test.py:31:1:31:16 | Exit node for Function test6 | Node should have one enclosing callable but has 0. |
+| test.py:31:1:31:16 | Exit node for Function test6 | Node should have one enclosing callable but has 0. |
+| test.py:31:5:31:9 | GSSA Variable test6 | Node should have one enclosing callable but has 0. |
+| test.py:39:1:39:16 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
+| test.py:39:1:39:16 | Exit node for Function test7 | Node should have one enclosing callable but has 0. |
+| test.py:39:1:39:16 | Exit node for Function test7 | Node should have one enclosing callable but has 0. |
+| test.py:39:5:39:9 | GSSA Variable test7 | Node should have one enclosing callable but has 0. |
+| test.py:47:1:47:17 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
+| test.py:47:1:47:17 | Exit node for Function source2 | Node should have one enclosing callable but has 0. |
+| test.py:47:5:47:11 | GSSA Variable source2 | Node should have one enclosing callable but has 0. |
+| test.py:50:1:50:15 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
+| test.py:50:1:50:15 | Exit node for Function sink2 | Node should have one enclosing callable but has 0. |
+| test.py:50:5:50:9 | GSSA Variable sink2 | Node should have one enclosing callable but has 0. |
+| test.py:53:1:53:21 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
+| test.py:53:1:53:21 | Exit node for Function sink3 | Node should have one enclosing callable but has 0. |
+| test.py:53:5:53:9 | GSSA Variable sink3 | Node should have one enclosing callable but has 0. |
+| test.py:57:1:57:16 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
+| test.py:57:1:57:16 | Exit node for Function test8 | Node should have one enclosing callable but has 0. |
+| test.py:57:5:57:9 | GSSA Variable test8 | Node should have one enclosing callable but has 0. |
+| test.py:62:1:62:16 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
+| test.py:62:1:62:16 | Exit node for Function test9 | Node should have one enclosing callable but has 0. |
+| test.py:62:5:62:9 | GSSA Variable test9 | Node should have one enclosing callable but has 0. |
+| test.py:69:1:69:17 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
+| test.py:69:1:69:17 | Exit node for Function test10 | Node should have one enclosing callable but has 0. |
+| test.py:69:5:69:10 | GSSA Variable test10 | Node should have one enclosing callable but has 0. |
+| test.py:76:1:76:13 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
+| test.py:76:1:76:13 | Exit node for Function hub | Node should have one enclosing callable but has 0. |
+| test.py:76:5:76:7 | GSSA Variable hub | Node should have one enclosing callable but has 0. |
+| test.py:79:1:79:13 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
+| test.py:79:1:79:13 | Exit node for Function test11 | Node should have one enclosing callable but has 0. |
+| test.py:79:5:79:10 | GSSA Variable test11 | Node should have one enclosing callable but has 0. |
+| test.py:84:1:84:13 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
+| test.py:84:1:84:13 | Exit node for Function test12 | Node should have one enclosing callable but has 0. |
+| test.py:84:5:84:10 | GSSA Variable test12 | Node should have one enclosing callable but has 0. |
+| test.py:89:8:89:13 | ControlFlowNode for ImportExpr | Node should have one enclosing callable but has 0. |
+| test.py:89:8:89:13 | GSSA Variable module | Node should have one enclosing callable but has 0. |
+| test.py:91:1:91:13 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
+| test.py:91:1:91:13 | Exit node for Function test13 | Node should have one enclosing callable but has 0. |
+| test.py:91:5:91:10 | GSSA Variable test13 | Node should have one enclosing callable but has 0. |
+| test.py:95:1:95:13 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
+| test.py:95:1:95:13 | Exit node for Function test14 | Node should have one enclosing callable but has 0. |
+| test.py:95:5:95:10 | GSSA Variable test14 | Node should have one enclosing callable but has 0. |
+| test.py:99:1:99:13 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
+| test.py:99:1:99:13 | Exit node for Function test15 | Node should have one enclosing callable but has 0. |
+| test.py:99:5:99:10 | GSSA Variable test15 | Node should have one enclosing callable but has 0. |
+| test.py:103:1:103:13 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
+| test.py:103:1:103:13 | Exit node for Function test16 | Node should have one enclosing callable but has 0. |
+| test.py:103:5:103:10 | GSSA Variable test16 | Node should have one enclosing callable but has 0. |
+| test.py:108:1:108:17 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
