add test for keyword arguments

2025-12-21 11:16:30 +01:00 · 2022-04-26 15:02:56 +02:00
parent d4b882519a
commit 86a9bc6aca
3 changed files with 45 additions and 4 deletions
--- a/python/ql/test/library-tests/frameworks/data/test.expected
+++ b/python/ql/test/library-tests/frameworks/data/test.expected
@@ -1,9 +1,26 @@
 taintFlow
 | test.py:3:5:3:15 | ControlFlowNode for getSource() | test.py:4:8:4:8 | ControlFlowNode for x |
+| test.py:3:5:3:15 | ControlFlowNode for getSource() | test.py:7:17:7:17 | ControlFlowNode for x |
+| test.py:9:8:9:14 | ControlFlowNode for alias() | test.py:9:8:9:14 | ControlFlowNode for alias() |
+| test.py:10:8:10:22 | ControlFlowNode for Attribute() | test.py:10:8:10:22 | ControlFlowNode for Attribute() |
+| test.py:11:8:11:30 | ControlFlowNode for Attribute() | test.py:11:8:11:30 | ControlFlowNode for Attribute() |
 isSink
 | test.py:4:8:4:8 | ControlFlowNode for x | test-sink |
+| test.py:7:17:7:17 | ControlFlowNode for x | test-sink |
+| test.py:9:8:9:14 | ControlFlowNode for alias() | test-sink |
+| test.py:10:8:10:22 | ControlFlowNode for Attribute() | test-sink |
+| test.py:11:8:11:30 | ControlFlowNode for Attribute() | test-sink |
+| test.py:12:8:12:34 | ControlFlowNode for Attribute() | test-sink |
 isSource
 | test.py:3:5:3:15 | ControlFlowNode for getSource() | test-source |
+| test.py:9:8:9:14 | ControlFlowNode for alias() | test-source |
+| test.py:10:8:10:14 | ControlFlowNode for alias() | test-source |
+| test.py:10:8:10:22 | ControlFlowNode for Attribute() | test-source |
+| test.py:11:8:11:14 | ControlFlowNode for alias() | test-source |
+| test.py:11:8:11:22 | ControlFlowNode for Attribute() | test-source |
+| test.py:11:8:11:30 | ControlFlowNode for Attribute() | test-source |
+| test.py:12:8:12:14 | ControlFlowNode for alias() | test-source |
+| test.py:12:8:12:22 | ControlFlowNode for Attribute() | test-source |
 syntaxErrors
 | Member[foo |
 | Member[foo] .Member[bar] |
--- a/python/ql/test/library-tests/frameworks/data/test.py
+++ b/python/ql/test/library-tests/frameworks/data/test.py
@@ -1,4 +1,12 @@
-from testlib import getSource, mySink
+from testlib import getSource, mySink, alias

 x = getSource()
 mySink(x)
+
+mySink(foo=x) # OK
+mySink(sinkName=x) # NOT OK
+
+mySink(alias()) # NOT OK
+mySink(alias().chain()) # NOT OK
+mySink(alias().chain().chain()) # NOT OK
+mySink(alias().chain().safeThing()) # OK
--- a/python/ql/test/library-tests/frameworks/data/test.ql
+++ b/python/ql/test/library-tests/frameworks/data/test.ql
@@ -3,6 +3,7 @@ import semmle.python.frameworks.data.internal.AccessPathSyntax as AccessPathSynt
 import semmle.python.frameworks.data.ModelsAsData
 import semmle.python.dataflow.new.TaintTracking
 import semmle.python.dataflow.new.DataFlow
+private import semmle.python.ApiGraphs

 // TODO:
 /*
@@ -23,10 +24,21 @@ import semmle.python.dataflow.new.DataFlow
 * }
 */

+class Types extends ModelInput::TypeModelCsv {
+  override predicate row(string row) {
+    // package1;type1;package2;type2;path
+    row =
+      [
+        "testlib;Alias;testlib;;Member[alias].ReturnValue",
+        "testlib;Alias;testlib;Alias;Member[chain].ReturnValue",
+      ]
+  }
+}
+
 class Sinks extends ModelInput::SinkModelCsv {
  override predicate row(string row) {
    // package;type;path;kind
-    row = ["testlib;;Member[mySink].Argument[0];test-sink"]
+    row = ["testlib;;Member[mySink].Argument[0,sinkName:];test-sink"]
  }
 }

@@ -37,7 +49,11 @@ class Sinks extends ModelInput::SinkModelCsv {
 class Sources extends ModelInput::SourceModelCsv {
  // package;type;path;kind
  override predicate row(string row) {
-    row = ["testlib;;Member[getSource].ReturnValue;test-source"]
+    row =
+      [
+        "testlib;;Member[getSource].ReturnValue;test-source", //
+        "testlib;Alias;;test-source"
+      ]
  }
 }