hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'main' into python/interpret-summary-content

Browse Source
This commit is contained in:
yoff
2023-05-10 11:41:50 +02:00
committed by GitHub
parent 064877140e f62bbf2d4c
commit 9bd3957bc8
154 changed files with 1307 additions and 2931 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
python/ql/test/experimental/dataflow/testConfig.qll
View File

@@ -46,6 +46,4 @@ class TestConfiguration extends DataFlow::Configuration {
}
override predicate isBarrierIn(DataFlow::Node node) { this.isSource(node) }
override int explorationLimit() { result = 5 }
}

2
python/ql/test/experimental/dataflow/testTaintConfig.qll
View File

@@ -46,6 +46,4 @@ class TestConfiguration extends TaintTracking::Configuration {
}
override predicate isSanitizerIn(DataFlow::Node node) { this.isSource(node) }
override int explorationLimit() { result = 5 }
}

6
python/ql/test/experimental/dataflow/variable-capture/dataflow-consistency.expected
View File

@@ -30,6 +30,6 @@ uniqueParameterNodeAtPosition
uniqueParameterNodePosition
uniqueContentApprox
identityLocalStep
| collections.py:36:10:36:15 | ControlFlowNode for SOURCE | Node steps to itself |
| collections.py:45:19:45:21 | ControlFlowNode for mod | Node steps to itself |
| collections.py:52:13:52:21 | ControlFlowNode for mod_local | Node steps to itself |
| test_collections.py:36:10:36:15 | ControlFlowNode for SOURCE | Node steps to itself |
| test_collections.py:45:19:45:21 | ControlFlowNode for mod | Node steps to itself |
| test_collections.py:52:13:52:21 | ControlFlowNode for mod_local | Node steps to itself |

26
python/ql/test/experimental/meta/debug/InlineTaintTestPaths.ql
View File

@@ -9,17 +9,27 @@
// 3. if necessary, look at partial paths by (un)commenting appropriate lines
import python
import semmle.python.dataflow.new.DataFlow
import semmle.python.dataflow.new.TaintTracking
import experimental.meta.InlineTaintTest::Conf
// import DataFlow::PartialPathGraph
import DataFlow::PathGraph
class Conf extends TestTaintTrackingConfiguration {
// override int explorationLimit() { result = 5 }
module Config implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node source) {
any(TestTaintTrackingConfiguration c).isSource(source)
}
predicate isSink(DataFlow::Node source) { any(TestTaintTrackingConfiguration c).isSink(source) }
}
// from Conf config, DataFlow::PartialPathNode source, DataFlow::PartialPathNode sink
// where config.hasPartialFlow(source, sink, _)
from Conf config, DataFlow::PathNode source, DataFlow::PathNode sink
where config.hasFlowPath(source, sink)
module Flows = TaintTracking::Global<Config>;
import Flows::PathGraph
// int explorationLimit() { result = 5 }
// module FlowsPartial = Flows::FlowExploration<explorationLimit/0>;
// import FlowsPartial::PartialPathGraph
from Flows::PathNode source, Flows::PathNode sink
where Flows::flowPath(source, sink)
// from FlowsPartial::PartialPathNode source, FlowsPartial::PartialPathNode sink
// where FlowsPartial::partialFlow(source, sink, _)
select sink.getNode(), source, sink, "This node receives taint from $@.", source.getNode(),
"this source"

25
python/ql/test/experimental/meta/debug/dataflowTestPaths.ql
View File

@@ -10,16 +10,23 @@
import python
import semmle.python.dataflow.new.DataFlow
import experimental.dataflow.testConfig
// import DataFlow::PartialPathGraph
import DataFlow::PathGraph
class Conf extends TestConfiguration {
override int explorationLimit() { result = 5 }
module Config implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node source) { any(TestConfiguration c).isSource(source) }
predicate isSink(DataFlow::Node source) { any(TestConfiguration c).isSink(source) }
}
// from Conf config, DataFlow::PartialPathNode source, DataFlow::PartialPathNode sink
// where config.hasPartialFlow(source, sink, _)
from Conf config, DataFlow::PathNode source, DataFlow::PathNode sink
where config.hasFlowPath(source, sink)
select sink.getNode(), source, sink, "This node receives taint from $@.", source.getNode(),
module Flows = DataFlow::Global<Config>;
import Flows::PathGraph
// int explorationLimit() { result = 5 }
// module FlowsPartial = Flows::FlowExploration<explorationLimit/0>;
// import FlowsPartial::PartialPathGraph
from Flows::PathNode source, Flows::PathNode sink
where Flows::flowPath(source, sink)
// from FlowsPartial::PartialPathNode source, FlowsPartial::PartialPathNode sink
// where FlowsPartial::partialFlow(source, sink, _)
select sink.getNode(), source, sink, "This node receives flow from $@.", source.getNode(),
"this source"