hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-29 02:35:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'main' into amammad-python-FileSystemAccess

Browse Source
This commit is contained in:
Rasmus Wriedt Larsen
2023-11-06 11:30:09 +01:00
parent 3d8a7e0ee3 c6bc1a3f3a
commit 92b13c4259
2230 changed files with 173570 additions and 80538 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
python/ql/test/library-tests/ApiGraphs/py3/dataflow-consistency.expected
View File

@@ -27,7 +27,5 @@ uniqueParameterNodeAtPosition
uniqueParameterNodePosition
uniqueContentApprox
identityLocalStep
| test_captured.py:7:22:7:22 | ControlFlowNode for p | Node steps to itself |
| test_captured.py:14:26:14:27 | ControlFlowNode for pp | Node steps to itself |
missingArgumentCall
multipleArgumentCall

8
python/ql/test/library-tests/ApiGraphs/py3/test_import_star.py
View File

@@ -2,9 +2,11 @@
from unknown import * #$ use=moduleImport("unknown")
# Currently missing, as we do not consider `hello` to be a `LocalSourceNode`, since it has flow
# going into it from its corresponding `GlobalSsaVariable`.
hello() #$ MISSING: use=moduleImport("unknown").getMember("hello").getReturn()
# This used to be missing, as we did not consider `hello` to be a `LocalSourceNode`,
# since it has flow going into it from its corresponding `GlobalSsaVariable`.
hello() #$ use=moduleImport("unknown").getMember("hello").getReturn()
print(const_from_unknown) #$ use=moduleImport("unknown").getMember("const_from_unknown")
# We don't want our analysis to think that either `non_module_member` or `outer_bar` can
# come from `from unknown import *`

3
python/ql/test/library-tests/PointsTo/regressions/wrong/module-imports/conflict-stdlib/LocalModuleWithRef.expected
View File

@@ -0,0 +1,3 @@
| Local module | code-invalid-package-name/cmd.py:0:0:0:0 | Module cmd | referenced in external file called | pdb.py |
| Local module | code-invalid-package-name/cmd.py:0:0:0:0 | Module cmd | referenced in local file called | test_ok.py |
| Local module | code-invalid-package-name/unique_name.py:0:0:0:0 | Module unique_name | referenced in local file called | unique_name_use.py |

4
python/ql/test/library-tests/PointsTo/regressions/wrong/module-imports/conflict-stdlib/LocalModules.expected
View File

@@ -1,5 +1,5 @@
| code-invalid-package-name/cmd.py:0:0:0:0 | Script cmd.py |
| code-invalid-package-name/cmd.py:0:0:0:0 | Module cmd |
| code-invalid-package-name/test_fail.py:0:0:0:0 | Script test_fail.py |
| code-invalid-package-name/test_ok.py:0:0:0:0 | Script test_ok.py |
| code-invalid-package-name/unique_name.py:0:0:0:0 | Script unique_name.py |
| code-invalid-package-name/unique_name.py:0:0:0:0 | Module unique_name |
| code-invalid-package-name/unique_name_use.py:0:0:0:0 | Script unique_name_use.py |

4
python/ql/test/library-tests/PointsTo/regressions/wrong/module-imports/conflict-stdlib/ModuleWithLocalRef.expected
View File

@@ -1,3 +1,3 @@
| Module 'cmd' (external, in stdlib, not missing) referenced in local file | code-invalid-package-name/test_ok.py:1 |
| Module 'cmd' (local, not in stdlib, not missing) referenced in local file | code-invalid-package-name/test_ok.py:1 |
| Module 'pdb' (external, in stdlib, not missing) referenced in local file | code-invalid-package-name/test_fail.py:3 |
| Module 'unique_name' (external, not in stdlib, missing) referenced in local file | code-invalid-package-name/unique_name_use.py:1 |
| Module 'unique_name' (local, not in stdlib, not missing) referenced in local file | code-invalid-package-name/unique_name_use.py:1 |

18
python/ql/test/library-tests/frameworks/django-orm/dataflow-consistency.expected
View File

