Python

2026-06-11 16:01:09 +02:00 · 2026-06-10 22:57:42 +02:00
parent d75113de93
commit 8e07690049
498 changed files with 1714 additions and 1495 deletions
--- a/python/ql/test/2/query-tests/Classes/inconsistent-mro/InconsistentMRO.qlref
+++ b/python/ql/test/2/query-tests/Classes/inconsistent-mro/InconsistentMRO.qlref
@@ -1 +1,2 @@
-Classes/InconsistentMRO.ql
+query: Classes/InconsistentMRO.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/2/query-tests/Classes/inconsistent-mro/inconsistent_mro.py
+++ b/python/ql/test/2/query-tests/Classes/inconsistent-mro/inconsistent_mro.py
@@ -6,7 +6,7 @@ class X(object):
 class Y(X):
    pass

-class Z(X, Y):
+class Z(X, Y): # $ Alert
    pass
    
 class O:
--- a/python/ql/test/2/query-tests/Classes/new-style/PropertyInOldStyleClass.qlref
+++ b/python/ql/test/2/query-tests/Classes/new-style/PropertyInOldStyleClass.qlref
@@ -1 +1,2 @@
-Classes/PropertyInOldStyleClass.ql
+query: Classes/PropertyInOldStyleClass.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/2/query-tests/Classes/new-style/SlotsInOldStyleClass.qlref
+++ b/python/ql/test/2/query-tests/Classes/new-style/SlotsInOldStyleClass.qlref
@@ -1 +1,2 @@
-Classes/SlotsInOldStyleClass.ql
+query: Classes/SlotsInOldStyleClass.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/2/query-tests/Classes/new-style/SuperInOldStyleClass.qlref
+++ b/python/ql/test/2/query-tests/Classes/new-style/SuperInOldStyleClass.qlref
@@ -1 +1,2 @@
-Classes/SuperInOldStyleClass.ql
+query: Classes/SuperInOldStyleClass.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/2/query-tests/Classes/new-style/newstyle_test.py
+++ b/python/ql/test/2/query-tests/Classes/new-style/newstyle_test.py
@@ -1,7 +1,7 @@

 #Only works for Python2

-class OldStyle1:
+class OldStyle1: # $ Alert[py/slots-in-old-style-class]

    __slots__ = [ 'a', 'b' ]

@@ -12,7 +12,7 @@ class OldStyle1:
 class OldStyle2:

    def __init__(self, x):
-        super().__init__(x)
+        super().__init__(x) # $ Alert[py/super-in-old-style]

 class NewStyle1(object):

--- a/python/ql/test/2/query-tests/Classes/new-style/property_old_style.py
+++ b/python/ql/test/2/query-tests/Classes/new-style/property_old_style.py
@@ -5,6 +5,6 @@ class OldStyle:
    def __init__(self, x):
        self._x = x

-    @property
+    @property # $ Alert[py/property-in-old-style-class]
    def piosc(self):
        return self._x
--- a/python/ql/test/2/query-tests/Classes/undefined-attribute/MaybeUndefinedClassAttribute.qlref
+++ b/python/ql/test/2/query-tests/Classes/undefined-attribute/MaybeUndefinedClassAttribute.qlref
@@ -1 +1,2 @@
-Classes/MaybeUndefinedClassAttribute.ql
+query: Classes/MaybeUndefinedClassAttribute.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/2/query-tests/Classes/undefined-attribute/UndefinedClassAttribute.qlref
+++ b/python/ql/test/2/query-tests/Classes/undefined-attribute/UndefinedClassAttribute.qlref
@@ -1 +1,2 @@
-Classes/UndefinedClassAttribute.ql
+query: Classes/UndefinedClassAttribute.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/2/query-tests/Exceptions/general/CatchingBaseException.qlref
+++ b/python/ql/test/2/query-tests/Exceptions/general/CatchingBaseException.qlref
@@ -1 +1,2 @@
-Exceptions/CatchingBaseException.ql
+query: Exceptions/CatchingBaseException.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/2/query-tests/Exceptions/general/EmptyExcept.qlref
+++ b/python/ql/test/2/query-tests/Exceptions/general/EmptyExcept.qlref
@@ -1 +1,2 @@
-Exceptions/EmptyExcept.ql
+query: Exceptions/EmptyExcept.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/2/query-tests/Exceptions/general/IllegalExceptionHandlerType.qlref
+++ b/python/ql/test/2/query-tests/Exceptions/general/IllegalExceptionHandlerType.qlref
@@ -1 +1,2 @@
-Exceptions/IllegalExceptionHandlerType.ql
+query: Exceptions/IllegalExceptionHandlerType.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/2/query-tests/Exceptions/general/IllegalRaise.qlref
+++ b/python/ql/test/2/query-tests/Exceptions/general/IllegalRaise.qlref
@@ -1 +1,2 @@
-Exceptions/IllegalRaise.ql
+query: Exceptions/IllegalRaise.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/2/query-tests/Exceptions/general/IncorrectExceptOrder.qlref
+++ b/python/ql/test/2/query-tests/Exceptions/general/IncorrectExceptOrder.qlref
@@ -1 +1,2 @@
-Exceptions/IncorrectExceptOrder.ql
+query: Exceptions/IncorrectExceptOrder.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/2/query-tests/Exceptions/general/exceptions_test.py
+++ b/python/ql/test/2/query-tests/Exceptions/general/exceptions_test.py
@@ -14,4 +14,4 @@ def raise_tuple(cond):
        raise (Exception, "bananas", 17)
    else:
        #This is an error
-        raise (17, "bananas", Exception)
+        raise (17, "bananas", Exception) # $ Alert[py/illegal-raise]
--- a/python/ql/test/2/query-tests/Exceptions/generators/UnguardedNextInGenerator.qlref
+++ b/python/ql/test/2/query-tests/Exceptions/generators/UnguardedNextInGenerator.qlref
@@ -1 +1,2 @@
-Exceptions/UnguardedNextInGenerator.ql
+query: Exceptions/UnguardedNextInGenerator.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/2/query-tests/Exceptions/generators/test.py
+++ b/python/ql/test/2/query-tests/Exceptions/generators/test.py
@@ -2,12 +2,12 @@

 def bad1(it):
    while True:
-        yield next(it)
+        yield next(it) # $ Alert

 def bad2(seq):
    it = iter(seq)
    #Not OK as seq  may be empty
-    raise KeyError(next(it))
+    raise KeyError(next(it)) # $ Alert
    yield 0

 def ok1(seq):
--- a/python/ql/test/2/query-tests/Exceptions/raising/RaisingTuple.qlref
+++ b/python/ql/test/2/query-tests/Exceptions/raising/RaisingTuple.qlref
@@ -1 +1,2 @@
-Exceptions/RaisingTuple.ql
+query: Exceptions/RaisingTuple.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/2/query-tests/Exceptions/raising/test.py
+++ b/python/ql/test/2/query-tests/Exceptions/raising/test.py
@@ -5,11 +5,11 @@ def ok():

 def bad1():
    ex = Exception, "message"
-    raise ex
+    raise ex # $ Alert

 def bad2():
-    raise (Exception, "message")
+    raise (Exception, "message") # $ Alert

 def bad3():
    ex = Exception, 
-    raise ex, "message"
+    raise ex, "message" # $ Alert
--- a/python/ql/test/2/query-tests/Expressions/TruncatedDivision.qlref
+++ b/python/ql/test/2/query-tests/Expressions/TruncatedDivision.qlref
@@ -1 +1,2 @@
-Expressions/TruncatedDivision.ql
+query: Expressions/TruncatedDivision.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/2/query-tests/Expressions/TruncatedDivision_test.py
+++ b/python/ql/test/2/query-tests/Expressions/TruncatedDivision_test.py
@@ -62,14 +62,14 @@ print(average([1.0, 2.0]))
 # This case is bad, and is a minimal obvious case that should be bad. It
 # SHOULD be found by the query.

-print(3 / 2)
+print(3 / 2) # $ Alert[py/truncated-division]



 # This case is bad. It uses indirect returns of integers through function calls
 # to produce the problem. I

-print(return_three() / return_two())
+print(return_three() / return_two()) # $ Alert[py/truncated-division]



--- a/python/ql/test/2/query-tests/Expressions/UseofApply.py
+++ b/python/ql/test/2/query-tests/Expressions/UseofApply.py
@@ -16,7 +16,7 @@ def useofapply():

  # This use of `apply` is a reference to the builtin function and so SHOULD be
  # caught by the query.
-  apply(foo, [1])
+  apply(foo, [1]) # $ Alert[py/use-of-apply]



--- a/python/ql/test/2/query-tests/Expressions/UseofApply.qlref
+++ b/python/ql/test/2/query-tests/Expressions/UseofApply.qlref
@@ -1 +1,2 @@
-Expressions/UseofApply.ql
+query: Expressions/UseofApply.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/2/query-tests/Expressions/UseofInput.qlref
+++ b/python/ql/test/2/query-tests/Expressions/UseofInput.qlref
@@ -1 +1,2 @@
-Expressions/UseofInput.ql
+query: Expressions/UseofInput.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/2/query-tests/Expressions/expressions_test.py
+++ b/python/ql/test/2/query-tests/Expressions/expressions_test.py
@@ -1,9 +1,9 @@
 def use_of_apply(func, args):
-    apply(func, args)
+    apply(func, args) # $ Alert[py/use-of-apply]


 def use_of_input():
-    return input() # NOT OK
+    return input() # NOT OK # $ Alert[py/use-of-input]


 def not_use_of_input():
--- a/python/ql/test/2/query-tests/Functions/DeprecatedSliceMethod.qlref
+++ b/python/ql/test/2/query-tests/Functions/DeprecatedSliceMethod.qlref
@@ -1 +1,2 @@
-Functions/DeprecatedSliceMethod.ql
+query: Functions/DeprecatedSliceMethod.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/2/query-tests/Imports/encoding_error/EncodingError.qlref
+++ b/python/ql/test/2/query-tests/Imports/encoding_error/EncodingError.qlref
@@ -1 +1,2 @@
-Imports/EncodingError.ql
+query: Imports/EncodingError.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/2/query-tests/Imports/syntax_error/EncodingError.qlref
+++ b/python/ql/test/2/query-tests/Imports/syntax_error/EncodingError.qlref
@@ -1 +1,2 @@
-Imports/EncodingError.ql
+query: Imports/EncodingError.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/2/query-tests/Imports/syntax_error/SyntaxError.qlref
+++ b/python/ql/test/2/query-tests/Imports/syntax_error/SyntaxError.qlref
@@ -1 +1,2 @@
-Imports/SyntaxError.ql
+query: Imports/SyntaxError.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/2/query-tests/Imports/syntax_error/bad_encoding.py
+++ b/python/ql/test/2/query-tests/Imports/syntax_error/bad_encoding.py
@@ -8,5 +8,5 @@
 # encoding:shift-jis

 def f():
-    print "Python <20>̊J<CC8A><4A><EFBFBD>́A1990 <20>N<EFBFBD><4E><EFBFBD>납<EFBFBD><EB82A9><EFBFBD>J<EFBFBD>n<EFBFBD><6E><EFBFBD><EFBFBD><EFBFBD>Ă<EFBFBD><C482>܂<EFBFBD>"
+    print "Python <20>̊J<CC8A><4A><EFBFBD>́A1990 <20>N<EFBFBD><4E><EFBFBD>납<EFBFBD><EB82A9><EFBFBD>J<EFBFBD>n<EFBFBD><6E><EFBFBD><EFBFBD><EFBFBD>Ă<EFBFBD><C482>܂<EFBFBD>" # $ Alert[py/encoding-error]
 """
--- a/python/ql/test/2/query-tests/Imports/syntax_error/nonsense.py
+++ b/python/ql/test/2/query-tests/Imports/syntax_error/nonsense.py
@@ -1,4 +1,4 @@
-`Twas brillig, and the slithy toves
+`Twas brillig, and the slithy toves # $ Alert[py/syntax-error]
  Did gyre and gimble in the wabe:
 All mimsy were the borogoves,
  And the mome raths outgrabe.
--- a/python/ql/test/2/query-tests/Lexical/OldOctalLiteral.qlref
+++ b/python/ql/test/2/query-tests/Lexical/OldOctalLiteral.qlref
@@ -1 +1,2 @@
-Lexical/OldOctalLiteral.ql
+query: Lexical/OldOctalLiteral.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/2/query-tests/Lexical/lexical_test.py
+++ b/python/ql/test/2/query-tests/Lexical/lexical_test.py
@@ -1,6 +1,6 @@

