Python: Taint tests: include elment for forgotten MISSING

2026-04-30 11:15:13 +02:00 · 2021-04-19 15:01:10 +02:00
parent 9585390941
commit d607c13ab6
2 changed files with 6 additions and 3 deletions
--- a/python/ql/test/experimental/meta/InlineTaintTest.qll
+++ b/python/ql/test/experimental/meta/InlineTaintTest.qll
@@ -78,10 +78,13 @@ query predicate argumentToEnsureNotTaintedNotMarkedAsSpurious(
  )
 }

-query predicate untaintedArgumentToEnsureTaintedNotMarkedAsMissing(Location location, string error) {
+query predicate untaintedArgumentToEnsureTaintedNotMarkedAsMissing(
+  Location location, string error, string element
+) {
  error = "ERROR, you should add `# $ MISSING: tainted` annotation" and
  exists(DataFlow::Node sink |
    sink = shouldBeTainted() and
+    element = prettyExp(sink.asExpr()) and
    not any(TestTaintTrackingConfiguration config).hasFlow(_, sink) and
    location = sink.getLocation() and
    not exists(FalseNegativeExpectation missingResult |
--- a/python/ql/test/experimental/meta/inline-taint-test-demo/InlineTaintTest.expected
+++ b/python/ql/test/experimental/meta/inline-taint-test-demo/InlineTaintTest.expected
@@ -1,7 +1,7 @@
 argumentToEnsureNotTaintedNotMarkedAsSpurious
 | taint_test.py:48:9:48:29 | taint_test.py:48 | ERROR, you should add `SPURIOUS:` to this annotation | should_not_be_tainted |
 untaintedArgumentToEnsureTaintedNotMarkedAsMissing
-| taint_test.py:32:9:32:25 | taint_test.py:32 | ERROR, you should add `# $ MISSING: tainted` annotation |
-| taint_test.py:37:24:37:40 | taint_test.py:37 | ERROR, you should add `# $ MISSING: tainted` annotation |
+| taint_test.py:32:9:32:25 | taint_test.py:32 | ERROR, you should add `# $ MISSING: tainted` annotation | should_be_tainted |
+| taint_test.py:37:24:37:40 | taint_test.py:37 | ERROR, you should add `# $ MISSING: tainted` annotation | should_be_tainted |
 failures
 | taint_test.py:41:20:41:21 | ts | Fixed missing result:tainted= |