+| test.py:108:1:108:17 | Exit node for Function test20 | Node should have one enclosing callable but has 0. |
+| test.py:108:1:108:17 | Exit node for Function test20 | Node should have one enclosing callable but has 0. |
+| test.py:108:5:108:10 | GSSA Variable test20 | Node should have one enclosing callable but has 0. |
+| test.py:118:1:118:17 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
+| test.py:118:1:118:17 | Exit node for Function test21 | Node should have one enclosing callable but has 0. |
+| test.py:118:1:118:17 | Exit node for Function test21 | Node should have one enclosing callable but has 0. |
+| test.py:118:5:118:10 | GSSA Variable test21 | Node should have one enclosing callable but has 0. |
+| test.py:128:1:128:17 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
+| test.py:128:1:128:17 | Exit node for Function test22 | Node should have one enclosing callable but has 0. |
+| test.py:128:1:128:17 | Exit node for Function test22 | Node should have one enclosing callable but has 0. |
+| test.py:128:5:128:10 | GSSA Variable test22 | Node should have one enclosing callable but has 0. |
+| test.py:139:20:139:38 | ControlFlowNode for ImportMember | Node should have one enclosing callable but has 0. |
+| test.py:139:33:139:38 | GSSA Variable unsafe | Node should have one enclosing callable but has 0. |
+| test.py:140:1:140:12 | ControlFlowNode for SINK() | Node should have one enclosing callable but has 0. |
+| test.py:140:1:140:12 | GSSA Variable unsafe | Node should have one enclosing callable but has 0. |
+| test.py:140:6:140:11 | ControlFlowNode for unsafe | Node should have one enclosing callable but has 0. |
+| test.py:142:1:142:13 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
+| test.py:142:1:142:13 | Exit node for Function test23 | Node should have one enclosing callable but has 0. |
+| test.py:142:5:142:10 | GSSA Variable test23 | Node should have one enclosing callable but has 0. |
+| test.py:146:1:146:13 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
+| test.py:146:1:146:13 | Exit node for Function test24 | Node should have one enclosing callable but has 0. |
+| test.py:146:5:146:10 | GSSA Variable test24 | Node should have one enclosing callable but has 0. |
+| test.py:151:1:151:29 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
+| test.py:151:1:151:29 | Exit node for Function test_update_extend | Node should have one enclosing callable but has 0. |
+| test.py:151:5:151:22 | GSSA Variable test_update_extend | Node should have one enclosing callable but has 0. |
+| test.py:161:1:161:17 | ControlFlowNode for FunctionExpr | Node should have one enclosing callable but has 0. |
+| test.py:161:1:161:17 | Exit node for Function test_truth | Node should have one enclosing callable but has 0. |
+| test.py:161:1:161:17 | Exit node for Function test_truth | Node should have one enclosing callable but has 0. |
+| test.py:161:5:161:14 | GSSA Variable test_truth | Node should have one enclosing callable but has 0. |
+uniqueTypeBound
+uniqueTypeRepr
+uniqueNodeLocation
+missingLocation
+uniqueNodeToString
+missingToString
+parameterCallable
+localFlowIsLocal
+compatibleTypesReflexive
+unreachableNodeCCtx
+localCallNodes
+postIsNotPre
+postHasUniquePre
+uniquePostUpdate
+postIsInSameCallable
+reverseRead
+storeIsPostUpdate
+argHasPostUpdate
+| test.py:25:10:25:10 | ControlFlowNode for t | ArgumentNode is missing PostUpdateNode. |
+| test.py:29:10:29:10 | ControlFlowNode for t | ArgumentNode is missing PostUpdateNode. |
+| test.py:48:19:48:21 | ControlFlowNode for arg | ArgumentNode is missing PostUpdateNode. |
+| test.py:51:10:51:12 | ControlFlowNode for arg | ArgumentNode is missing PostUpdateNode. |
+| test.py:55:14:55:16 | ControlFlowNode for arg | ArgumentNode is missing PostUpdateNode. |
+| test.py:59:11:59:11 | ControlFlowNode for t | ArgumentNode is missing PostUpdateNode. |
+| test.py:67:11:67:14 | ControlFlowNode for cond | ArgumentNode is missing PostUpdateNode. |
+| test.py:67:17:67:17 | ControlFlowNode for t | ArgumentNode is missing PostUpdateNode. |
+| test.py:74:11:74:14 | ControlFlowNode for cond | ArgumentNode is missing PostUpdateNode. |
+| test.py:74:17:74:17 | ControlFlowNode for t | ArgumentNode is missing PostUpdateNode. |
+| test.py:81:13:81:13 | ControlFlowNode for t | ArgumentNode is missing PostUpdateNode. |
+| test.py:86:13:86:13 | ControlFlowNode for t | ArgumentNode is missing PostUpdateNode. |

python/ql/test/experimental/dataflow/consistency/dataflow-consistency.ql

@@ -0,0 +1 @@
+import experimental.dataflow.internal.DataFlowImplConsistency::Consistency

python/ql/test/experimental/dataflow/consistency/test.py

@@ -0,0 +1,171 @@
+# This is currently a copy of the integration tests.