 #Bad Octal literal
-017
+017 # $ Alert
 #Good Octal literal
 0o17
 #Special case file permissions
--- a/python/ql/test/2/query-tests/Statements/ExecUsed.qlref
+++ b/python/ql/test/2/query-tests/Statements/ExecUsed.qlref
@@ -1 +1,2 @@
-Statements/ExecUsed.ql
+query: Statements/ExecUsed.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/2/query-tests/Statements/IterableStringOrSequence.qlref
+++ b/python/ql/test/2/query-tests/Statements/IterableStringOrSequence.qlref
@@ -1 +1,2 @@
-Statements/IterableStringOrSequence.ql
+query: Statements/IterableStringOrSequence.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/2/query-tests/Statements/TopLevelPrint.qlref
+++ b/python/ql/test/2/query-tests/Statements/TopLevelPrint.qlref
@@ -1 +1,2 @@
-Statements/TopLevelPrint.ql
+query: Statements/TopLevelPrint.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/2/query-tests/Statements/module.py
+++ b/python/ql/test/2/query-tests/Statements/module.py
@@ -1,2 +1,2 @@
 #Top level prints in modules are bad
-print ("Side effect on import")
+print ("Side effect on import") # $ Alert[py/print-during-import]
--- a/python/ql/test/2/query-tests/Statements/statements_test.py
+++ b/python/ql/test/2/query-tests/Statements/statements_test.py
@@ -2,7 +2,7 @@


 def exec_used(val):
-    exec (val)
+    exec (val) # $ Alert[py/use-of-exec]

 #Top level print
 import module
@@ -18,7 +18,7 @@ def f(x):
        s = u"Hello World"
    else:
        s = [ u'Hello', u'World']
-    for thing in s:
+    for thing in s: # $ Alert[py/iteration-string-and-sequence]
        print (thing)

 import fake_six
--- a/python/ql/test/2/query-tests/Summary/LinesOfCode.qlref
+++ b/python/ql/test/2/query-tests/Summary/LinesOfCode.qlref
@@ -1 +1 @@
-Summary/LinesOfCode.ql
+query: Summary/LinesOfCode.ql
--- a/python/ql/test/2/query-tests/Summary/LinesOfUserCode.qlref
+++ b/python/ql/test/2/query-tests/Summary/LinesOfUserCode.qlref
@@ -1 +1 @@
-Summary/LinesOfUserCode.ql
+query: Summary/LinesOfUserCode.ql
--- a/python/ql/test/2/query-tests/Variables/LeakyComp/LeakyComp.qlref
+++ b/python/ql/test/2/query-tests/Variables/LeakyComp/LeakyComp.qlref
@@ -1 +1,2 @@
-Variables/LeakingListComprehension.ql
+query: Variables/LeakingListComprehension.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/2/query-tests/Variables/LeakyComp/test.py
+++ b/python/ql/test/2/query-tests/Variables/LeakyComp/test.py
@@ -2,12 +2,12 @@ from __future__ import print_function

 def undefined_in_3():
    [x for x in range(3)]
-    print(x)
+    print(x) # $ Alert

 def different_in_3():
    y = 10
    [y for y in range(3)]
-    print(y)
+    print(y) # $ Alert

 def ok():
    [z for z in range(4)]
--- a/python/ql/test/2/query-tests/Variables/undefined/UndefinedExport.py
+++ b/python/ql/test/2/query-tests/Variables/undefined/UndefinedExport.py
@@ -1,6 +1,6 @@


-__all__ = [ "x", "y", "z", "module" ]
+__all__ = [ "x", "y", "z", "module" ] # $ Alert[py/undefined-export]

 x = 1
 if 0:
--- a/python/ql/test/2/query-tests/Variables/undefined/UndefinedExport.qlref
+++ b/python/ql/test/2/query-tests/Variables/undefined/UndefinedExport.qlref
@@ -1 +1,2 @@
-Variables/UndefinedExport.ql
+query: Variables/UndefinedExport.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/2/query-tests/Variables/undefined/UndefinedGlobal.qlref
+++ b/python/ql/test/2/query-tests/Variables/undefined/UndefinedGlobal.qlref
@@ -1 +1,2 @@
-Variables/UndefinedGlobal.ql
+query: Variables/UndefinedGlobal.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/2/query-tests/Variables/undefined/UninitializedLocal.qlref
+++ b/python/ql/test/2/query-tests/Variables/undefined/UninitializedLocal.qlref
@@ -1 +1,2 @@
-Variables/UninitializedLocal.ql
+query: Variables/UninitializedLocal.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/2/query-tests/Variables/undefined/package/init.py
+++ b/python/ql/test/2/query-tests/Variables/undefined/package/init.py
@@ -1 +1 @@
-__all__ = [ "module", "not_exists" ]
+__all__ = [ "module", "not_exists" ] # $ Alert[py/undefined-export]
--- a/python/ql/test/3/query-tests/Classes/equals-attr/DefineEqualsWhenAddingAttributes.qlref
+++ b/python/ql/test/3/query-tests/Classes/equals-attr/DefineEqualsWhenAddingAttributes.qlref
@@ -1 +1,2 @@
-Classes/DefineEqualsWhenAddingAttributes.ql
+query: Classes/DefineEqualsWhenAddingAttributes.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/3/query-tests/Classes/equals-attr/test.py
+++ b/python/ql/test/3/query-tests/Classes/equals-attr/test.py
@@ -9,7 +9,7 @@ class RedefineEquals:
    def __eq__(self, other):
        return other is "Tuesday"

-class C(RedefineEquals):
+class C(RedefineEquals): # $ Alert

    def __init__(self, args):
        self.a, self.b = args
--- a/python/ql/test/3/query-tests/Classes/inconsistent-mro/InconsistentMRO.qlref
+++ b/python/ql/test/3/query-tests/Classes/inconsistent-mro/InconsistentMRO.qlref
@@ -1 +1,2 @@
-Classes/InconsistentMRO.ql
+query: Classes/InconsistentMRO.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/3/query-tests/Classes/inconsistent-mro/inconsistent_mro.py
+++ b/python/ql/test/3/query-tests/Classes/inconsistent-mro/inconsistent_mro.py
@@ -6,12 +6,12 @@ class X(object):
 class Y(X):
    pass

-class Z(X, Y):
+class Z(X, Y): # $ Alert
    pass
    
 class O:
    pass
    
 #This is OK in Python 2
-class N(object, O):
+class N(object, O): # $ Alert
    pass
--- a/python/ql/test/3/query-tests/Classes/undefined-attribute/MaybeUndefinedClassAttribute.qlref
+++ b/python/ql/test/3/query-tests/Classes/undefined-attribute/MaybeUndefinedClassAttribute.qlref
@@ -1 +1,2 @@
-Classes/MaybeUndefinedClassAttribute.ql
+query: Classes/MaybeUndefinedClassAttribute.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/3/query-tests/Classes/undefined-attribute/UndefinedClassAttribute.qlref
+++ b/python/ql/test/3/query-tests/Classes/undefined-attribute/UndefinedClassAttribute.qlref
@@ -1 +1,2 @@
-Classes/UndefinedClassAttribute.ql
+query: Classes/UndefinedClassAttribute.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/3/query-tests/Expressions/Arguments/WrongNameForArgumentInCall.qlref
+++ b/python/ql/test/3/query-tests/Expressions/Arguments/WrongNameForArgumentInCall.qlref
@@ -1 +1,2 @@
-Expressions/WrongNameForArgumentInCall.ql
+query: Expressions/WrongNameForArgumentInCall.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/3/query-tests/Expressions/Arguments/WrongNumberArgumentsInCall.qlref
+++ b/python/ql/test/3/query-tests/Expressions/Arguments/WrongNumberArgumentsInCall.qlref
@@ -1 +1,2 @@
-Expressions/WrongNumberArgumentsInCall.ql
+query: Expressions/WrongNumberArgumentsInCall.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/3/query-tests/Expressions/Arguments/wrong_arguments.py
+++ b/python/ql/test/3/query-tests/Expressions/Arguments/wrong_arguments.py
@@ -9,8 +9,8 @@ f(1, 2, 3, kw1=1)
 f(1, 2, kw1=1, kw2=2)

 #Not OK
-f(1, 2, 3, kw1=1, kw3=3)
-f(1, 2, 3, kw3=3)
+f(1, 2, 3, kw1=1, kw3=3) # $ Alert[py/call/wrong-named-argument]
+f(1, 2, 3, kw3=3) # $ Alert[py/call/wrong-named-argument]


 #ODASA-5897
@@ -21,4 +21,4 @@ def ok():
    return analyze_member_access(msg, original=original, chk=chk)

 def bad():
-    return analyze_member_access(msg, original, chk=chk)
+    return analyze_member_access(msg, original, chk=chk) # $ Alert[py/call/wrong-arguments]
--- a/python/ql/test/3/query-tests/Expressions/Formatting/WrongNumberArgumentsForFormat.qlref
+++ b/python/ql/test/3/query-tests/Expressions/Formatting/WrongNumberArgumentsForFormat.qlref
@@ -1 +1,2 @@
-Expressions/WrongNumberArgumentsForFormat.ql
+query: Expressions/WrongNumberArgumentsForFormat.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/3/query-tests/Expressions/TruncatedDivision/TruncatedDivision.qlref
+++ b/python/ql/test/3/query-tests/Expressions/TruncatedDivision/TruncatedDivision.qlref
@@ -1 +1,2 @@
-Expressions/TruncatedDivision.ql
+query: Expressions/TruncatedDivision.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/3/query-tests/Expressions/UseofApply/UseofApply.qlref
+++ b/python/ql/test/3/query-tests/Expressions/UseofApply/UseofApply.qlref
@@ -1 +1,2 @@
-Expressions/UseofApply.ql
+query: Expressions/UseofApply.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/3/query-tests/Imports/encoding_error/EncodingError.qlref
+++ b/python/ql/test/3/query-tests/Imports/encoding_error/EncodingError.qlref
@@ -1 +1,2 @@
-Imports/EncodingError.ql
+query: Imports/EncodingError.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/3/query-tests/Imports/syntax_error/EncodingError.qlref
+++ b/python/ql/test/3/query-tests/Imports/syntax_error/EncodingError.qlref
@@ -1 +1,2 @@
-Imports/EncodingError.ql
+query: Imports/EncodingError.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/3/query-tests/Imports/syntax_error/SyntaxError.qlref
+++ b/python/ql/test/3/query-tests/Imports/syntax_error/SyntaxError.qlref
@@ -1 +1,2 @@
-Imports/SyntaxError.ql
+query: Imports/SyntaxError.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/3/query-tests/Imports/syntax_error/bad_encoding.py
+++ b/python/ql/test/3/query-tests/Imports/syntax_error/bad_encoding.py
@@ -8,5 +8,5 @@
 # encoding:shift-jis