@@ -106,23 +106,5 @@ uniqueParameterNodeAtPosition
uniqueParameterNodePosition
uniqueContentApprox
identityLocalStep
| testapp/orm_tests.py:217:24:217:29 | ControlFlowNode for SOURCE | Node steps to itself |
| testapp/orm_tests.py:244:24:244:29 | ControlFlowNode for SOURCE | Node steps to itself |
| testapp/orm_tests.py:283:20:283:25 | ControlFlowNode for SOURCE | Node steps to itself |
| testapp/orm_tests.py:299:15:299:22 | ControlFlowNode for TestLoad | Node steps to itself |
| testapp/orm_tests.py:300:20:300:25 | ControlFlowNode for SOURCE | Node steps to itself |
| testapp/orm_tests.py:310:9:310:12 | ControlFlowNode for SINK | Node steps to itself |
| testapp/orm_tests.py:316:9:316:12 | ControlFlowNode for SINK | Node steps to itself |
| testapp/orm_tests.py:326:9:326:12 | ControlFlowNode for SINK | Node steps to itself |
| testapp/orm_tests.py:333:9:333:12 | ControlFlowNode for SINK | Node steps to itself |
| testapp/orm_tests.py:339:9:339:12 | ControlFlowNode for SINK | Node steps to itself |
| testapp/orm_tests.py:346:9:346:12 | ControlFlowNode for SINK | Node steps to itself |
| testapp/orm_tests.py:352:9:352:12 | ControlFlowNode for SINK | Node steps to itself |
| testapp/orm_tests.py:358:9:358:12 | ControlFlowNode for SINK | Node steps to itself |
| testapp/orm_tests.py:365:9:365:12 | ControlFlowNode for SINK | Node steps to itself |
| testapp/tests.py:12:13:12:14 | ControlFlowNode for re | Node steps to itself |
| testapp/tests.py:16:9:16:18 | ControlFlowNode for test_names | Node steps to itself |
| testapp/tests.py:25:13:25:14 | ControlFlowNode for re | Node steps to itself |
| testapp/tests.py:31:9:31:18 | ControlFlowNode for test_names | Node steps to itself |
missingArgumentCall
multipleArgumentCall

2
python/ql/test/library-tests/frameworks/joblib/ConceptsTest.expected Normal file
View File

@@ -0,0 +1,2 @@
failures
testFailures

2
python/ql/test/library-tests/frameworks/joblib/ConceptsTest.ql Normal file
View File

@@ -0,0 +1,2 @@
import python
import experimental.meta.ConceptsTest

4
python/ql/test/library-tests/frameworks/joblib/Decoding.py Normal file
View File

@@ -0,0 +1,4 @@
import joblib
joblib.load(file_) # $ decodeInput=file_ decodeOutput=joblib.load(..) decodeFormat=joblib decodeMayExecuteInput
joblib.load(filename=file_) # $ decodeInput=file_ decodeOutput=joblib.load(..) decodeFormat=joblib decodeMayExecuteInput

2
python/ql/test/library-tests/frameworks/numpy/ConceptsTest.expected Normal file
View File

@@ -0,0 +1,2 @@
failures
testFailures

2
python/ql/test/library-tests/frameworks/numpy/ConceptsTest.ql Normal file
View File

@@ -0,0 +1,2 @@
import python
import experimental.meta.ConceptsTest

6
python/ql/test/library-tests/frameworks/numpy/Decoding.py Normal file
View File

@@ -0,0 +1,6 @@
import numpy
numpy.load(file_) # $ decodeInput=file_ decodeOutput=numpy.load(..) decodeFormat=numpy
numpy.load(filename=file_) # $ decodeInput=file_ decodeOutput=numpy.load(..) decodeFormat=numpy
numpy.load(file_, allow_pickle=True) # $ decodeInput=file_ decodeOutput=numpy.load(..) decodeFormat=numpy decodeFormat=pickle decodeMayExecuteInput
numpy.load(file_, None, True) # $ decodeInput=file_ decodeOutput=numpy.load(..) decodeFormat=numpy decodeFormat=pickle decodeMayExecuteInput

2
python/ql/test/library-tests/frameworks/pandas/ConceptsTest.expected Normal file
View File

@@ -0,0 +1,2 @@
failures
testFailures

2
python/ql/test/library-tests/frameworks/pandas/ConceptsTest.ql Normal file
View File

@@ -0,0 +1,2 @@
import python
import experimental.meta.ConceptsTest

4
python/ql/test/library-tests/frameworks/pandas/Decoding.py Normal file
View File

@@ -0,0 +1,4 @@
import pandas
pandas.read_pickle(file_) # $ decodeInput=file_ decodeOutput=pandas.read_pickle(..) decodeFormat=pickle decodeMayExecuteInput
pandas.read_pickle(filepath_or_buffer=file_) # $ decodeInput=file_ decodeOutput=pandas.read_pickle(..) decodeFormat=pickle decodeMayExecuteInput