Add additional tests demonstrating false negative flow

2026-04-25 08:45:14 +02:00 · 2024-12-12 15:55:36 +00:00
parent e6794a9af1
commit dcbcf7e2bd
1 changed files with 16 additions and 0 deletions
--- a/python/ql/test/library-tests/frameworks/lxml/taint_test.py
+++ b/python/ql/test/library-tests/frameworks/lxml/taint_test.py
@@ -1,5 +1,6 @@
 import lxml.etree as ET
 import io
+import typing

 def ensure_tainted(*args):
    print("ensure_tainted: ", *args)
@@ -133,6 +134,21 @@ def test():
        )

    func(tree2)
+
+    def func2(x):
+        return x 
+
+    def func3(x) -> ET.Element:
+        return x
+
+    ensure_tainted(
+        func2(tree), # $ tainted
+        func2(tree).text, # $ MISSING:tainted - type tracking not tracked through flow preserving calls
+        func3(tree).text, # $ MISSING:tainted - this includes if there is a type hint annotation on the return
+        typing.cast(ET.ElementTree, tree), # $ tainted
+        typing.cast(ET.ElementTree, tree).text, # $ MISSING:tainted - this includes for flow summary models
+
+    )
    

 test()