 def f():
-    print "Python <20>̊J<CC8A><4A><EFBFBD>́A1990 <20>N<EFBFBD><4E><EFBFBD>납<EFBFBD><EB82A9><EFBFBD>J<EFBFBD>n<EFBFBD><6E><EFBFBD><EFBFBD><EFBFBD>Ă<EFBFBD><C482>܂<EFBFBD>"
+    print "Python <20>̊J<CC8A><4A><EFBFBD>́A1990 <20>N<EFBFBD><4E><EFBFBD>납<EFBFBD><EB82A9><EFBFBD>J<EFBFBD>n<EFBFBD><6E><EFBFBD><EFBFBD><EFBFBD>Ă<EFBFBD><C482>܂<EFBFBD>" # $ Alert[py/encoding-error]
 """
--- a/python/ql/test/3/query-tests/Imports/syntax_error/nonsense.py
+++ b/python/ql/test/3/query-tests/Imports/syntax_error/nonsense.py
@@ -1,4 +1,4 @@
- `Twas brillig, and the slithy toves
+ `Twas brillig, and the slithy toves # $ Alert[py/syntax-error]
  Did gyre and gimble in the wabe:
 All mimsy were the borogoves,
  And the mome raths outgrabe.
--- a/python/ql/test/3/query-tests/Statements/general/ExecUsed.qlref
+++ b/python/ql/test/3/query-tests/Statements/general/ExecUsed.qlref
@@ -1 +1,2 @@
-Statements/ExecUsed.ql
+query: Statements/ExecUsed.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/3/query-tests/Statements/general/TopLevelPrint.qlref
+++ b/python/ql/test/3/query-tests/Statements/general/TopLevelPrint.qlref
@@ -1 +1,2 @@
-Statements/TopLevelPrint.ql
+query: Statements/TopLevelPrint.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/3/query-tests/Statements/general/module.py
+++ b/python/ql/test/3/query-tests/Statements/general/module.py
@@ -1,2 +1,2 @@
 #Top level prints in modules are bad
-print ("Side effect on import")
+print ("Side effect on import") # $ Alert[py/print-during-import]
--- a/python/ql/test/3/query-tests/Statements/general/statements_test.py
+++ b/python/ql/test/3/query-tests/Statements/general/statements_test.py
@@ -2,7 +2,7 @@


 def exec_used(val):
-    exec(val)
+    exec(val) # $ Alert[py/use-of-exec]

 #Top level print
 import module
--- a/python/ql/test/3/query-tests/Statements/iter/IterableStringOrSequence.qlref
+++ b/python/ql/test/3/query-tests/Statements/iter/IterableStringOrSequence.qlref
@@ -1 +1,2 @@
-Statements/IterableStringOrSequence.ql
+query: Statements/IterableStringOrSequence.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/3/query-tests/Statements/iter/NonIteratorInForLoop.qlref
+++ b/python/ql/test/3/query-tests/Statements/iter/NonIteratorInForLoop.qlref
@@ -1 +1,2 @@
-Statements/NonIteratorInForLoop.ql
+query: Statements/NonIteratorInForLoop.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/3/query-tests/Statements/iter/async_iterator.py
+++ b/python/ql/test/3/query-tests/Statements/iter/async_iterator.py
@@ -23,5 +23,5 @@ async def good():
        yield x

 async def bad():
-    async for x in MissingAiter():
+    async for x in MissingAiter(): # $ Alert[py/non-iterable-in-for-loop]
        yield x
--- a/python/ql/test/3/query-tests/Statements/iter/statements_test.py
+++ b/python/ql/test/3/query-tests/Statements/iter/statements_test.py
@@ -18,7 +18,7 @@ def f(x):
        s = u"Hello World"
    else:
        s = [ u'Hello', u'World']
-    for thing in s:
+    for thing in s: # $ Alert[py/iteration-string-and-sequence]
        print (thing)


@@ -31,7 +31,7 @@ class Color(Enum):
 def colors():
    for color in Color:
        print(color)
-    for color in 1:
+    for color in 1: # $ Alert[py/non-iterable-in-for-loop]
        print(color)

 colors()
--- a/python/ql/test/3/query-tests/Statements/unreachable/UnreachableCode.qlref
+++ b/python/ql/test/3/query-tests/Statements/unreachable/UnreachableCode.qlref
@@ -1 +1,2 @@
-Statements/UnreachableCode.ql
+query: Statements/UnreachableCode.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/3/query-tests/Statements/unreachable_suppressed/UnreachableCode.qlref
+++ b/python/ql/test/3/query-tests/Statements/unreachable_suppressed/UnreachableCode.qlref
@@ -1 +1,2 @@
-Statements/UnreachableCode.ql
+query: Statements/UnreachableCode.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/3/query-tests/Summary/LinesOfCode.qlref
+++ b/python/ql/test/3/query-tests/Summary/LinesOfCode.qlref
@@ -1 +1 @@
-Summary/LinesOfCode.ql
+query: Summary/LinesOfCode.ql
--- a/python/ql/test/3/query-tests/Summary/LinesOfUserCode.qlref
+++ b/python/ql/test/3/query-tests/Summary/LinesOfUserCode.qlref
@@ -1 +1 @@
-Summary/LinesOfUserCode.ql
+query: Summary/LinesOfUserCode.ql
--- a/python/ql/test/3/query-tests/Variables/undefined/UndefinedExport.py
+++ b/python/ql/test/3/query-tests/Variables/undefined/UndefinedExport.py
@@ -1,6 +1,6 @@


-__all__ = [ "x", "y", "z", "module", "w" ]
+__all__ = [ "x", "y", "z", "module", "w" ] # $ Alert[py/undefined-export]

 x = 1
 if 0:
--- a/python/ql/test/3/query-tests/Variables/undefined/UndefinedExport.qlref
+++ b/python/ql/test/3/query-tests/Variables/undefined/UndefinedExport.qlref
@@ -1 +1,2 @@
-Variables/UndefinedExport.ql
+query: Variables/UndefinedExport.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/3/query-tests/Variables/undefined/UninitializedLocal.qlref
+++ b/python/ql/test/3/query-tests/Variables/undefined/UninitializedLocal.qlref
@@ -1 +1,2 @@
-Variables/UninitializedLocal.ql
+query: Variables/UninitializedLocal.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/3/query-tests/Variables/undefined/enum_convert.py
+++ b/python/ql/test/3/query-tests/Variables/undefined/enum_convert.py
@@ -5,4 +5,4 @@ IntEnum._convert(
        __name__,
        lambda C: C.isupper() and C.startswith('AF_'))

-__all__ = [ "Maybe", "Maybe_not" ]
+__all__ = [ "Maybe", "Maybe_not" ] # $ Alert[py/undefined-export]
--- a/python/ql/test/3/query-tests/Variables/undefined/package/init.py
+++ b/python/ql/test/3/query-tests/Variables/undefined/package/init.py
@@ -1 +1 @@
-__all__ = [ "module", "not_exists" ]
+__all__ = [ "module", "not_exists" ] # $ Alert[py/undefined-export]
--- a/python/ql/test/experimental/library-tests/CallGraph-implicit-init/InlineCallGraphTest.qlref
+++ b/python/ql/test/experimental/library-tests/CallGraph-implicit-init/InlineCallGraphTest.qlref
@@ -1 +1 @@
-../CallGraph/InlineCallGraphTest.ql
+query: ../CallGraph/InlineCallGraphTest.ql
--- a/python/ql/test/experimental/library-tests/CallGraph-imports/InlineCallGraphTest.qlref
+++ b/python/ql/test/experimental/library-tests/CallGraph-imports/InlineCallGraphTest.qlref
@@ -1 +1 @@
-../CallGraph/InlineCallGraphTest.ql
+query: ../CallGraph/InlineCallGraphTest.ql
--- a/python/ql/test/experimental/library-tests/CallGraph-type-annotations/InlineCallGraphTest.qlref
+++ b/python/ql/test/experimental/library-tests/CallGraph-type-annotations/InlineCallGraphTest.qlref
@@ -1 +1 @@
-../CallGraph/InlineCallGraphTest.ql
+query: ../CallGraph/InlineCallGraphTest.ql
--- a/python/ql/test/experimental/library-tests/FindSubclass/Find.qlref
+++ b/python/ql/test/experimental/library-tests/FindSubclass/Find.qlref
@@ -1 +1 @@
-meta/ClassHierarchy/Find.ql
+query: meta/ClassHierarchy/Find.ql
--- a/python/ql/test/experimental/query-tests/Classes/Naming/NamingConventionsClasses.py
+++ b/python/ql/test/experimental/query-tests/Classes/Naming/NamingConventionsClasses.py
@@ -1,5 +1,5 @@
 # BAD, do not start class or interface name with lowercase letter
-class badName:
+class badName: # $ Alert

    def hello(self):
        print("hello")
--- a/python/ql/test/experimental/query-tests/Classes/Naming/NamingConventionsClasses.qlref
+++ b/python/ql/test/experimental/query-tests/Classes/Naming/NamingConventionsClasses.qlref
@@ -1 +1,2 @@
-experimental/Classes/NamingConventionsClasses.ql
+query: experimental/Classes/NamingConventionsClasses.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/experimental/query-tests/Functions/general/NamingConventionsFunctions.py
+++ b/python/ql/test/experimental/query-tests/Functions/general/NamingConventionsFunctions.py
@@ -1,7 +1,7 @@
 class Test:

    # BAD, do not start function name with uppercase letter
-    def HelloWorld(self):
+    def HelloWorld(self): # $ Alert
        print("hello world")

