mirror of
https://github.com/github/codeql.git
synced 2025-12-20 18:56:32 +01:00
Improve tests' readability
This commit is contained in:
jorgectf
@@ -1,5 +1,3 @@
|
||||
# move outside test folder
|
||||
|
||||
from flask import request, Flask
|
||||
import re
|
||||
|
||||
@@ -8,19 +6,37 @@ app = Flask(__name__)
|
||||
|
||||
@app.route("/direct")
|
||||
def direct():
|
||||
pattern = request.args['pattern']
|
||||
re.search(pattern, "")
|
||||
"""
|
||||
A RemoteFlowSource is used directly as re.search's pattern
|
||||
"""
|
||||
|
||||
unsafe_pattern = request.args["pattern"]
|
||||
re.search(unsafe_pattern, "")
|
||||
|
||||
|
||||
# A RemoteFlowSource is used directly as re.compile's pattern
|
||||
|
||||
@app.route("/compile")
|
||||
def compile():
|
||||
pattern = re.compile(request.args['pattern'])
|
||||
pattern.search("")
|
||||
"""
|
||||
A RemoteFlowSource is used directly as re.compile's pattern
|
||||
which also executes .search()
|
||||
"""
|
||||
|
||||
unsafe_pattern = request.args["pattern"]
|
||||
compiled_pattern = re.compile(unsafe_pattern)
|
||||
compiled_pattern.search("")
|
||||
|
||||
|
||||
@app.route("/compile_direct")
|
||||
def compile_direct():
|
||||
re.compile(request.args['pattern']).search("")
|
||||
"""
|
||||
A RemoteFlowSource is used directly as re.compile's pattern
|
||||
which also executes .search() in the same line
|
||||
"""
|
||||
|
||||
unsafe_pattern = request.args["pattern"]
|
||||
re.compile(unsafe_pattern).search("")
|
||||
|
||||
# if __name__ == "__main__":
|
||||
# app.run(debug=True)
|
||||
|
||||
@@ -1,5 +1,3 @@
|
||||
# move outside test folder
|
||||
|
||||
from flask import request, Flask
|
||||
import re
|
||||
|
||||
@@ -8,19 +6,39 @@ app = Flask(__name__)
|
||||
|
||||
@app.route("/direct")
|
||||
def direct():
|
||||
pattern = re.escape(request.args['pattern'])
|
||||
re.search(pattern, "")
|
||||
"""
|
||||
A RemoteFlowSource is escaped by re.escape and then used as
|
||||
re'search pattern
|
||||
"""
|
||||
|
||||
unsafe_pattern = request.args['pattern']
|
||||
safe_pattern = re.escape(unsafe_pattern)
|
||||
re.search(safe_pattern, "")
|
||||
|
||||
|
||||
@app.route("/compile")
|
||||
def compile():
|
||||
pattern = re.compile(re.escape(request.args['pattern']))
|
||||
pattern.search("")
|
||||
"""
|
||||
A RemoteFlowSource is escaped by re.escape and used as re.compile's
|
||||
pattern which also executes .search()
|
||||
"""
|
||||
|
||||
unsafe_pattern = request.args['pattern']
|
||||
safe_pattern = re.escape(unsafe_pattern)
|
||||
compiled_pattern = re.compile(safe_pattern)
|
||||
compiled_pattern.search("")
|
||||
|
||||
|
||||
@app.route("/compile_direct")
|
||||
def compile_direct():
|
||||
re.compile(re.escape(request.args['pattern'])).search("")
|
||||
"""
|
||||
A RemoteFlowSource is escaped by re.escape and then used as re.compile's
|
||||
pattern which also executes .search() in the same line
|
||||
"""
|
||||
|
||||
unsafe_pattern = request.args['pattern']
|
||||
safe_pattern = re.escape(unsafe_pattern)
|
||||
re.compile(safe_pattern).search("")
|
||||
|
||||
|
||||
# if __name__ == "__main__":
|
||||
|
||||
Reference in New Issue
Block a user