hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #16923 from RasmusWL/impossible-isinstance

Browse Source 
Python: Add test for impossible isinstance flow
This commit is contained in:
yoff
2024-07-29 09:33:30 +02:00
committed by GitHub
parent e1329dff72 173cd13ded
commit d23d138e7d
3 changed files with 17 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
python/ql/test/library-tests/dataflow/tainttracking/isinstance/InlineTaintTest.expected Normal file
View File

@@ -0,0 +1,4 @@
argumentToEnsureNotTaintedNotMarkedAsSpurious
untaintedArgumentToEnsureTaintedNotMarkedAsMissing
testFailures
failures

2
python/ql/test/library-tests/dataflow/tainttracking/isinstance/InlineTaintTest.ql Normal file
View File

@@ -0,0 +1,2 @@
import experimental.meta.InlineTaintTest
import MakeInlineTaintTest<TestTaintTrackingConfig>

11
python/ql/test/library-tests/dataflow/tainttracking/isinstance/test.py Normal file
View File

@@ -0,0 +1,11 @@
def impossible_flow(cond: bool):
TAINTED_STRING = "ts"
x = (TAINTED_STRING, 42) if cond else "SAFE"
if isinstance(x, str):
# tainted-flow to here is impossible, replicated from path-flow seen in a real
# repo.
ensure_not_tainted(x) # $ SPURIOUS: tainted
else:
ensure_tainted(x) # $ tainted
ensure_tainted(x[0]) # $ tainted