    # GOOD, function name starts with lowercase letter
--- a/python/ql/test/experimental/query-tests/Functions/general/NamingConventionsFunctions.qlref
+++ b/python/ql/test/experimental/query-tests/Functions/general/NamingConventionsFunctions.qlref
@@ -1 +1,2 @@
-experimental/Functions/NamingConventionsFunctions.ql
+query: experimental/Functions/NamingConventionsFunctions.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/experimental/query-tests/Security/CWE-022-TarSlip/TarSlip.expected
+++ b/python/ql/test/experimental/query-tests/Security/CWE-022-TarSlip/TarSlip.expected
@@ -1,3 +1,33 @@
+#select
+| TarSlipImprov.py:22:35:22:40 | ControlFlowNode for result | TarSlipImprov.py:15:7:15:39 | ControlFlowNode for Attribute() | TarSlipImprov.py:22:35:22:40 | ControlFlowNode for result | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:15:7:15:39 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:22:35:22:40 | ControlFlowNode for result | ControlFlowNode for result |
+| TarSlipImprov.py:39:49:39:68 | ControlFlowNode for members_filter1() | TarSlipImprov.py:38:7:38:39 | ControlFlowNode for Attribute() | TarSlipImprov.py:39:49:39:68 | ControlFlowNode for members_filter1() | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:38:7:38:39 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:39:49:39:68 | ControlFlowNode for members_filter1() | ControlFlowNode for members_filter1() |
+| TarSlipImprov.py:47:21:47:25 | ControlFlowNode for entry | TarSlipImprov.py:43:6:43:38 | ControlFlowNode for Attribute() | TarSlipImprov.py:47:21:47:25 | ControlFlowNode for entry | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:43:6:43:38 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:47:21:47:25 | ControlFlowNode for entry | ControlFlowNode for entry |
+| TarSlipImprov.py:58:21:58:25 | ControlFlowNode for entry | TarSlipImprov.py:54:6:54:38 | ControlFlowNode for Attribute() | TarSlipImprov.py:58:21:58:25 | ControlFlowNode for entry | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:54:6:54:38 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:58:21:58:25 | ControlFlowNode for entry | ControlFlowNode for entry |
+| TarSlipImprov.py:91:5:91:7 | ControlFlowNode for tar | TarSlipImprov.py:88:6:88:43 | ControlFlowNode for Attribute() | TarSlipImprov.py:91:5:91:7 | ControlFlowNode for tar | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:88:6:88:43 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:91:5:91:7 | ControlFlowNode for tar | ControlFlowNode for tar |
+| TarSlipImprov.py:115:9:115:11 | ControlFlowNode for tar | TarSlipImprov.py:111:7:111:39 | ControlFlowNode for Attribute() | TarSlipImprov.py:115:9:115:11 | ControlFlowNode for tar | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:111:7:111:39 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:115:9:115:11 | ControlFlowNode for tar | ControlFlowNode for tar |
+| TarSlipImprov.py:125:36:125:40 | ControlFlowNode for entry | TarSlipImprov.py:123:6:123:29 | ControlFlowNode for Attribute() | TarSlipImprov.py:125:36:125:40 | ControlFlowNode for entry | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:123:6:123:29 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:125:36:125:40 | ControlFlowNode for entry | ControlFlowNode for entry |
+| TarSlipImprov.py:130:5:130:7 | ControlFlowNode for tar | TarSlipImprov.py:129:6:129:26 | ControlFlowNode for Attribute() | TarSlipImprov.py:130:5:130:7 | ControlFlowNode for tar | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:129:6:129:26 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:130:5:130:7 | ControlFlowNode for tar | ControlFlowNode for tar |
+| TarSlipImprov.py:134:1:134:3 | ControlFlowNode for tar | TarSlipImprov.py:133:7:133:39 | ControlFlowNode for Attribute() | TarSlipImprov.py:134:1:134:3 | ControlFlowNode for tar | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:133:7:133:39 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:134:1:134:3 | ControlFlowNode for tar | ControlFlowNode for tar |
+| TarSlipImprov.py:143:36:143:40 | ControlFlowNode for entry | TarSlipImprov.py:141:6:141:29 | ControlFlowNode for Attribute() | TarSlipImprov.py:143:36:143:40 | ControlFlowNode for entry | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:141:6:141:29 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:143:36:143:40 | ControlFlowNode for entry | ControlFlowNode for entry |
+| TarSlipImprov.py:169:9:169:12 | ControlFlowNode for tarc | TarSlipImprov.py:151:22:151:49 | ControlFlowNode for Attribute() | TarSlipImprov.py:169:9:169:12 | ControlFlowNode for tarc | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:151:22:151:49 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:169:9:169:12 | ControlFlowNode for tarc | ControlFlowNode for tarc |
+| TarSlipImprov.py:169:9:169:12 | ControlFlowNode for tarc | TarSlipImprov.py:159:26:159:51 | ControlFlowNode for Attribute() | TarSlipImprov.py:169:9:169:12 | ControlFlowNode for tarc | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:159:26:159:51 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:169:9:169:12 | ControlFlowNode for tarc | ControlFlowNode for tarc |
+| TarSlipImprov.py:178:36:178:40 | ControlFlowNode for entry | TarSlipImprov.py:176:6:176:31 | ControlFlowNode for Attribute() | TarSlipImprov.py:178:36:178:40 | ControlFlowNode for entry | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:176:6:176:31 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:178:36:178:40 | ControlFlowNode for entry | ControlFlowNode for entry |
+| TarSlipImprov.py:184:21:184:25 | ControlFlowNode for entry | TarSlipImprov.py:182:6:182:31 | ControlFlowNode for Attribute() | TarSlipImprov.py:184:21:184:25 | ControlFlowNode for entry | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:182:6:182:31 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:184:21:184:25 | ControlFlowNode for entry | ControlFlowNode for entry |
+| TarSlipImprov.py:189:1:189:3 | ControlFlowNode for tar | TarSlipImprov.py:188:7:188:27 | ControlFlowNode for Attribute() | TarSlipImprov.py:189:1:189:3 | ControlFlowNode for tar | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:188:7:188:27 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:189:1:189:3 | ControlFlowNode for tar | ControlFlowNode for tar |
+| TarSlipImprov.py:194:49:194:51 | ControlFlowNode for tar | TarSlipImprov.py:193:6:193:31 | ControlFlowNode for Attribute() | TarSlipImprov.py:194:49:194:51 | ControlFlowNode for tar | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:193:6:193:31 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:194:49:194:51 | ControlFlowNode for tar | ControlFlowNode for tar |
+| TarSlipImprov.py:211:5:211:7 | ControlFlowNode for tar | TarSlipImprov.py:210:6:210:43 | ControlFlowNode for Attribute() | TarSlipImprov.py:211:5:211:7 | ControlFlowNode for tar | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:210:6:210:43 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:211:5:211:7 | ControlFlowNode for tar | ControlFlowNode for tar |
+| TarSlipImprov.py:236:44:236:50 | ControlFlowNode for members | TarSlipImprov.py:231:6:231:38 | ControlFlowNode for Attribute() | TarSlipImprov.py:236:44:236:50 | ControlFlowNode for members | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:231:6:231:38 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:236:44:236:50 | ControlFlowNode for members | ControlFlowNode for members |
+| TarSlipImprov.py:254:1:254:31 | ControlFlowNode for Attribute() | TarSlipImprov.py:254:1:254:31 | ControlFlowNode for Attribute() | TarSlipImprov.py:254:1:254:31 | ControlFlowNode for Attribute() | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:254:1:254:31 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:254:1:254:31 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() |
+| TarSlipImprov.py:261:25:261:29 | ControlFlowNode for entry | TarSlipImprov.py:258:6:258:26 | ControlFlowNode for Attribute() | TarSlipImprov.py:261:25:261:29 | ControlFlowNode for entry | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:258:6:258:26 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:261:25:261:29 | ControlFlowNode for entry | ControlFlowNode for entry |
+| TarSlipImprov.py:268:21:268:25 | ControlFlowNode for entry | TarSlipImprov.py:264:6:264:38 | ControlFlowNode for Attribute() | TarSlipImprov.py:268:21:268:25 | ControlFlowNode for entry | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:264:6:264:38 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:268:21:268:25 | ControlFlowNode for entry | ControlFlowNode for entry |
+| TarSlipImprov.py:274:25:274:29 | ControlFlowNode for entry | TarSlipImprov.py:271:6:271:39 | ControlFlowNode for Attribute() | TarSlipImprov.py:274:25:274:29 | ControlFlowNode for entry | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:271:6:271:39 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:274:25:274:29 | ControlFlowNode for entry | ControlFlowNode for entry |
+| TarSlipImprov.py:280:21:280:25 | ControlFlowNode for entry | TarSlipImprov.py:276:6:276:38 | ControlFlowNode for Attribute() | TarSlipImprov.py:280:21:280:25 | ControlFlowNode for entry | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:276:6:276:38 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:280:21:280:25 | ControlFlowNode for entry | ControlFlowNode for entry |
+| TarSlipImprov.py:284:5:284:7 | ControlFlowNode for tar | TarSlipImprov.py:283:6:283:51 | ControlFlowNode for Attribute() | TarSlipImprov.py:284:5:284:7 | ControlFlowNode for tar | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:283:6:283:51 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:284:5:284:7 | ControlFlowNode for tar | ControlFlowNode for tar |
+| TarSlipImprov.py:288:49:288:51 | ControlFlowNode for tar | TarSlipImprov.py:287:7:287:28 | ControlFlowNode for Attribute() | TarSlipImprov.py:288:49:288:51 | ControlFlowNode for tar | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:287:7:287:28 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:288:49:288:51 | ControlFlowNode for tar | ControlFlowNode for tar |
+| TarSlipImprov.py:293:1:293:3 | ControlFlowNode for tar | TarSlipImprov.py:292:7:292:39 | ControlFlowNode for Attribute() | TarSlipImprov.py:293:1:293:3 | ControlFlowNode for tar | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:292:7:292:39 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:293:1:293:3 | ControlFlowNode for tar | ControlFlowNode for tar |
+| TarSlipImprov.py:301:49:301:51 | ControlFlowNode for tar | TarSlipImprov.py:300:6:300:51 | ControlFlowNode for Attribute() | TarSlipImprov.py:301:49:301:51 | ControlFlowNode for tar | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:300:6:300:51 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:301:49:301:51 | ControlFlowNode for tar | ControlFlowNode for tar |
+| TarSlipImprov.py:310:49:310:54 | ControlFlowNode for result | TarSlipImprov.py:304:7:304:39 | ControlFlowNode for Attribute() | TarSlipImprov.py:310:49:310:54 | ControlFlowNode for result | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:304:7:304:39 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:310:49:310:54 | ControlFlowNode for result | ControlFlowNode for result |
+| TarSlipImprov.py:316:1:316:46 | ControlFlowNode for Attribute() | TarSlipImprov.py:316:1:316:46 | ControlFlowNode for Attribute() | TarSlipImprov.py:316:1:316:46 | ControlFlowNode for Attribute() | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:316:1:316:46 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:316:1:316:46 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() |
 edges
 | TarSlipImprov.py:15:1:15:3 | ControlFlowNode for tar | TarSlipImprov.py:17:5:17:10 | ControlFlowNode for member | provenance |  |
 | TarSlipImprov.py:15:7:15:39 | ControlFlowNode for Attribute() | TarSlipImprov.py:15:1:15:3 | ControlFlowNode for tar | provenance |  |
@@ -223,33 +253,3 @@ nodes
 subpaths
 | TarSlipImprov.py:39:65:39:67 | ControlFlowNode for tar | TarSlipImprov.py:26:21:26:27 | ControlFlowNode for tarfile | TarSlipImprov.py:36:12:36:17 | ControlFlowNode for result | TarSlipImprov.py:39:49:39:68 | ControlFlowNode for members_filter1() |
 | TarSlipImprov.py:39:65:39:67 | ControlFlowNode for tar | TarSlipImprov.py:26:21:26:27 | ControlFlowNode for tarfile | TarSlipImprov.py:36:12:36:17 | ControlFlowNode for result [List element] | TarSlipImprov.py:39:49:39:68 | ControlFlowNode for members_filter1() |
-#select
-| TarSlipImprov.py:22:35:22:40 | ControlFlowNode for result | TarSlipImprov.py:15:7:15:39 | ControlFlowNode for Attribute() | TarSlipImprov.py:22:35:22:40 | ControlFlowNode for result | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:15:7:15:39 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:22:35:22:40 | ControlFlowNode for result | ControlFlowNode for result |
-| TarSlipImprov.py:39:49:39:68 | ControlFlowNode for members_filter1() | TarSlipImprov.py:38:7:38:39 | ControlFlowNode for Attribute() | TarSlipImprov.py:39:49:39:68 | ControlFlowNode for members_filter1() | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:38:7:38:39 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:39:49:39:68 | ControlFlowNode for members_filter1() | ControlFlowNode for members_filter1() |
-| TarSlipImprov.py:47:21:47:25 | ControlFlowNode for entry | TarSlipImprov.py:43:6:43:38 | ControlFlowNode for Attribute() | TarSlipImprov.py:47:21:47:25 | ControlFlowNode for entry | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:43:6:43:38 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:47:21:47:25 | ControlFlowNode for entry | ControlFlowNode for entry |
-| TarSlipImprov.py:58:21:58:25 | ControlFlowNode for entry | TarSlipImprov.py:54:6:54:38 | ControlFlowNode for Attribute() | TarSlipImprov.py:58:21:58:25 | ControlFlowNode for entry | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:54:6:54:38 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:58:21:58:25 | ControlFlowNode for entry | ControlFlowNode for entry |
-| TarSlipImprov.py:91:5:91:7 | ControlFlowNode for tar | TarSlipImprov.py:88:6:88:43 | ControlFlowNode for Attribute() | TarSlipImprov.py:91:5:91:7 | ControlFlowNode for tar | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:88:6:88:43 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:91:5:91:7 | ControlFlowNode for tar | ControlFlowNode for tar |
-| TarSlipImprov.py:115:9:115:11 | ControlFlowNode for tar | TarSlipImprov.py:111:7:111:39 | ControlFlowNode for Attribute() | TarSlipImprov.py:115:9:115:11 | ControlFlowNode for tar | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:111:7:111:39 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:115:9:115:11 | ControlFlowNode for tar | ControlFlowNode for tar |
-| TarSlipImprov.py:125:36:125:40 | ControlFlowNode for entry | TarSlipImprov.py:123:6:123:29 | ControlFlowNode for Attribute() | TarSlipImprov.py:125:36:125:40 | ControlFlowNode for entry | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:123:6:123:29 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:125:36:125:40 | ControlFlowNode for entry | ControlFlowNode for entry |
-| TarSlipImprov.py:130:5:130:7 | ControlFlowNode for tar | TarSlipImprov.py:129:6:129:26 | ControlFlowNode for Attribute() | TarSlipImprov.py:130:5:130:7 | ControlFlowNode for tar | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:129:6:129:26 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:130:5:130:7 | ControlFlowNode for tar | ControlFlowNode for tar |
-| TarSlipImprov.py:134:1:134:3 | ControlFlowNode for tar | TarSlipImprov.py:133:7:133:39 | ControlFlowNode for Attribute() | TarSlipImprov.py:134:1:134:3 | ControlFlowNode for tar | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:133:7:133:39 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:134:1:134:3 | ControlFlowNode for tar | ControlFlowNode for tar |
-| TarSlipImprov.py:143:36:143:40 | ControlFlowNode for entry | TarSlipImprov.py:141:6:141:29 | ControlFlowNode for Attribute() | TarSlipImprov.py:143:36:143:40 | ControlFlowNode for entry | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:141:6:141:29 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:143:36:143:40 | ControlFlowNode for entry | ControlFlowNode for entry |
-| TarSlipImprov.py:169:9:169:12 | ControlFlowNode for tarc | TarSlipImprov.py:151:22:151:49 | ControlFlowNode for Attribute() | TarSlipImprov.py:169:9:169:12 | ControlFlowNode for tarc | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:151:22:151:49 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:169:9:169:12 | ControlFlowNode for tarc | ControlFlowNode for tarc |
-| TarSlipImprov.py:169:9:169:12 | ControlFlowNode for tarc | TarSlipImprov.py:159:26:159:51 | ControlFlowNode for Attribute() | TarSlipImprov.py:169:9:169:12 | ControlFlowNode for tarc | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:159:26:159:51 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:169:9:169:12 | ControlFlowNode for tarc | ControlFlowNode for tarc |
-| TarSlipImprov.py:178:36:178:40 | ControlFlowNode for entry | TarSlipImprov.py:176:6:176:31 | ControlFlowNode for Attribute() | TarSlipImprov.py:178:36:178:40 | ControlFlowNode for entry | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:176:6:176:31 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:178:36:178:40 | ControlFlowNode for entry | ControlFlowNode for entry |
-| TarSlipImprov.py:184:21:184:25 | ControlFlowNode for entry | TarSlipImprov.py:182:6:182:31 | ControlFlowNode for Attribute() | TarSlipImprov.py:184:21:184:25 | ControlFlowNode for entry | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:182:6:182:31 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:184:21:184:25 | ControlFlowNode for entry | ControlFlowNode for entry |
-| TarSlipImprov.py:189:1:189:3 | ControlFlowNode for tar | TarSlipImprov.py:188:7:188:27 | ControlFlowNode for Attribute() | TarSlipImprov.py:189:1:189:3 | ControlFlowNode for tar | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:188:7:188:27 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:189:1:189:3 | ControlFlowNode for tar | ControlFlowNode for tar |
-| TarSlipImprov.py:194:49:194:51 | ControlFlowNode for tar | TarSlipImprov.py:193:6:193:31 | ControlFlowNode for Attribute() | TarSlipImprov.py:194:49:194:51 | ControlFlowNode for tar | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:193:6:193:31 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:194:49:194:51 | ControlFlowNode for tar | ControlFlowNode for tar |
-| TarSlipImprov.py:211:5:211:7 | ControlFlowNode for tar | TarSlipImprov.py:210:6:210:43 | ControlFlowNode for Attribute() | TarSlipImprov.py:211:5:211:7 | ControlFlowNode for tar | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:210:6:210:43 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:211:5:211:7 | ControlFlowNode for tar | ControlFlowNode for tar |
-| TarSlipImprov.py:236:44:236:50 | ControlFlowNode for members | TarSlipImprov.py:231:6:231:38 | ControlFlowNode for Attribute() | TarSlipImprov.py:236:44:236:50 | ControlFlowNode for members | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:231:6:231:38 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:236:44:236:50 | ControlFlowNode for members | ControlFlowNode for members |
-| TarSlipImprov.py:254:1:254:31 | ControlFlowNode for Attribute() | TarSlipImprov.py:254:1:254:31 | ControlFlowNode for Attribute() | TarSlipImprov.py:254:1:254:31 | ControlFlowNode for Attribute() | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:254:1:254:31 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:254:1:254:31 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() |
-| TarSlipImprov.py:261:25:261:29 | ControlFlowNode for entry | TarSlipImprov.py:258:6:258:26 | ControlFlowNode for Attribute() | TarSlipImprov.py:261:25:261:29 | ControlFlowNode for entry | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:258:6:258:26 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:261:25:261:29 | ControlFlowNode for entry | ControlFlowNode for entry |
-| TarSlipImprov.py:268:21:268:25 | ControlFlowNode for entry | TarSlipImprov.py:264:6:264:38 | ControlFlowNode for Attribute() | TarSlipImprov.py:268:21:268:25 | ControlFlowNode for entry | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:264:6:264:38 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:268:21:268:25 | ControlFlowNode for entry | ControlFlowNode for entry |
-| TarSlipImprov.py:274:25:274:29 | ControlFlowNode for entry | TarSlipImprov.py:271:6:271:39 | ControlFlowNode for Attribute() | TarSlipImprov.py:274:25:274:29 | ControlFlowNode for entry | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:271:6:271:39 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:274:25:274:29 | ControlFlowNode for entry | ControlFlowNode for entry |
-| TarSlipImprov.py:280:21:280:25 | ControlFlowNode for entry | TarSlipImprov.py:276:6:276:38 | ControlFlowNode for Attribute() | TarSlipImprov.py:280:21:280:25 | ControlFlowNode for entry | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:276:6:276:38 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:280:21:280:25 | ControlFlowNode for entry | ControlFlowNode for entry |
-| TarSlipImprov.py:284:5:284:7 | ControlFlowNode for tar | TarSlipImprov.py:283:6:283:51 | ControlFlowNode for Attribute() | TarSlipImprov.py:284:5:284:7 | ControlFlowNode for tar | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:283:6:283:51 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:284:5:284:7 | ControlFlowNode for tar | ControlFlowNode for tar |
-| TarSlipImprov.py:288:49:288:51 | ControlFlowNode for tar | TarSlipImprov.py:287:7:287:28 | ControlFlowNode for Attribute() | TarSlipImprov.py:288:49:288:51 | ControlFlowNode for tar | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:287:7:287:28 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:288:49:288:51 | ControlFlowNode for tar | ControlFlowNode for tar |
-| TarSlipImprov.py:293:1:293:3 | ControlFlowNode for tar | TarSlipImprov.py:292:7:292:39 | ControlFlowNode for Attribute() | TarSlipImprov.py:293:1:293:3 | ControlFlowNode for tar | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:292:7:292:39 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:293:1:293:3 | ControlFlowNode for tar | ControlFlowNode for tar |
-| TarSlipImprov.py:301:49:301:51 | ControlFlowNode for tar | TarSlipImprov.py:300:6:300:51 | ControlFlowNode for Attribute() | TarSlipImprov.py:301:49:301:51 | ControlFlowNode for tar | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:300:6:300:51 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:301:49:301:51 | ControlFlowNode for tar | ControlFlowNode for tar |
-| TarSlipImprov.py:310:49:310:54 | ControlFlowNode for result | TarSlipImprov.py:304:7:304:39 | ControlFlowNode for Attribute() | TarSlipImprov.py:310:49:310:54 | ControlFlowNode for result | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:304:7:304:39 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:310:49:310:54 | ControlFlowNode for result | ControlFlowNode for result |
-| TarSlipImprov.py:316:1:316:46 | ControlFlowNode for Attribute() | TarSlipImprov.py:316:1:316:46 | ControlFlowNode for Attribute() | TarSlipImprov.py:316:1:316:46 | ControlFlowNode for Attribute() | Extraction of tarfile from $@ to a potentially untrusted source $@. | TarSlipImprov.py:316:1:316:46 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() | TarSlipImprov.py:316:1:316:46 | ControlFlowNode for Attribute() | ControlFlowNode for Attribute() |
--- a/python/ql/test/experimental/query-tests/Security/CWE-022-TarSlip/TarSlip.qlref
+++ b/python/ql/test/experimental/query-tests/Security/CWE-022-TarSlip/TarSlip.qlref
@@ -1 +1,2 @@
-experimental/Security/CWE-022bis/TarSlipImprov.ql
+query: experimental/Security/CWE-022bis/TarSlipImprov.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/experimental/query-tests/Security/CWE-022-TarSlip/TarSlipImprov.py
+++ b/python/ql/test/experimental/query-tests/Security/CWE-022-TarSlip/TarSlipImprov.py
@@ -12,14 +12,14 @@ import os.path
 unsafe_filename_tar = sys.argv[2]
 safe_filename_tar = "safe_path.tar"

