hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 19:26:02 +02:00
Code Issues Packages Projects Releases Wiki Activity

Python: Better taint tests for copy.deepcopy

Browse Source
This commit is contained in:
Rasmus Wriedt Larsen
2020-09-01 11:50:33 +02:00
parent cf2eacd7a6
commit e5a361c230
2 changed files with 82 additions and 63 deletions
Download Patch File Download Diff File Expand all files Collapse all files

122
python/ql/test/experimental/dataflow/tainttracking/defaultAdditionalTaintStep/TestTaint.expected
View File

@@ -1,67 +1,69 @@
| test_collections.py:24 | ok | test_construction | tainted_string |
| test_collections.py:25 | ok | test_construction | tainted_list |
| test_collections.py:26 | ok | test_construction | tainted_tuple |
| test_collections.py:27 | ok | test_construction | tainted_set |
| test_collections.py:28 | ok | test_construction | tainted_dict |
| test_collections.py:23 | ok | test_construction | tainted_string |
| test_collections.py:24 | ok | test_construction | tainted_list |
| test_collections.py:25 | ok | test_construction | tainted_tuple |
| test_collections.py:26 | ok | test_construction | tainted_set |
| test_collections.py:27 | ok | test_construction | tainted_dict |
| test_collections.py:31 | ok | test_construction | list(..) |
| test_collections.py:32 | ok | test_construction | list(..) |
| test_collections.py:33 | ok | test_construction | list(..) |
| test_collections.py:34 | ok | test_construction | list(..) |
| test_collections.py:35 | ok | test_construction | list(..) |
| test_collections.py:36 | ok | test_construction | list(..) |
| test_collections.py:38 | ok | test_construction | tuple(..) |
| test_collections.py:39 | ok | test_construction | set(..) |
| test_collections.py:40 | ok | test_construction | frozenset(..) |
| test_collections.py:48 | ok | test_access | tainted_list[0] |
| test_collections.py:49 | ok | test_access | tainted_list[x] |
| test_collections.py:50 | ok | test_access | tainted_list[Slice] |
| test_collections.py:52 | ok | test_access | sorted(..) |
| test_collections.py:53 | ok | test_access | reversed(..) |
| test_collections.py:54 | ok | test_access | iter(..) |
| test_collections.py:55 | ok | test_access | next(..) |
| test_collections.py:56 | ok | test_access | copy(..) |
| test_collections.py:57 | ok | test_access | deepcopy(..) |
| test_collections.py:61 | ok | test_access | a |
| test_collections.py:61 | ok | test_access | b |
| test_collections.py:61 | ok | test_access | c |
| test_collections.py:64 | ok | test_access | h |
| test_collections.py:66 | ok | test_access | i |
| test_collections.py:73 | ok | test_dict_access | tainted_dict["name"] |
| test_collections.py:74 | ok | test_dict_access | tainted_dict.get(..) |
| test_collections.py:75 | ok | test_dict_access | tainted_dict[x] |
| test_collections.py:76 | ok | test_dict_access | tainted_dict.copy() |
| test_collections.py:80 | ok | test_dict_access | v |
| test_collections.py:82 | ok | test_dict_access | v |
| test_collections.py:90 | fail | test_named_tuple | point[0] |
| test_collections.py:91 | fail | test_named_tuple | point.x |
| test_collections.py:95 | ok | test_named_tuple | point[1] |
| test_collections.py:96 | ok | test_named_tuple | point.y |
| test_collections.py:100 | fail | test_named_tuple | a |
| test_collections.py:101 | ok | test_named_tuple | b |
| test_collections.py:109 | fail | test_defaultdict | tainted_default_dict["name"] |
| test_collections.py:110 | fail | test_defaultdict | tainted_default_dict.get(..) |
| test_collections.py:111 | fail | test_defaultdict | tainted_default_dict[x] |
| test_collections.py:112 | fail | test_defaultdict | tainted_default_dict.copy() |
| test_collections.py:115 | fail | test_defaultdict | v |
| test_collections.py:117 | fail | test_defaultdict | v |
| test_collections.py:124 | ok | list_index_assign | my_list |
| test_collections.py:127 | fail | list_index_assign | my_list |
| test_collections.py:134 | ok | list_index_aug_assign | my_list |
| test_collections.py:137 | fail | list_index_aug_assign | my_list |
| test_collections.py:144 | ok | list_append | my_list |
| test_collections.py:147 | fail | list_append | my_list |
| test_collections.py:154 | ok | list_extend | my_list |
| test_collections.py:157 | fail | list_extend | my_list |
| test_collections.py:164 | ok | dict_update_dict | my_dict |
| test_collections.py:167 | fail | dict_update_dict | my_dict |
| test_collections.py:174 | ok | dict_update_kv_list | my_dict |
| test_collections.py:177 | fail | dict_update_kv_list | my_dict |
| test_collections.py:183 | ok | dict_update_kv_arg | my_dict |
| test_collections.py:186 | fail | dict_update_kv_arg | my_dict |
| test_collections.py:193 | ok | dict_manual_update | my_dict |
| test_collections.py:197 | fail | dict_manual_update | my_dict |
| test_collections.py:205 | fail | dict_merge | merged |
| test_collections.py:212 | ok | set_add | my_set |
| test_collections.py:215 | fail | set_add | my_set |
| test_collections.py:37 | ok | test_construction | tuple(..) |
| test_collections.py:38 | ok | test_construction | set(..) |
| test_collections.py:39 | ok | test_construction | frozenset(..) |
| test_collections.py:47 | ok | test_access | tainted_list[0] |
| test_collections.py:48 | ok | test_access | tainted_list[x] |
| test_collections.py:49 | ok | test_access | tainted_list[Slice] |
| test_collections.py:51 | ok | test_access | sorted(..) |
| test_collections.py:52 | ok | test_access | reversed(..) |
| test_collections.py:53 | ok | test_access | iter(..) |
| test_collections.py:54 | ok | test_access | next(..) |
| test_collections.py:58 | ok | test_access | a |
| test_collections.py:58 | ok | test_access | b |
| test_collections.py:58 | ok | test_access | c |
| test_collections.py:61 | ok | test_access | h |
| test_collections.py:63 | ok | test_access | i |
| test_collections.py:70 | ok | test_dict_access | tainted_dict["name"] |
| test_collections.py:71 | ok | test_dict_access | tainted_dict.get(..) |
| test_collections.py:72 | ok | test_dict_access | tainted_dict[x] |
| test_collections.py:73 | ok | test_dict_access | tainted_dict.copy() |
| test_collections.py:77 | ok | test_dict_access | v |
| test_collections.py:79 | ok | test_dict_access | v |
| test_collections.py:87 | fail | test_named_tuple | point[0] |
| test_collections.py:88 | fail | test_named_tuple | point.x |
| test_collections.py:92 | ok | test_named_tuple | point[1] |
| test_collections.py:93 | ok | test_named_tuple | point.y |
| test_collections.py:97 | fail | test_named_tuple | a |
| test_collections.py:98 | ok | test_named_tuple | b |
| test_collections.py:106 | fail | test_defaultdict | tainted_default_dict["name"] |
| test_collections.py:107 | fail | test_defaultdict | tainted_default_dict.get(..) |
| test_collections.py:108 | fail | test_defaultdict | tainted_default_dict[x] |
| test_collections.py:109 | fail | test_defaultdict | tainted_default_dict.copy() |
| test_collections.py:112 | fail | test_defaultdict | v |
| test_collections.py:114 | fail | test_defaultdict | v |
| test_collections.py:121 | ok | test_copy_1 | copy(..) |
| test_collections.py:122 | ok | test_copy_1 | deepcopy(..) |
| test_collections.py:130 | ok | test_copy_2 | copy.copy(..) |
| test_collections.py:131 | ok | test_copy_2 | copy.deepcopy(..) |
| test_collections.py:139 | ok | list_index_assign | my_list |
| test_collections.py:142 | fail | list_index_assign | my_list |
| test_collections.py:149 | ok | list_index_aug_assign | my_list |
| test_collections.py:152 | fail | list_index_aug_assign | my_list |
| test_collections.py:159 | ok | list_append | my_list |
| test_collections.py:162 | fail | list_append | my_list |
| test_collections.py:169 | ok | list_extend | my_list |
| test_collections.py:172 | fail | list_extend | my_list |
| test_collections.py:179 | ok | dict_update_dict | my_dict |
| test_collections.py:182 | fail | dict_update_dict | my_dict |
| test_collections.py:189 | ok | dict_update_kv_list | my_dict |
| test_collections.py:192 | fail | dict_update_kv_list | my_dict |
| test_collections.py:198 | ok | dict_update_kv_arg | my_dict |
| test_collections.py:201 | fail | dict_update_kv_arg | my_dict |
| test_collections.py:208 | ok | dict_manual_update | my_dict |
| test_collections.py:212 | fail | dict_manual_update | my_dict |
| test_collections.py:220 | fail | dict_merge | merged |
| test_collections.py:227 | ok | set_add | my_set |
| test_collections.py:230 | fail | set_add | my_set |
| test_json.py:26 | ok | test | json.dumps(..) |
| test_json.py:27 | ok | test | json.loads(..) |
| test_json.py:34 | fail | test | tainted_filelike |

