python: remove remaining explicit taint steps

2026-04-27 09:45:15 +02:00 · 2023-06-09 13:11:55 +02:00
parent 1d65284011
commit b72c93ff4f
9 changed files with 26 additions and 89 deletions
--- a/python/ql/test/experimental/dataflow/summaries/summaries.expected
+++ b/python/ql/test/experimental/dataflow/summaries/summaries.expected
@@ -4,9 +4,7 @@ edges
 | summaries.py:36:18:36:54 | ControlFlowNode for apply_lambda() | summaries.py:37:6:37:19 | ControlFlowNode for tainted_lambda |
 | summaries.py:36:48:36:53 | ControlFlowNode for SOURCE | summaries.py:36:18:36:54 | ControlFlowNode for apply_lambda() |
 | summaries.py:44:16:44:33 | ControlFlowNode for reversed() [List element] | summaries.py:45:6:45:17 | ControlFlowNode for tainted_list [List element] |
-| summaries.py:44:25:44:32 | ControlFlowNode for List | summaries.py:45:6:45:20 | ControlFlowNode for Subscript |
 | summaries.py:44:25:44:32 | ControlFlowNode for List [List element] | summaries.py:44:16:44:33 | ControlFlowNode for reversed() [List element] |
-| summaries.py:44:26:44:31 | ControlFlowNode for SOURCE | summaries.py:44:25:44:32 | ControlFlowNode for List |
 | summaries.py:44:26:44:31 | ControlFlowNode for SOURCE | summaries.py:44:25:44:32 | ControlFlowNode for List [List element] |
 | summaries.py:45:6:45:17 | ControlFlowNode for tainted_list [List element] | summaries.py:45:6:45:20 | ControlFlowNode for Subscript |
 | summaries.py:51:18:51:46 | ControlFlowNode for list_map() [List element] | summaries.py:52:6:52:19 | ControlFlowNode for tainted_mapped [List element] |
@@ -36,7 +34,6 @@ nodes
 | summaries.py:36:48:36:53 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
 | summaries.py:37:6:37:19 | ControlFlowNode for tainted_lambda | semmle.label | ControlFlowNode for tainted_lambda |
 | summaries.py:44:16:44:33 | ControlFlowNode for reversed() [List element] | semmle.label | ControlFlowNode for reversed() [List element] |
-| summaries.py:44:25:44:32 | ControlFlowNode for List | semmle.label | ControlFlowNode for List |
 | summaries.py:44:25:44:32 | ControlFlowNode for List [List element] | semmle.label | ControlFlowNode for List [List element] |
 | summaries.py:44:26:44:31 | ControlFlowNode for SOURCE | semmle.label | ControlFlowNode for SOURCE |
 | summaries.py:45:6:45:17 | ControlFlowNode for tainted_list [List element] | semmle.label | ControlFlowNode for tainted_list [List element] |
--- a/python/ql/test/experimental/dataflow/tainttracking/defaultAdditionalTaintStep/test_collections.py
+++ b/python/ql/test/experimental/dataflow/tainttracking/defaultAdditionalTaintStep/test_collections.py
@@ -31,8 +31,8 @@ def test_construction():
        list(tainted_list), # $ tainted
        list(tainted_tuple), # $ tainted
        list(tainted_set), # $ tainted
-        list(tainted_dict.values()), # $ tainted
-        list(tainted_dict.items()), # $ tainted
+        list(tainted_dict.values()), # $ MISSING: tainted
+        list(tainted_dict.items()), # $ MISSING: tainted

        tuple(tainted_list), # $ tainted
        set(tainted_list), # $ tainted
@@ -56,10 +56,10 @@ def test_access(x, y, z):
        tainted_list[x], # $ tainted
        tainted_list[y:z], # $ tainted

-        sorted(tainted_list), # $ tainted
-        reversed(tainted_list), # $ tainted
-        iter(tainted_list), # $ tainted
-        next(iter(tainted_list)), # $ tainted
+        sorted(tainted_list), # $ MISSING: tainted
+        reversed(tainted_list), # $ MISSING: tainted
+        iter(tainted_list), # $ MISSING: tainted
+        next(iter(tainted_list)), # $ MISSING: tainted
        [i for i in tainted_list], # $ tainted
        [tainted_list for _i in [1,2,3]], # $ MISSING: tainted
    )
@@ -70,7 +70,7 @@ def test_access(x, y, z):
    for h in tainted_list:
        ensure_tainted(h) # $ tainted
    for i in reversed(tainted_list):
-        ensure_tainted(i) # $ tainted
+        ensure_tainted(i) # $ MISSING: tainted

 def test_access_explicit(x, y, z):
    tainted_list = [TAINTED_STRING]
@@ -80,10 +80,10 @@ def test_access_explicit(x, y, z):
        tainted_list[x], # $ tainted
        tainted_list[y:z], # $ tainted

-        sorted(tainted_list)[0], # $ tainted
+        sorted(tainted_list)[0], # $ MISSING: tainted
        reversed(tainted_list)[0], # $ tainted
-        iter(tainted_list), # $ tainted
-        next(iter(tainted_list)), # $ tainted
+        iter(tainted_list), # $ MISSING: tainted
+        next(iter(tainted_list)), # $ MISSING: tainted
        [i for i in tainted_list], # $ tainted
        [tainted_list for i in [1,2,3]], # $ MISSING: tainted
        [TAINTED_STRING for i in [1,2,3]], # $ tainted
@@ -109,9 +109,9 @@ def test_dict_access(x):
    )

    for v in tainted_dict.values():
-        ensure_tainted(v) # $ tainted
+        ensure_tainted(v) # $ MISSING: tainted
    for k, v in tainted_dict.items():
-        ensure_tainted(v) # $ tainted
+        ensure_tainted(v) # $ MISSING: tainted


 def test_named_tuple(): # TODO: namedtuple currently not handled
@@ -194,7 +194,7 @@ def list_append():
    ensure_not_tainted(my_list)

    my_list.append(tainted_string)
-    ensure_tainted(my_list) # $ tainted
+    ensure_tainted(my_list) # $ MISSING: tainted


 def list_extend():
@@ -262,7 +262,7 @@ def set_add():
    ensure_not_tainted(my_set)

    my_set.add(tainted_string)
-    ensure_tainted(my_set) # $ tainted
+    ensure_tainted(my_set) # $ MISSING: tainted


 # Make tests runable