-tar = tarfile.open(unsafe_filename_tar)
+tar = tarfile.open(unsafe_filename_tar) # $ Source[py/tarslip-extended]
 result = []
 for member in tar:
    if ".." in member.name:
        raise ValueError("Path in member name !!!")    
    result.append(member)
 path = unsafe_filename_tar
-tar.extractall(path=path, members=result)
+tar.extractall(path=path, members=result) # $ Alert[py/tarslip-extended]
 tar.close()


@@ -35,27 +35,27 @@ def members_filter1(tarfile):
        result.append(member)
    return result

-tar = tarfile.open(unsafe_filename_tar)
-tar.extractall(path=tempfile.mkdtemp(), members=members_filter1(tar))
+tar = tarfile.open(unsafe_filename_tar) # $ Source[py/tarslip-extended]
+tar.extractall(path=tempfile.mkdtemp(), members=members_filter1(tar)) # $ Alert[py/tarslip-extended]
 tar.close()


-with tarfile.open(unsafe_filename_tar) as tar:
+with tarfile.open(unsafe_filename_tar) as tar: # $ Source[py/tarslip-extended]
    for entry in tar:
        if ".." in entry.name:
            raise ValueError("Illegal tar archive entry")
-        tar.extract(entry, "/tmp/unpack/")
+        tar.extract(entry, "/tmp/unpack/") # $ Alert[py/tarslip-extended]


 def _validate_archive_name(name, target):
    if not os.path.abspath(os.path.join(target, name)).startswith(target + os.path.sep):
        raise ValueError(f"Provided language pack contains invalid name {name}")

