hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 12:46:34 +01:00
Code Issues Packages Projects Releases Wiki Activity

Python: more realistic summaries

Browse Source
This commit is contained in:
Rasmus Lerchedahl Petersen
2024-04-23 11:30:32 +02:00
parent c2252e12ac
commit adc82b553b
3 changed files with 8 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
python/ql/test/library-tests/dataflow/model-summaries/InlineTaintTest.ext.yml
View File

@@ -18,6 +18,6 @@ extensions:
- ["foo", "Member[MS_spread]", "Argument[0]", "ReturnValue.TupleElement[0]", "value"]
- ["foo", "Member[MS_spread]", "Argument[1]", "ReturnValue.TupleElement[1]", "value"]
- ["foo", "Member[MS_spread_all]", "Argument[0]", "ReturnValue.TupleElement[0,1]", "value"]
- ["foo", "Member[MS_Class].Call", "Argument[0, x:]", "ReturnValue", "value"]
- ["foo", "Member[MS_Class_transitive].Subclass.Call", "Argument[0, x:]", "ReturnValue", "value"]
- ["foo", "Member[MS_Class].Call", "Argument[0, x:]", "ReturnValue.Attribute[config]", "value"]
- ["foo", "Member[MS_Class_transitive].Subclass.Call", "Argument[0, x:]", "ReturnValue.Attribute[config]", "value"]
- ["json", "Member[MS_loads]", "Argument[0]", "ReturnValue", "taint"]

4
python/ql/test/library-tests/dataflow/model-summaries/NormalDataflowTest.ext.yml
View File

@@ -18,6 +18,6 @@ extensions:
- ["foo", "Member[MS_spread]", "Argument[0]", "ReturnValue.TupleElement[0]", "value"]
- ["foo", "Member[MS_spread]", "Argument[1]", "ReturnValue.TupleElement[1]", "value"]
- ["foo", "Member[MS_spread_all]", "Argument[0]", "ReturnValue.TupleElement[0,1]", "value"]
- ["foo", "Member[MS_Class].Call", "Argument[0, x:]", "ReturnValue", "value"]
- ["foo", "Member[MS_Class_transitive].Subclass.Call", "Argument[0, x:]", "ReturnValue", "value"]
- ["foo", "Member[MS_Class].Call", "Argument[0, x:]", "ReturnValue.Attribute[config]", "value"]
- ["foo", "Member[MS_Class_transitive].Subclass.Call", "Argument[0, x:]", "ReturnValue.Attribute[config]", "value"]
- ["json", "Member[MS_loads]", "Argument[0]", "ReturnValue", "taint"]

8
python/ql/test/library-tests/dataflow/model-summaries/model_summaries.py
View File

@@ -126,19 +126,19 @@ from foo import MS_Class, MS_Class_transitive
# Class summaries
class_via_positional = MS_Class(SOURCE)
SINK(class_via_positional) # $ flow="SOURCE, l:-1 -> class_via_positional"
SINK(class_via_positional.config) # $ flow="SOURCE, l:-1 -> class_via_positional.config"
class_via_kw = MS_Class(x = SOURCE)
SINK(class_via_kw) # $ flow="SOURCE, l:-1 -> class_via_kw"
SINK(class_via_kw.config) # $ flow="SOURCE, l:-1 -> class_via_kw.config"
class C(MS_Class_transitive):
pass
subclass_via_positional = C(SOURCE)
SINK(subclass_via_positional) # $ flow="SOURCE, l:-1 -> subclass_via_positional"
SINK(subclass_via_positional.config) # $ flow="SOURCE, l:-1 -> subclass_via_positional.config"
subclass_via_kw = C(x = SOURCE)
SINK(subclass_via_kw) # $ flow="SOURCE, l:-1 -> subclass_via_kw"
SINK(subclass_via_kw.config) # $ flow="SOURCE, l:-1 -> subclass_via_kw.config"
# Modeled flow-summary is not value preserving
from json import MS_loads as json_loads