Python: Move query tests to reflect new file layout

python/ql/test/query-tests/Security/CWE-022-TarSlip/TarSlip.expected

@@ -1,29 +0,0 @@
-edges
-| tarslip.py:12:7:12:39 | tarfile.open | tarslip.py:13:1:13:3 | tarfile.open |
-| tarslip.py:12:7:12:39 | tarfile.open | tarslip.py:13:1:13:3 | tarfile.open |
-| tarslip.py:16:7:16:39 | tarfile.open | tarslip.py:17:14:17:16 | tarfile.open |
-| tarslip.py:16:7:16:39 | tarfile.open | tarslip.py:17:14:17:16 | tarfile.open |
-| tarslip.py:17:1:17:17 | tarfile.entry | tarslip.py:18:17:18:21 | tarfile.entry |
-| tarslip.py:17:1:17:17 | tarfile.entry | tarslip.py:18:17:18:21 | tarfile.entry |
-| tarslip.py:17:14:17:16 | tarfile.open | tarslip.py:17:1:17:17 | tarfile.entry |
-| tarslip.py:17:14:17:16 | tarfile.open | tarslip.py:17:1:17:17 | tarfile.entry |
-| tarslip.py:33:7:33:39 | tarfile.open | tarslip.py:34:14:34:16 | tarfile.open |
-| tarslip.py:33:7:33:39 | tarfile.open | tarslip.py:34:14:34:16 | tarfile.open |
-| tarslip.py:34:1:34:17 | tarfile.entry | tarslip.py:37:17:37:21 | tarfile.entry |
-| tarslip.py:34:1:34:17 | tarfile.entry | tarslip.py:37:17:37:21 | tarfile.entry |
-| tarslip.py:34:14:34:16 | tarfile.open | tarslip.py:34:1:34:17 | tarfile.entry |
-| tarslip.py:34:14:34:16 | tarfile.open | tarslip.py:34:1:34:17 | tarfile.entry |
-| tarslip.py:40:7:40:39 | tarfile.open | tarslip.py:41:24:41:26 | tarfile.open |
-| tarslip.py:40:7:40:39 | tarfile.open | tarslip.py:41:24:41:26 | tarfile.open |
-| tarslip.py:56:7:56:39 | tarfile.open | tarslip.py:57:14:57:16 | tarfile.open |
-| tarslip.py:56:7:56:39 | tarfile.open | tarslip.py:57:14:57:16 | tarfile.open |
-| tarslip.py:57:1:57:17 | tarfile.entry | tarslip.py:59:21:59:25 | tarfile.entry |
-| tarslip.py:57:1:57:17 | tarfile.entry | tarslip.py:59:21:59:25 | tarfile.entry |
-| tarslip.py:57:14:57:16 | tarfile.open | tarslip.py:57:1:57:17 | tarfile.entry |
-| tarslip.py:57:14:57:16 | tarfile.open | tarslip.py:57:1:57:17 | tarfile.entry |
-#select
-| tarslip.py:13:1:13:3 | tar | tarslip.py:12:7:12:39 | tarfile.open | tarslip.py:13:1:13:3 | tarfile.open | Extraction of tarfile from $@ | tarslip.py:12:7:12:39 | Attribute() | a potentially untrusted source |
-| tarslip.py:18:17:18:21 | entry | tarslip.py:16:7:16:39 | tarfile.open | tarslip.py:18:17:18:21 | tarfile.entry | Extraction of tarfile from $@ | tarslip.py:16:7:16:39 | Attribute() | a potentially untrusted source |
-| tarslip.py:37:17:37:21 | entry | tarslip.py:33:7:33:39 | tarfile.open | tarslip.py:37:17:37:21 | tarfile.entry | Extraction of tarfile from $@ | tarslip.py:33:7:33:39 | Attribute() | a potentially untrusted source |
-| tarslip.py:41:24:41:26 | tar | tarslip.py:40:7:40:39 | tarfile.open | tarslip.py:41:24:41:26 | tarfile.open | Extraction of tarfile from $@ | tarslip.py:40:7:40:39 | Attribute() | a potentially untrusted source |
-| tarslip.py:59:21:59:25 | entry | tarslip.py:56:7:56:39 | tarfile.open | tarslip.py:59:21:59:25 | tarfile.entry | Extraction of tarfile from $@ | tarslip.py:56:7:56:39 | Attribute() | a potentially untrusted source |

python/ql/test/query-tests/Security/CWE-022-TarSlip/TarSlip.qlref

@@ -1 +0,0 @@
-Security/Injection/TarSlip/TarSlip.ql

python/ql/test/query-tests/Security/CWE-022-TarSlip/options

@@ -1 +0,0 @@
-semmle-extractor-options: -p ../lib/ --max-import-depth=3

python/ql/test/query-tests/Security/CWE-022-TarSlip/tarslip.py

@@ -1,82 +0,0 @@
-#!/usr/bin/python
-import tarfile
-
-unsafe_filename_tar = sys.argv[1]
-safe_filename_tar = "safe_path.tar"
-
-
-tar = tarfile.open(safe_filename_tar)
-for entry in tar:
-    tar.extract(entry)
-
-tar = tarfile.open(unsafe_filename_tar)
-tar.extractall()
-tar.close()
-
-tar = tarfile.open(unsafe_filename_tar)
-for entry in tar:
-    tar.extract(entry)
-
-tar = tarfile.open(safe_filename_tar)
-tar.extractall()
-tar.close()
-
-
-#Sanitized
-tar = tarfile.open(unsafe_filename_tar)
-for entry in tar:
-    if os.path.isabs(entry.name) or ".." in entry.name:
-        raise ValueError("Illegal tar archive entry")
-    tar.extract(entry, "/tmp/unpack/")
-
-#Part Sanitized
-tar = tarfile.open(unsafe_filename_tar)
-for entry in tar:
-    if ".." in entry.name:
-        raise ValueError("Illegal tar archive entry")
-    tar.extract(entry, "/tmp/unpack/")
-
-#Unsanitized members
-tar = tarfile.open(unsafe_filename_tar)
-tar.extractall(members=tar)
-
-
-#Sanitize members
-def safemembers(members):
-    for info in members:
-        if badpath(info):
-            raise
-        yield info
-
-tar = tarfile.open(unsafe_filename_tar)
-tar.extractall(members=safemembers(tar))
-
-
-# Wrong sanitizer (is missing not)
-tar = tarfile.open(unsafe_filename_tar)
-for entry in tar:
-    if os.path.isabs(entry.name) or ".." in entry.name:
-        tar.extract(entry, "/tmp/unpack/")
-
-
-# OK Sanitized using not
-tar = tarfile.open(unsafe_filename_tar)
-for entry in tar:
-    if not (os.path.isabs(entry.name) or ".." in entry.name):
-        tar.extract(entry, "/tmp/unpack/")
-
-# The following two variants are included by purpose, since by default there is a
-# difference in handling `not x` and `not (x or False)` when overriding
-# Sanitizer.sanitizingEdge. We want to ensure we handle both consistently.
-
-# Not reported, although vulnerable to '..'
-tar = tarfile.open(unsafe_filename_tar)
-for entry in tar:
-    if not (os.path.isabs(entry.name) or False):
-        tar.extract(entry, "/tmp/unpack/")
-
-# Not reported, although vulnerable to '..'
-tar = tarfile.open(unsafe_filename_tar)
-for entry in tar:
-    if not os.path.isabs(entry.name):
-        tar.extract(entry, "/tmp/unpack/")