-with tarfile.open(unsafe_filename_tar) as tar:
+with tarfile.open(unsafe_filename_tar) as tar: # $ Source[py/tarslip-extended]
    target = "/tmp/unpack"
    for entry in tar:
        _validate_archive_name(entry.name, target)
-        tar.extract(entry, target)
+        tar.extract(entry, target) # $ Alert[py/tarslip-extended]


 def members_filter2(tarfile):
@@ -85,10 +85,10 @@ def _validate_archive_name(name, target):
        raise ValueError(f"Provided language pack contains invalid name {name}")

 target = "/tmp/unpack"
-with tarfile.open(unsafe_filename_tar, "r") as tar:
+with tarfile.open(unsafe_filename_tar, "r") as tar: # $ Source[py/tarslip-extended]
    for info in tar.getmembers():
        _validate_tar_info(info, target)
-    tar.extractall(target)
+    tar.extractall(target) # $ Alert[py/tarslip-extended]


 def members_filter3(tarfile):
@@ -108,11 +108,11 @@ tar.extractall(path=tempfile.mkdtemp(), members=members_filter3(tar))
 tar.close()

    
-tar = tarfile.open(unsafe_filename_tar)
+tar = tarfile.open(unsafe_filename_tar) # $ Source[py/tarslip-extended]
 tarf = tar.getmembers()
 for f in tarf:
    if not f.issym():
-        tar.extractall(path=tempfile.mkdtemp(), members=[f])
+        tar.extractall(path=tempfile.mkdtemp(), members=[f]) # $ Alert[py/tarslip-extended]
 tar.close()


@@ -120,27 +120,27 @@ class MKTar(TarFile):
    pass

 tarball = unsafe_filename_tar
-with MKTar.open(name=tarball) as tar:
+with MKTar.open(name=tarball) as tar: # $ Source[py/tarslip-extended]
    for entry in tar:
-        tar._extract_member(entry, entry.name)
+        tar._extract_member(entry, entry.name) # $ Alert[py/tarslip-extended]


 tarball = unsafe_filename_tar
-with tarfile.open(tarball) as tar:
-    tar.extractall()
+with tarfile.open(tarball) as tar: # $ Source[py/tarslip-extended]
+    tar.extractall() # $ Alert[py/tarslip-extended]


-tar = tarfile.open(unsafe_filename_tar)
-tar.extractall(path=tempfile.mkdtemp(), members=None)
+tar = tarfile.open(unsafe_filename_tar) # $ Source[py/tarslip-extended]
+tar.extractall(path=tempfile.mkdtemp(), members=None) # $ Alert[py/tarslip-extended]


 class MKTar(tarfile.TarFile):
    pass

 tarball = unsafe_filename_tar
-with MKTar.open(name=tarball) as tar:
+with MKTar.open(name=tarball) as tar: # $ Source[py/tarslip-extended]
    for entry in tar:
-        tar._extract_member(entry, entry.name)
+        tar._extract_member(entry, entry.name) # $ Alert[py/tarslip-extended]


@contextmanager
@@ -148,7 +148,7 @@ def py2_tarxz(filename):
    with tempfile.TemporaryFile() as tmp:
        subprocess.check_call(["xz", "-dc", filename], stdout=tmp.fileno())
        tmp.seek(0)
-        with closing(tarfile.TarFile(fileobj=tmp)) as tf:
+        with closing(tarfile.TarFile(fileobj=tmp)) as tf: # $ Source[py/tarslip-extended]
            yield tf

 def unpack_tarball(tar_filename, dest):     
@@ -156,7 +156,7 @@ def unpack_tarball(tar_filename, dest):
        # Py 2.7 lacks lzma support
        tar_cm = py2_tarxz(tar_filename)
    else:
-        tar_cm = closing(tarfile.open(tar_filename))
+        tar_cm = closing(tarfile.open(tar_filename)) # $ Source[py/tarslip-extended]

    base_dir = None
    with tar_cm as tarc:
@@ -166,32 +166,32 @@ def unpack_tarball(tar_filename, dest):
                base_dir = base_name
            elif base_dir != base_name:
                print('Unexpected path in %s: %s' % (tar_filename, base_name))
-        tarc.extractall(dest)
+        tarc.extractall(dest) # $ Alert[py/tarslip-extended]
    return os.path.join(dest, base_dir)

 unpack_tarball(unsafe_filename_tar, "/tmp/unpack")


 tarball = unsafe_filename_tar
-with tarfile.open(name=tarball) as tar:
+with tarfile.open(name=tarball) as tar: # $ Source[py/tarslip-extended]
    for entry in tar:
-        tar._extract_member(entry, entry.name)
+        tar._extract_member(entry, entry.name) # $ Alert[py/tarslip-extended]


 tarball = unsafe_filename_tar
-with tarfile.open(name=tarball) as tar:
+with tarfile.open(name=tarball) as tar: # $ Source[py/tarslip-extended]
    for entry in tar:
-        tar.extract(entry, "/tmp/unpack/")
+        tar.extract(entry, "/tmp/unpack/") # $ Alert[py/tarslip-extended]


 tarball = unsafe_filename_tar
-tar = tarfile.open(tarball)
-tar.extractall("/tmp/unpack/")
+tar = tarfile.open(tarball) # $ Source[py/tarslip-extended]
+tar.extractall("/tmp/unpack/") # $ Alert[py/tarslip-extended]


 tarball = unsafe_filename_tar
-with tarfile.open(tarball, "r") as tar:
-    tar.extractall(path="/tmp/unpack/", members=tar)
+with tarfile.open(tarball, "r") as tar: # $ Source[py/tarslip-extended]
+    tar.extractall(path="/tmp/unpack/", members=tar) # $ Alert[py/tarslip-extended]


 def members_filter4(tarfile):
@@ -207,8 +207,8 @@ tar.extractall(path=tempfile.mkdtemp(), members=members_filter4(tar))
 tar.close()


-with tarfile.open(unsafe_filename_tar, "r") as tar:
-    tar.extractall(path="/tmp/unpack")
+with tarfile.open(unsafe_filename_tar, "r") as tar: # $ Source[py/tarslip-extended]
+    tar.extractall(path="/tmp/unpack") # $ Alert[py/tarslip-extended]


 def members_filter5(tarfile):
@@ -228,12 +228,12 @@ filename = unsafe_filename_tar
 tmp_dir = "/tmp/"

 read_type = "r:gz" if filename.endswith("tgz") else "r"
-with tarfile.open(filename, read_type) as corpus_tar:
+with tarfile.open(filename, read_type) as corpus_tar: # $ Source[py/tarslip-extended]
    members = []
    for f in corpus_tar:
        if not os.path.isfile(os.path.join(tmp_dir, f.name)):
            members.append(f)
-    corpus_tar.extractall(tmp_dir, members=members)
+    corpus_tar.extractall(tmp_dir, members=members) # $ Alert[py/tarslip-extended]


 def members_filter6(tarfile):
@@ -251,66 +251,66 @@ tar.close()

 archive_path = unsafe_filename_tar
 target_dir = "/tmp/unpack"
-tarfile.open(archive_path, "r").extractall(path=target_dir)
+tarfile.open(archive_path, "r").extractall(path=target_dir) # $ Alert[py/tarslip-extended]


 tarball = unsafe_filename_tar
-with tarfile.open(tarball) as tar:
+with tarfile.open(tarball) as tar: # $ Source[py/tarslip-extended]
    for entry in tar:
        if entry.isfile():
-            tar.extract(entry, "/tmp/unpack/")
+            tar.extract(entry, "/tmp/unpack/") # $ Alert[py/tarslip-extended]


-with tarfile.open(unsafe_filename_tar) as tar:
+with tarfile.open(unsafe_filename_tar) as tar: # $ Source[py/tarslip-extended]
    for entry in tar:
        if entry.name.startswith("/"):
            raise ValueError("Illegal tar archive entry")
-        tar.extract(entry, "/tmp/unpack/")
+        tar.extract(entry, "/tmp/unpack/") # $ Alert[py/tarslip-extended]

 tarball = unsafe_filename_tar
-with tarfile.TarFile(tarball, mode="r") as tar:
+with tarfile.TarFile(tarball, mode="r") as tar: # $ Source[py/tarslip-extended]
    for entry in tar:
        if entry.isfile():
-            tar.extract(entry, "/tmp/unpack/")
+            tar.extract(entry, "/tmp/unpack/") # $ Alert[py/tarslip-extended]

-with tarfile.open(unsafe_filename_tar) as tar:
+with tarfile.open(unsafe_filename_tar) as tar: # $ Source[py/tarslip-extended]
    for entry in tar:
        if os.path.isabs(entry.name):
            raise ValueError("Illegal tar archive entry")
-        tar.extract(entry, "/tmp/unpack/")
+        tar.extract(entry, "/tmp/unpack/") # $ Alert[py/tarslip-extended]


-with tarfile.TarFile(unsafe_filename_tar, mode="r") as tar:
-    tar.extractall(path="/tmp/unpack")
+with tarfile.TarFile(unsafe_filename_tar, mode="r") as tar: # $ Source[py/tarslip-extended]
+    tar.extractall(path="/tmp/unpack") # $ Alert[py/tarslip-extended]


-tar = tarfile.open(filename)
-tar.extractall(path=tempfile.mkdtemp(), members=tar.getmembers())
+tar = tarfile.open(filename) # $ Source[py/tarslip-extended]
+tar.extractall(path=tempfile.mkdtemp(), members=tar.getmembers()) # $ Alert[py/tarslip-extended]
 tar.close()


-tar = tarfile.open(unsafe_filename_tar)
-tar.extractall(path=tempfile.mkdtemp(), members=None)
+tar = tarfile.open(unsafe_filename_tar) # $ Source[py/tarslip-extended]
+tar.extractall(path=tempfile.mkdtemp(), members=None) # $ Alert[py/tarslip-extended]


 tar.extractall(path=tempfile.mkdtemp(), members=members_filter4(tar))
 tar.close()


-with tarfile.TarFile(unsafe_filename_tar, mode="r") as tar:
-    tar.extractall(path="/tmp/unpack/", members=tar)
+with tarfile.TarFile(unsafe_filename_tar, mode="r") as tar: # $ Source[py/tarslip-extended]
+    tar.extractall(path="/tmp/unpack/", members=tar) # $ Alert[py/tarslip-extended]