+# It should contain many syntactic constructs, so should
+# perhaps be taken from coverage once that is done.
+# (We might even put the consistency check in there.)
+
+def test1():
+    SINK(SOURCE)
+
+def test2():
+    s = SOURCE
+    SINK(s)
+
+def source():
+    return SOURCE
+
+def sink(arg):
+    SINK(arg)
+
+def test3():
+    t = source()
+    SINK(t)
+
+def test4():
+    t = SOURCE
+    sink(t)
+
+def test5():
+    t = source()
+    sink(t)
+
+def test6(cond):
+    if cond:
+        t = "Safe"
+    else:
+        t = SOURCE
+    if cond:
+        SINK(t)
+
+def test7(cond):
+    if cond:
+        t = SOURCE
+    else:
+        t = "Safe"
+    if cond:
+        SINK(t)
+
+def source2(arg):
+    return source(arg)
+
+def sink2(arg):
+    sink(arg)
+
+def sink3(cond, arg):
+    if cond:
+        sink(arg)
+
+def test8(cond):
+    t = source2()
+    sink2(t)
+
+#False positive
+def test9(cond):
+    if cond:
+        t  = "Safe"
+    else:
+        t = SOURCE
+    sink3(cond, t)
+
+def test10(cond):
+    if cond:
+        t = SOURCE
+    else:
+        t = "Safe"
+    sink3(cond, t)
+
+def hub(arg):
+    return arg
+
+def test11():
+    t = SOURCE
+    t = hub(t)
+    SINK(t)
+
+def test12():
+    t = "safe"
+    t = hub(t)
+    SINK(t)
+
+import module
+
+def test13():
+    t = module.dangerous
+    SINK(t)
+
+def test14():
+    t = module.safe
+    SINK(t)
+
+def test15():
+    t = module.safe2
+    SINK(t)
+
+def test16():
+    t = module.dangerous_func()
+    SINK(t)
+
+
+def test20(cond):
+    if cond:
+        t = CUSTOM_SOURCE
+    else:
+        t = SOURCE
+    if cond:
+        CUSTOM_SINK(t)
+    else:
+        SINK(t)
+
+def test21(cond):
+    if cond:
+        t = CUSTOM_SOURCE
+    else:
+        t = SOURCE
+    if not cond:
+        CUSTOM_SINK(t)
+    else:
+        SINK(t)
+
+def test22(cond):
+    if cond:
+        t = CUSTOM_SOURCE
+    else:
+        t = SOURCE
+    t = TAINT_FROM_ARG(t)
+    if cond:
+        CUSTOM_SINK(t)
+    else:
+        SINK(t)
+
+from module import dangerous as unsafe
+SINK(unsafe)
+
+def test23():
+    with SOURCE as t:
+        SINK(t)
+
+def test24():
+    s = SOURCE
+    SANITIZE(s)
+    SINK(s)
+
+def test_update_extend(x, y):
+    l = [SOURCE]
+    d = {"key" : SOURCE}
+    x.extend(l)
+    y.update(d)
+    SINK(x[0])
+    SINK(y["key"])
+    l2 = list(l)
+    d2 = dict(d)
+
+def test_truth():
+    t = SOURCE
+    if t:
+        SINK(t)
+    else:
+        SINK(t) # Regression: FP here
+    if not t:
+        SINK(t) # Regression: FP here
+    else:
+        SINK(t)
+