Python: Move query tests to reflect new file layout

2026-04-30 11:15:13 +02:00 · 2021-02-16 13:15:01 +01:00
parent 1d6f9bee08
commit 8494fcf45f
114 changed files with 12 additions and 10 deletions
--- a/python/ql/test/query-tests/Security/CWE-209/StackTraceExposure.expected
+++ b/python/ql/test/query-tests/Security/CWE-209/StackTraceExposure.expected
@@ -1,8 +0,0 @@
-edges
-| test.py:33:15:33:36 | exception info | test.py:34:29:34:31 | exception info |
-| test.py:33:15:33:36 | exception info | test.py:34:29:34:31 | exception info |
-| test.py:34:29:34:31 | exception info | test.py:34:16:34:32 | exception info |
-| test.py:34:29:34:31 | exception info | test.py:34:16:34:32 | exception info |
-#select
-| test.py:16:16:16:37 | Attribute() | test.py:16:16:16:37 | exception info | test.py:16:16:16:37 | exception info | $@ may be exposed to an external user | test.py:16:16:16:37 | Attribute() | Error information |
-| test.py:34:16:34:32 | format_error() | test.py:33:15:33:36 | exception info | test.py:34:16:34:32 | exception info | $@ may be exposed to an external user | test.py:33:15:33:36 | Attribute() | Error information |
--- a/python/ql/test/query-tests/Security/CWE-209/StackTraceExposure.qlref
+++ b/python/ql/test/query-tests/Security/CWE-209/StackTraceExposure.qlref
@@ -1 +0,0 @@
-Security/Exposure/StackTraceExposure/StackTraceExposure.ql
--- a/python/ql/test/query-tests/Security/CWE-209/options
+++ b/python/ql/test/query-tests/Security/CWE-209/options
@@ -1 +0,0 @@
-semmle-extractor-options: -p ../lib/ --max-import-depth=2
--- a/python/ql/test/query-tests/Security/CWE-209/test.py
+++ b/python/ql/test/query-tests/Security/CWE-209/test.py
@@ -1,42 +0,0 @@
-from flask import Flask, request, make_response
-app = Flask(__name__)
-
-
-import traceback
-
-def do_computation():
-    raise Exception("Secret info")
-
-# BAD
-@app.route('/bad')
-def server_bad():
-    try:
-        do_computation()
-    except Exception as e:
-        return traceback.format_exc()
-
-# GOOD
-@app.route('/good')
-def server_good():
-    try:
-        do_computation()
-    except Exception as e:
-        log(traceback.format_exc())
-        return "An internal error has occurred!"
-
-#BAD
-@app.route('/bad/with-flow')
-def server_bad_flow():
-    try:
-        do_computation()
-    except Exception as e:
-        err = traceback.format_exc()
-        return format_error(err)
-
-def format_error(msg):
-    return "[ERROR] " + msg
-
-#Unrelated error
-@app.route('/maybe_xss')
-def maybe_xss():
-    return make_response(request.args.get('name', ''))
				`@@ -1 +0,0 @@`
				`Security/Exposure/StackTraceExposure/StackTraceExposure.ql`
				`@@ -1 +0,0 @@`
				`semmle-extractor-options: -p ../lib/ --max-import-depth=2`