-tar = tarfile.open(unsafe_filename_tar)
+tar = tarfile.open(unsafe_filename_tar) # $ Source[py/tarslip-extended]
 result = []
 for member in tar:
    if member.issym():
        raise ValueError("But it is a symlink")   
    result.append(member)
-tar.extractall(path=tempfile.mkdtemp(), members=result)
+tar.extractall(path=tempfile.mkdtemp(), members=result) # $ Alert[py/tarslip-extended]
 tar.close()


 archive_path = unsafe_filename_tar
 target_dir = "/tmp/unpack"
-tarfile.TarFile(unsafe_filename_tar, mode="r").extractall(path=target_dir)
+tarfile.TarFile(unsafe_filename_tar, mode="r").extractall(path=target_dir) # $ Alert[py/tarslip-extended]
--- a/python/ql/test/experimental/query-tests/Security/CWE-022-TarSlip/ZipSlip.expected
+++ b/python/ql/test/experimental/query-tests/Security/CWE-022-TarSlip/ZipSlip.expected
@@ -1,3 +1,9 @@
+#select
+| zipslip_bad.py:8:10:8:31 | ControlFlowNode for Attribute() | zipslip_bad.py:8:10:8:31 | ControlFlowNode for Attribute() | zipslip_bad.py:11:25:11:29 | ControlFlowNode for entry | This unsanitized archive entry, which may contain '..', is used in a $@. | zipslip_bad.py:11:25:11:29 | ControlFlowNode for entry | file system operation |
+| zipslip_bad.py:14:10:14:28 | ControlFlowNode for Attribute() | zipslip_bad.py:14:10:14:28 | ControlFlowNode for Attribute() | zipslip_bad.py:17:26:17:30 | ControlFlowNode for entry | This unsanitized archive entry, which may contain '..', is used in a $@. | zipslip_bad.py:17:26:17:30 | ControlFlowNode for entry | file system operation |
+| zipslip_bad.py:20:10:20:27 | ControlFlowNode for Attribute() | zipslip_bad.py:20:10:20:27 | ControlFlowNode for Attribute() | zipslip_bad.py:23:29:23:33 | ControlFlowNode for entry | This unsanitized archive entry, which may contain '..', is used in a $@. | zipslip_bad.py:23:29:23:33 | ControlFlowNode for entry | file system operation |
+| zipslip_bad.py:27:10:27:22 | ControlFlowNode for Attribute() | zipslip_bad.py:27:10:27:22 | ControlFlowNode for Attribute() | zipslip_bad.py:30:25:30:25 | ControlFlowNode for x | This unsanitized archive entry, which may contain '..', is used in a $@. | zipslip_bad.py:30:25:30:25 | ControlFlowNode for x | file system operation |
+| zipslip_bad.py:34:16:34:28 | ControlFlowNode for Attribute() | zipslip_bad.py:34:16:34:28 | ControlFlowNode for Attribute() | zipslip_bad.py:37:32:37:32 | ControlFlowNode for x | This unsanitized archive entry, which may contain '..', is used in a $@. | zipslip_bad.py:37:32:37:32 | ControlFlowNode for x | file system operation |
 edges
 | zipslip_bad.py:8:10:8:31 | ControlFlowNode for Attribute() | zipslip_bad.py:8:36:8:39 | ControlFlowNode for zipf | provenance |  |
 | zipslip_bad.py:8:36:8:39 | ControlFlowNode for zipf | zipslip_bad.py:10:13:10:17 | ControlFlowNode for entry | provenance |  |
@@ -36,9 +42,3 @@ nodes
 | zipslip_bad.py:35:9:35:9 | ControlFlowNode for x | semmle.label | ControlFlowNode for x |
 | zipslip_bad.py:37:32:37:32 | ControlFlowNode for x | semmle.label | ControlFlowNode for x |
 subpaths
-#select
-| zipslip_bad.py:8:10:8:31 | ControlFlowNode for Attribute() | zipslip_bad.py:8:10:8:31 | ControlFlowNode for Attribute() | zipslip_bad.py:11:25:11:29 | ControlFlowNode for entry | This unsanitized archive entry, which may contain '..', is used in a $@. | zipslip_bad.py:11:25:11:29 | ControlFlowNode for entry | file system operation |
-| zipslip_bad.py:14:10:14:28 | ControlFlowNode for Attribute() | zipslip_bad.py:14:10:14:28 | ControlFlowNode for Attribute() | zipslip_bad.py:17:26:17:30 | ControlFlowNode for entry | This unsanitized archive entry, which may contain '..', is used in a $@. | zipslip_bad.py:17:26:17:30 | ControlFlowNode for entry | file system operation |
-| zipslip_bad.py:20:10:20:27 | ControlFlowNode for Attribute() | zipslip_bad.py:20:10:20:27 | ControlFlowNode for Attribute() | zipslip_bad.py:23:29:23:33 | ControlFlowNode for entry | This unsanitized archive entry, which may contain '..', is used in a $@. | zipslip_bad.py:23:29:23:33 | ControlFlowNode for entry | file system operation |
-| zipslip_bad.py:27:10:27:22 | ControlFlowNode for Attribute() | zipslip_bad.py:27:10:27:22 | ControlFlowNode for Attribute() | zipslip_bad.py:30:25:30:25 | ControlFlowNode for x | This unsanitized archive entry, which may contain '..', is used in a $@. | zipslip_bad.py:30:25:30:25 | ControlFlowNode for x | file system operation |
-| zipslip_bad.py:34:16:34:28 | ControlFlowNode for Attribute() | zipslip_bad.py:34:16:34:28 | ControlFlowNode for Attribute() | zipslip_bad.py:37:32:37:32 | ControlFlowNode for x | This unsanitized archive entry, which may contain '..', is used in a $@. | zipslip_bad.py:37:32:37:32 | ControlFlowNode for x | file system operation |
--- a/python/ql/test/experimental/query-tests/Security/CWE-022-TarSlip/ZipSlip.qlref
+++ b/python/ql/test/experimental/query-tests/Security/CWE-022-TarSlip/ZipSlip.qlref
@@ -1 +1,2 @@
-experimental/Security/CWE-022/ZipSlip.ql
+query: experimental/Security/CWE-022/ZipSlip.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/experimental/query-tests/Security/CWE-022-TarSlip/zipslip_bad.py
+++ b/python/ql/test/experimental/query-tests/Security/CWE-022-TarSlip/zipslip_bad.py
@@ -5,35 +5,35 @@ import gzip
 import zipfile

 def unzip(filename):
-    with tarfile.open(filename) as zipf:
+    with tarfile.open(filename) as zipf: # $ Alert[py/zipslip]
    #BAD : This could write any file on the filesystem.
        for entry in zipf:
-            shutil.move(entry, "/tmp/unpack/")
+            shutil.move(entry, "/tmp/unpack/") # $ Sink[py/zipslip]

 def unzip1(filename):
-    with gzip.open(filename) as zipf:
+    with gzip.open(filename) as zipf: # $ Alert[py/zipslip]
    #BAD : This could write any file on the filesystem.
        for entry in zipf:
-            shutil.copy2(entry, "/tmp/unpack/")
+            shutil.copy2(entry, "/tmp/unpack/") # $ Sink[py/zipslip]

 def unzip2(filename):
-    with bz2.open(filename) as zipf:
+    with bz2.open(filename) as zipf: # $ Alert[py/zipslip]
    #BAD : This could write any file on the filesystem.
        for entry in zipf:
-            shutil.copyfile(entry, "/tmp/unpack/")
+            shutil.copyfile(entry, "/tmp/unpack/") # $ Sink[py/zipslip]

 def unzip3(filename):
    zf = zipfile.ZipFile(filename)
-    with zf.namelist() as filelist:
+    with zf.namelist() as filelist: # $ Alert[py/zipslip]
    #BAD : This could write any file on the filesystem.
        for x in filelist:
-            shutil.copy(x, "/tmp/unpack/")
+            shutil.copy(x, "/tmp/unpack/") # $ Sink[py/zipslip]

 def unzip4(filename):
    zf = zipfile.ZipFile(filename)
-    filelist = zf.namelist()
+    filelist = zf.namelist() # $ Alert[py/zipslip]
    for x in filelist:
        with zf.open(x) as srcf:
-            shutil.copyfileobj(x, "/tmp/unpack/")
+            shutil.copyfileobj(x, "/tmp/unpack/") # $ Sink[py/zipslip]

