hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 19:26:31 +01:00
Code Issues Packages Projects Releases Wiki Activity

add test for keyword arguments

Browse Source
This commit is contained in:
Erik Krogh Kristensen
2022-04-26 15:02:56 +02:00
parent d4b882519a
commit 86a9bc6aca
3 changed files with 45 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
python/ql/test/library-tests/frameworks/data/test.expected
View File

@@ -1,9 +1,26 @@
taintFlow taintFlow
| test.py:3:5:3:15 | ControlFlowNode for getSource() | test.py:4:8:4:8 | ControlFlowNode for x | | test.py:3:5:3:15 | ControlFlowNode for getSource() | test.py:4:8:4:8 | ControlFlowNode for x |
| test.py:3:5:3:15 | ControlFlowNode for getSource() | test.py:7:17:7:17 | ControlFlowNode for x |
| test.py:9:8:9:14 | ControlFlowNode for alias() | test.py:9:8:9:14 | ControlFlowNode for alias() |
| test.py:10:8:10:22 | ControlFlowNode for Attribute() | test.py:10:8:10:22 | ControlFlowNode for Attribute() |
| test.py:11:8:11:30 | ControlFlowNode for Attribute() | test.py:11:8:11:30 | ControlFlowNode for Attribute() |
isSink isSink
| test.py:4:8:4:8 | ControlFlowNode for x | test-sink | | test.py:4:8:4:8 | ControlFlowNode for x | test-sink |
| test.py:7:17:7:17 | ControlFlowNode for x | test-sink |
| test.py:9:8:9:14 | ControlFlowNode for alias() | test-sink |
| test.py:10:8:10:22 | ControlFlowNode for Attribute() | test-sink |
| test.py:11:8:11:30 | ControlFlowNode for Attribute() | test-sink |
| test.py:12:8:12:34 | ControlFlowNode for Attribute() | test-sink |
isSource isSource
| test.py:3:5:3:15 | ControlFlowNode for getSource() | test-source | | test.py:3:5:3:15 | ControlFlowNode for getSource() | test-source |
| test.py:9:8:9:14 | ControlFlowNode for alias() | test-source |
| test.py:10:8:10:14 | ControlFlowNode for alias() | test-source |
| test.py:10:8:10:22 | ControlFlowNode for Attribute() | test-source |
| test.py:11:8:11:14 | ControlFlowNode for alias() | test-source |
| test.py:11:8:11:22 | ControlFlowNode for Attribute() | test-source |
| test.py:11:8:11:30 | ControlFlowNode for Attribute() | test-source |
| test.py:12:8:12:14 | ControlFlowNode for alias() | test-source |
| test.py:12:8:12:22 | ControlFlowNode for Attribute() | test-source |
syntaxErrors syntaxErrors
| Member[foo | | Member[foo |
| Member[foo] .Member[bar] | | Member[foo] .Member[bar] |

12
python/ql/test/library-tests/frameworks/data/test.py
View File

@@ -1,4 +1,12 @@
from testlib import getSource, mySink from testlib import getSource, mySink, alias
x = getSource() x = getSource()
mySink(x) mySink(x)
mySink(foo=x) # OK
mySink(sinkName=x) # NOT OK
mySink(alias()) # NOT OK
mySink(alias().chain()) # NOT OK
mySink(alias().chain().chain()) # NOT OK
mySink(alias().chain().safeThing()) # OK

20
python/ql/test/library-tests/frameworks/data/test.ql
View File

@@ -3,6 +3,7 @@ import semmle.python.frameworks.data.internal.AccessPathSyntax as AccessPathSynt
import semmle.python.frameworks.data.ModelsAsData import semmle.python.frameworks.data.ModelsAsData
import semmle.python.dataflow.new.TaintTracking import semmle.python.dataflow.new.TaintTracking
import semmle.python.dataflow.new.DataFlow import semmle.python.dataflow.new.DataFlow
private import semmle.python.ApiGraphs
// TODO: // TODO:
/* /*
@@ -23,10 +24,21 @@ import semmle.python.dataflow.new.DataFlow
* } * }
*/ */
class Types extends ModelInput::TypeModelCsv {
override predicate row(string row) {
// package1;type1;package2;type2;path
row =
[
"testlib;Alias;testlib;;Member[alias].ReturnValue",
"testlib;Alias;testlib;Alias;Member[chain].ReturnValue",
]
}
}
class Sinks extends ModelInput::SinkModelCsv { class Sinks extends ModelInput::SinkModelCsv {
override predicate row(string row) { override predicate row(string row) {
// package;type;path;kind // package;type;path;kind
row = ["testlib;;Member[mySink].Argument[0];test-sink"] row = ["testlib;;Member[mySink].Argument[0,sinkName:];test-sink"]
} }
} }
@@ -37,7 +49,11 @@ class Sinks extends ModelInput::SinkModelCsv {
class Sources extends ModelInput::SourceModelCsv { class Sources extends ModelInput::SourceModelCsv {
// package;type;path;kind // package;type;path;kind
override predicate row(string row) { override predicate row(string row) {
row = ["testlib;;Member[getSource].ReturnValue;test-source"] row =
[
"testlib;;Member[getSource].ReturnValue;test-source", //
"testlib;Alias;;test-source"
]
} }
} }