Python: Add test showing misalignment of xml.etree modeling

python/ql/test/library-tests/frameworks/stdlib/XPathExecution.py

@@ -15,3 +15,8 @@ tree.parse("index.xhtml")
 tree.find(match, namespaces=ns)  # $ getXPath=match
 tree.findall(match, namespaces=ns)  # $ getXPath=match
 tree.findtext(match, default=None, namespaces=ns)  # $ getXPath=match
+
+parser = ET.XMLParser()
+parser.feed("<foo>bar</foo>") # $ decodeFormat=XML decodeInput="<foo>bar</foo>" xmlVuln='Billion Laughs' xmlVuln='Quadratic Blowup'
+tree = parser.close() # $ decodeOutput=parser.close()
+tree.find(match, namespaces=ns)  # $ MISSING: getXPath=match

python/ql/test/library-tests/frameworks/stdlib/xml_etree.py

@@ -22,6 +22,10 @@ xml.etree.ElementTree.parse(source=StringIO(x)) # $ decodeFormat=XML decodeInput
 xml.etree.ElementTree.iterparse(StringIO(x)) # $ decodeFormat=XML decodeInput=StringIO(..) xmlVuln='Billion Laughs' xmlVuln='Quadratic Blowup' decodeOutput=xml.etree.ElementTree.iterparse(..) getAPathArgument=StringIO(..)
 xml.etree.ElementTree.iterparse(source=StringIO(x)) # $ decodeFormat=XML decodeInput=StringIO(..) xmlVuln='Billion Laughs' xmlVuln='Quadratic Blowup' decodeOutput=xml.etree.ElementTree.iterparse(..) getAPathArgument=StringIO(..)
 
+tree = xml.etree.ElementTree.ElementTree()
+tree.parse("file.xml") # $ MISSING: decodeFormat=XML decodeInput="file.xml" xmlVuln='Billion Laughs' xmlVuln='Quadratic Blowup' decodeOutput=tree.parse(..) getAPathArgument="file.xml"
+tree.parse(source="file.xml") # $ MISSING: decodeFormat=XML decodeInput="file.xml" xmlVuln='Billion Laughs' xmlVuln='Quadratic Blowup' decodeOutput=tree.parse(..) getAPathArgument="file.xml"
+
 
 # With parsers (no options available to disable/enable security features)
 parser = xml.etree.ElementTree.XMLParser()