Python: Adjust getARelevantTag

2026-05-03 12:45:27 +02:00 · 2020-10-14 08:44:04 +02:00
parent 3b9ea3a958
commit a76d276b48
5 changed files with 11 additions and 8 deletions
--- a/python/ql/test/experimental/library-tests/frameworks/dill/UnmarshalFunction.py
+++ b/python/ql/test/experimental/library-tests/frameworks/dill/UnmarshalFunction.py
@@ -1,4 +1,4 @@
 import dill

-dill.loads(payload)  # $UNSAFE_getAnInput=payload $UNSAFE_getOutput=Attribute() $UNSAFE_getFormat=ASCII
-dill.loads(payload, encoding='latin1')  # $UNSAFE_getAnInput=payload $UNSAFE_getOutput=Attribute() $UNSAFE_getFormat=latin1
+dill.loads(payload)  # $UNSAFE_getAnInput=payload $UNSAFE_getOutput=Attribute() $UNSAFE_getFormat=dill
+dill.loads(payload, encoding='latin1')  # $UNSAFE_getAnInput=payload $UNSAFE_getOutput=Attribute() $UNSAFE_getFormat=dill
--- a/python/ql/test/experimental/library-tests/frameworks/stdlib/UnmarshalFunction.py
+++ b/python/ql/test/experimental/library-tests/frameworks/stdlib/UnmarshalFunction.py
@@ -10,6 +10,6 @@ app = Flask(__name__)
@app.route("/")
 def hello():
    payload = request.args.get("payload")
-    pickle.loads(payload)  # $UNSAFE_getAnInput=payload $UNSAFE_getOutput=Attribute() $UNSAFE_getFormat=ASCII
-    pickle.loads(payload, encoding='latin1')  # $UNSAFE_getAnInput=payload $UNSAFE_getOutput=Attribute() $UNSAFE_getFormat=latin1
-    marshal.loads(payload)  # $UNSAFE_getAnInput=payload $UNSAFE_getOutput=Attribute()
+    pickle.loads(payload)  # $UNSAFE_getAnInput=payload $UNSAFE_getOutput=Attribute() $UNSAFE_getFormat=pickle
+    pickle.loads(payload, encoding='latin1')  # $UNSAFE_getAnInput=payload $UNSAFE_getOutput=Attribute() $UNSAFE_getFormat=pickle
+    marshal.loads(payload)  # $UNSAFE_getAnInput=payload $UNSAFE_getOutput=Attribute() $UNSAFE_getFormat=marshal
--- a/python/ql/test/experimental/library-tests/frameworks/yaml/UnmarshalFunction.py
+++ b/python/ql/test/experimental/library-tests/frameworks/yaml/UnmarshalFunction.py
@@ -10,5 +10,5 @@ app = Flask(__name__)
@app.route("/")
 def hello():
    payload = request.args.get("payload")
-    yaml.load(payload)  # $UNSAFE_getAnInput=payload $UNSAFE_getOutput=Attribute()
-    yaml.load(payload, Loader=SafeLoader)  # $getAnInput=payload $getOutput=Attribute()
+    yaml.load(payload)  # $UNSAFE_getAnInput=payload $UNSAFE_getOutput=Attribute() $UNSAFE_getFormat=YAML
+    yaml.load(payload, Loader=SafeLoader)  # $getAnInput=payload $getOutput=Attribute() $getFormat=YAML
--- a/python/ql/test/experimental/meta/ConceptsTest.qll
+++ b/python/ql/test/experimental/meta/ConceptsTest.qll
@@ -36,7 +36,7 @@ class SystemCommandExecutionTest extends InlineExpectationsTest {
 class UnmarshalingFunctionTest extends InlineExpectationsTest {
  UnmarshalingFunctionTest() { this = "UnmarshalingFunctionTest" }

-  override string getARelevantTag() { result = "getData" }
+  override string getARelevantTag() { result in ["getAnInput", "getOutput", "getFormat"] }

  override predicate hasActualResult(Location location, string element, string tag, string value) {
    exists(location.getFile().getRelativePath()) and