23
python/ql/test/experimental/dataflow/tainttracking/defaultAdditionalTaintStep/test_collections.py
View File

@@ -11,7 +11,6 @@ if TYPE_CHECKING:
# Actual tests
from collections import defaultdict, namedtuple
from copy import copy, deepcopy
def test_construction():
tainted_string = TAINTED_STRING
@@ -53,8 +52,6 @@ def test_access(x, y, z):
reversed(tainted_list),
iter(tainted_list),
next(iter(tainted_list)),
copy(tainted_list),
deepcopy(tainted_list)
)
a, b, c = tainted_list[0:3]
@@ -117,6 +114,24 @@ def test_defaultdict(key, x): # TODO: defaultdict currently not handled
ensure_tainted(v)
def test_copy_1():
from copy import copy, deepcopy
ensure_tainted(
copy(TAINTED_LIST),
deepcopy(TAINTED_LIST),
)
def test_copy_2():
import copy
ensure_tainted(
copy.copy(TAINTED_LIST),
copy.deepcopy(TAINTED_LIST),
)
def list_index_assign():
tainted_string = TAINTED_STRING
my_list = ["safe"]
@@ -222,6 +237,8 @@ test_access(0, 0, 2)
test_dict_access("name")
test_named_tuple()
test_defaultdict("key", "key")
test_copy_1()
test_copy_2()
list_index_assign()
list_index_aug_assign()