 import tty # to set the import root so we can identify the standard library
--- a/python/ql/test/experimental/query-tests/Security/CWE-074-RemoteCommandExecution/RemoteCommandExecution.qlref
+++ b/python/ql/test/experimental/query-tests/Security/CWE-074-RemoteCommandExecution/RemoteCommandExecution.qlref
@@ -1 +1 @@
-experimental/Security/CWE-074/remoteCommandExecution/RemoteCommandExecution.ql
+query: experimental/Security/CWE-074/remoteCommandExecution/RemoteCommandExecution.ql
--- a/python/ql/test/experimental/query-tests/Security/CWE-079/EmailXss.expected
+++ b/python/ql/test/experimental/query-tests/Security/CWE-079/EmailXss.expected
@@ -1,3 +1,18 @@
+#select
+| django_mail.py:14:48:14:82 | ControlFlowNode for Attribute() | django_mail.py:14:48:14:82 | ControlFlowNode for Attribute() | django_mail.py:14:48:14:82 | ControlFlowNode for Attribute() | Cross-site scripting vulnerability due to $@. | django_mail.py:14:48:14:82 | ControlFlowNode for Attribute() | a user-provided value |
+| django_mail.py:23:30:23:64 | ControlFlowNode for Attribute() | django_mail.py:23:30:23:64 | ControlFlowNode for Attribute() | django_mail.py:23:30:23:64 | ControlFlowNode for Attribute() | Cross-site scripting vulnerability due to $@. | django_mail.py:23:30:23:64 | ControlFlowNode for Attribute() | a user-provided value |
+| django_mail.py:25:32:25:66 | ControlFlowNode for Attribute() | django_mail.py:25:32:25:66 | ControlFlowNode for Attribute() | django_mail.py:25:32:25:66 | ControlFlowNode for Attribute() | Cross-site scripting vulnerability due to $@. | django_mail.py:25:32:25:66 | ControlFlowNode for Attribute() | a user-provided value |
+| flask_mail.py:13:22:13:41 | ControlFlowNode for Subscript | flask_mail.py:1:19:1:25 | ControlFlowNode for ImportMember | flask_mail.py:13:22:13:41 | ControlFlowNode for Subscript | Cross-site scripting vulnerability due to $@. | flask_mail.py:1:19:1:25 | ControlFlowNode for ImportMember | a user-provided value |
+| flask_mail.py:18:14:18:33 | ControlFlowNode for Subscript | flask_mail.py:1:19:1:25 | ControlFlowNode for ImportMember | flask_mail.py:18:14:18:33 | ControlFlowNode for Subscript | Cross-site scripting vulnerability due to $@. | flask_mail.py:1:19:1:25 | ControlFlowNode for ImportMember | a user-provided value |
+| flask_mail.py:31:24:31:43 | ControlFlowNode for Subscript | flask_mail.py:1:19:1:25 | ControlFlowNode for ImportMember | flask_mail.py:31:24:31:43 | ControlFlowNode for Subscript | Cross-site scripting vulnerability due to $@. | flask_mail.py:1:19:1:25 | ControlFlowNode for ImportMember | a user-provided value |
+| sendgrid_mail.py:14:22:14:49 | ControlFlowNode for Subscript | sendgrid_mail.py:1:19:1:25 | ControlFlowNode for ImportMember | sendgrid_mail.py:14:22:14:49 | ControlFlowNode for Subscript | Cross-site scripting vulnerability due to $@. | sendgrid_mail.py:1:19:1:25 | ControlFlowNode for ImportMember | a user-provided value |
+| sendgrid_mail.py:26:22:26:62 | ControlFlowNode for HtmlContent() | sendgrid_mail.py:1:19:1:25 | ControlFlowNode for ImportMember | sendgrid_mail.py:26:22:26:62 | ControlFlowNode for HtmlContent() | Cross-site scripting vulnerability due to $@. | sendgrid_mail.py:1:19:1:25 | ControlFlowNode for ImportMember | a user-provided value |
+| sendgrid_mail.py:37:41:37:68 | ControlFlowNode for Subscript | sendgrid_mail.py:1:19:1:25 | ControlFlowNode for ImportMember | sendgrid_mail.py:37:41:37:68 | ControlFlowNode for Subscript | Cross-site scripting vulnerability due to $@. | sendgrid_mail.py:1:19:1:25 | ControlFlowNode for ImportMember | a user-provided value |
+| sendgrid_via_mail_send_post_request_body_bad.py:16:26:16:79 | ControlFlowNode for Attribute() | sendgrid_via_mail_send_post_request_body_bad.py:3:19:3:25 | ControlFlowNode for ImportMember | sendgrid_via_mail_send_post_request_body_bad.py:16:26:16:79 | ControlFlowNode for Attribute() | Cross-site scripting vulnerability due to $@. | sendgrid_via_mail_send_post_request_body_bad.py:3:19:3:25 | ControlFlowNode for ImportMember | a user-provided value |
+| sendgrid_via_mail_send_post_request_body_bad.py:27:25:27:77 | ControlFlowNode for Attribute() | sendgrid_via_mail_send_post_request_body_bad.py:3:19:3:25 | ControlFlowNode for ImportMember | sendgrid_via_mail_send_post_request_body_bad.py:27:25:27:77 | ControlFlowNode for Attribute() | Cross-site scripting vulnerability due to $@. | sendgrid_via_mail_send_post_request_body_bad.py:3:19:3:25 | ControlFlowNode for ImportMember | a user-provided value |
+| sendgrid_via_mail_send_post_request_body_bad.py:41:25:41:79 | ControlFlowNode for Attribute() | sendgrid_via_mail_send_post_request_body_bad.py:3:19:3:25 | ControlFlowNode for ImportMember | sendgrid_via_mail_send_post_request_body_bad.py:41:25:41:79 | ControlFlowNode for Attribute() | Cross-site scripting vulnerability due to $@. | sendgrid_via_mail_send_post_request_body_bad.py:3:19:3:25 | ControlFlowNode for ImportMember | a user-provided value |
+| smtplib_bad_subparts.py:24:22:24:25 | ControlFlowNode for html | smtplib_bad_subparts.py:2:26:2:32 | ControlFlowNode for ImportMember | smtplib_bad_subparts.py:24:22:24:25 | ControlFlowNode for html | Cross-site scripting vulnerability due to $@. | smtplib_bad_subparts.py:2:26:2:32 | ControlFlowNode for ImportMember | a user-provided value |
+| smtplib_bad_via_attach.py:27:22:27:25 | ControlFlowNode for html | smtplib_bad_via_attach.py:2:26:2:32 | ControlFlowNode for ImportMember | smtplib_bad_via_attach.py:27:22:27:25 | ControlFlowNode for html | Cross-site scripting vulnerability due to $@. | smtplib_bad_via_attach.py:2:26:2:32 | ControlFlowNode for ImportMember | a user-provided value |
 edges
 | flask_mail.py:1:19:1:25 | ControlFlowNode for ImportMember | flask_mail.py:1:19:1:25 | ControlFlowNode for request | provenance |  |
 | flask_mail.py:1:19:1:25 | ControlFlowNode for request | flask_mail.py:13:22:13:28 | ControlFlowNode for request | provenance |  |
@@ -77,18 +92,3 @@ nodes
 | smtplib_bad_via_attach.py:23:5:23:8 | ControlFlowNode for html | semmle.label | ControlFlowNode for html |
 | smtplib_bad_via_attach.py:27:22:27:25 | ControlFlowNode for html | semmle.label | ControlFlowNode for html |
 subpaths
-#select
-| django_mail.py:14:48:14:82 | ControlFlowNode for Attribute() | django_mail.py:14:48:14:82 | ControlFlowNode for Attribute() | django_mail.py:14:48:14:82 | ControlFlowNode for Attribute() | Cross-site scripting vulnerability due to $@. | django_mail.py:14:48:14:82 | ControlFlowNode for Attribute() | a user-provided value |
-| django_mail.py:23:30:23:64 | ControlFlowNode for Attribute() | django_mail.py:23:30:23:64 | ControlFlowNode for Attribute() | django_mail.py:23:30:23:64 | ControlFlowNode for Attribute() | Cross-site scripting vulnerability due to $@. | django_mail.py:23:30:23:64 | ControlFlowNode for Attribute() | a user-provided value |
-| django_mail.py:25:32:25:66 | ControlFlowNode for Attribute() | django_mail.py:25:32:25:66 | ControlFlowNode for Attribute() | django_mail.py:25:32:25:66 | ControlFlowNode for Attribute() | Cross-site scripting vulnerability due to $@. | django_mail.py:25:32:25:66 | ControlFlowNode for Attribute() | a user-provided value |
-| flask_mail.py:13:22:13:41 | ControlFlowNode for Subscript | flask_mail.py:1:19:1:25 | ControlFlowNode for ImportMember | flask_mail.py:13:22:13:41 | ControlFlowNode for Subscript | Cross-site scripting vulnerability due to $@. | flask_mail.py:1:19:1:25 | ControlFlowNode for ImportMember | a user-provided value |
-| flask_mail.py:18:14:18:33 | ControlFlowNode for Subscript | flask_mail.py:1:19:1:25 | ControlFlowNode for ImportMember | flask_mail.py:18:14:18:33 | ControlFlowNode for Subscript | Cross-site scripting vulnerability due to $@. | flask_mail.py:1:19:1:25 | ControlFlowNode for ImportMember | a user-provided value |
-| flask_mail.py:31:24:31:43 | ControlFlowNode for Subscript | flask_mail.py:1:19:1:25 | ControlFlowNode for ImportMember | flask_mail.py:31:24:31:43 | ControlFlowNode for Subscript | Cross-site scripting vulnerability due to $@. | flask_mail.py:1:19:1:25 | ControlFlowNode for ImportMember | a user-provided value |
-| sendgrid_mail.py:14:22:14:49 | ControlFlowNode for Subscript | sendgrid_mail.py:1:19:1:25 | ControlFlowNode for ImportMember | sendgrid_mail.py:14:22:14:49 | ControlFlowNode for Subscript | Cross-site scripting vulnerability due to $@. | sendgrid_mail.py:1:19:1:25 | ControlFlowNode for ImportMember | a user-provided value |
-| sendgrid_mail.py:26:22:26:62 | ControlFlowNode for HtmlContent() | sendgrid_mail.py:1:19:1:25 | ControlFlowNode for ImportMember | sendgrid_mail.py:26:22:26:62 | ControlFlowNode for HtmlContent() | Cross-site scripting vulnerability due to $@. | sendgrid_mail.py:1:19:1:25 | ControlFlowNode for ImportMember | a user-provided value |
-| sendgrid_mail.py:37:41:37:68 | ControlFlowNode for Subscript | sendgrid_mail.py:1:19:1:25 | ControlFlowNode for ImportMember | sendgrid_mail.py:37:41:37:68 | ControlFlowNode for Subscript | Cross-site scripting vulnerability due to $@. | sendgrid_mail.py:1:19:1:25 | ControlFlowNode for ImportMember | a user-provided value |
-| sendgrid_via_mail_send_post_request_body_bad.py:16:26:16:79 | ControlFlowNode for Attribute() | sendgrid_via_mail_send_post_request_body_bad.py:3:19:3:25 | ControlFlowNode for ImportMember | sendgrid_via_mail_send_post_request_body_bad.py:16:26:16:79 | ControlFlowNode for Attribute() | Cross-site scripting vulnerability due to $@. | sendgrid_via_mail_send_post_request_body_bad.py:3:19:3:25 | ControlFlowNode for ImportMember | a user-provided value |
-| sendgrid_via_mail_send_post_request_body_bad.py:27:25:27:77 | ControlFlowNode for Attribute() | sendgrid_via_mail_send_post_request_body_bad.py:3:19:3:25 | ControlFlowNode for ImportMember | sendgrid_via_mail_send_post_request_body_bad.py:27:25:27:77 | ControlFlowNode for Attribute() | Cross-site scripting vulnerability due to $@. | sendgrid_via_mail_send_post_request_body_bad.py:3:19:3:25 | ControlFlowNode for ImportMember | a user-provided value |
-| sendgrid_via_mail_send_post_request_body_bad.py:41:25:41:79 | ControlFlowNode for Attribute() | sendgrid_via_mail_send_post_request_body_bad.py:3:19:3:25 | ControlFlowNode for ImportMember | sendgrid_via_mail_send_post_request_body_bad.py:41:25:41:79 | ControlFlowNode for Attribute() | Cross-site scripting vulnerability due to $@. | sendgrid_via_mail_send_post_request_body_bad.py:3:19:3:25 | ControlFlowNode for ImportMember | a user-provided value |
-| smtplib_bad_subparts.py:24:22:24:25 | ControlFlowNode for html | smtplib_bad_subparts.py:2:26:2:32 | ControlFlowNode for ImportMember | smtplib_bad_subparts.py:24:22:24:25 | ControlFlowNode for html | Cross-site scripting vulnerability due to $@. | smtplib_bad_subparts.py:2:26:2:32 | ControlFlowNode for ImportMember | a user-provided value |
-| smtplib_bad_via_attach.py:27:22:27:25 | ControlFlowNode for html | smtplib_bad_via_attach.py:2:26:2:32 | ControlFlowNode for ImportMember | smtplib_bad_via_attach.py:27:22:27:25 | ControlFlowNode for html | Cross-site scripting vulnerability due to $@. | smtplib_bad_via_attach.py:2:26:2:32 | ControlFlowNode for ImportMember | a user-provided value |
--- a/python/ql/test/experimental/query-tests/Security/CWE-079/EmailXss.qlref
+++ b/python/ql/test/experimental/query-tests/Security/CWE-079/EmailXss.qlref
@@ -1 +1,2 @@
-experimental/Security/CWE-079/EmailXss.ql
+query: experimental/Security/CWE-079/EmailXss.ql
+postprocess: utils/test/InlineExpectationsTestQuery.ql
--- a/python/ql/test/experimental/query-tests/Security/CWE-079/django_mail.py
+++ b/python/ql/test/experimental/query-tests/Security/CWE-079/django_mail.py
@@ -11,7 +11,7 @@ def django_response(request):
      https://github.com/django/django/blob/ca9872905559026af82000e46cde6f7dedc897b6/django/core/mail/__init__.py#L64
      """
    send_mail("Subject", "plain-text body", "from@example.com",
-              ["to@example.com"], html_message=django.http.request.GET.get("html"))
+              ["to@example.com"], html_message=django.http.request.GET.get("html")) # $ Alert


 def django_response(request):
@@ -20,6 +20,6 @@ def django_response(request):
    https://github.com/django/django/blob/ca9872905559026af82000e46cde6f7dedc897b6/django/core/mail/__init__.py#L90-L121
    """
    mail_admins("Subject", "plain-text body",
-                html_message=django.http.request.GET.get("html"))
+                html_message=django.http.request.GET.get("html")) # $ Alert
    mail_managers("Subject", "plain-text body",
-                  html_message=django.http.request.GET.get("html"))
+                  html_message=django.http.request.GET.get("html")) # $ Alert
--- a/python/ql/test/experimental/query-tests/Security/CWE-079/flask_mail.py
+++ b/python/ql/test/experimental/query-tests/Security/CWE-079/flask_mail.py
@@ -1,4 +1,4 @@
-from flask import request, Flask
+from flask import request, Flask # $ Source
 from flask_mail import Mail, Message

 app = Flask(__name__)
@@ -10,12 +10,12 @@ def send():
                sender="from@example.com",
                recipients=["to@example.com"],
                body="plain-text body",
-                html=request.args["html"])
+                html=request.args["html"]) # $ Alert

  # The message can contain a body and/or HTML:
  msg.body = "plain-text body"
  # The email's HTML can be set via msg.html or as an initialize argument when creating a Message object.
-  msg.html = request.args["html"]
+  msg.html = request.args["html"] # $ Alert

  mail.send(msg)

@@ -28,5 +28,5 @@ def connect():
    msg = Message(subject="Subject",
                  sender="from@example.com",
                  recipients=["to@example.com"],
-                  html=request.args["html"])
+                  html=request.args["html"]) # $ Alert
    conn.send(msg)
--- a/Show More
+++ b/Show More