hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity

Python: add regression tests and organise tests

Browse Source
This commit is contained in:
Rasmus Lerchedahl Petersen
2020-06-22 16:36:19 +02:00
parent aa04a2a476
commit e8289d6fa1
28 changed files with 206 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

0
python/ql/test/experimental/dataflow/allFlowsConfig.qll → python/ql/test/experimental/dataflow/basic/allFlowsConfig.qll
View File

0
python/ql/test/experimental/dataflow/callGraph.expected → python/ql/test/experimental/dataflow/basic/callGraph.expected
View File

0
python/ql/test/experimental/dataflow/callGraph.ql → python/ql/test/experimental/dataflow/basic/callGraph.ql
View File

0
python/ql/test/experimental/dataflow/callGraphConfig.qll → python/ql/test/experimental/dataflow/basic/callGraphConfig.qll
View File

0
python/ql/test/experimental/dataflow/callGraphSinks.expected → python/ql/test/experimental/dataflow/basic/callGraphSinks.expected
View File

0
python/ql/test/experimental/dataflow/callGraphSinks.ql → python/ql/test/experimental/dataflow/basic/callGraphSinks.ql
View File

0
python/ql/test/experimental/dataflow/callGraphSources.expected → python/ql/test/experimental/dataflow/basic/callGraphSources.expected
View File

0
python/ql/test/experimental/dataflow/callGraphSources.ql → python/ql/test/experimental/dataflow/basic/callGraphSources.ql
View File

0
python/ql/test/experimental/dataflow/global.expected → python/ql/test/experimental/dataflow/basic/global.expected
View File

0
python/ql/test/experimental/dataflow/global.ql → python/ql/test/experimental/dataflow/basic/global.ql
View File

0
python/ql/test/experimental/dataflow/globalStep.expected → python/ql/test/experimental/dataflow/basic/globalStep.expected
View File

0
python/ql/test/experimental/dataflow/globalStep.ql → python/ql/test/experimental/dataflow/basic/globalStep.ql
View File

0
python/ql/test/experimental/dataflow/local.expected → python/ql/test/experimental/dataflow/basic/local.expected
View File

0
python/ql/test/experimental/dataflow/local.ql → python/ql/test/experimental/dataflow/basic/local.ql
View File

0
python/ql/test/experimental/dataflow/localStep.expected → python/ql/test/experimental/dataflow/basic/localStep.expected
View File

0
python/ql/test/experimental/dataflow/localStep.ql → python/ql/test/experimental/dataflow/basic/localStep.ql
View File

0
python/ql/test/experimental/dataflow/maximalFlows.expected → python/ql/test/experimental/dataflow/basic/maximalFlows.expected
View File

0
python/ql/test/experimental/dataflow/maximalFlows.ql → python/ql/test/experimental/dataflow/basic/maximalFlows.ql
View File

0
python/ql/test/experimental/dataflow/maximalFlowsConfig.qll → python/ql/test/experimental/dataflow/basic/maximalFlowsConfig.qll
View File

0
python/ql/test/experimental/dataflow/sinks.expected → python/ql/test/experimental/dataflow/basic/sinks.expected
View File

0
python/ql/test/experimental/dataflow/sinks.ql → python/ql/test/experimental/dataflow/basic/sinks.ql
View File

0
python/ql/test/experimental/dataflow/sources.expected → python/ql/test/experimental/dataflow/basic/sources.expected
View File

0
python/ql/test/experimental/dataflow/sources.ql → python/ql/test/experimental/dataflow/basic/sources.ql
View File

0
python/ql/test/experimental/dataflow/test.py → python/ql/test/experimental/dataflow/basic/test.py
View File

16
python/ql/test/experimental/dataflow/regression/config.qll Normal file
View File

@@ -0,0 +1,16 @@
import experimental.dataflow.DataFlow
class TestConfiguration extends DataFlow::Configuration {
TestConfiguration() { this = "AllFlowsConfig" }
override predicate isSource(DataFlow::Node node) {
node.asCfgNode().(NameNode).getId() = "SOURCE"
}
override predicate isSink(DataFlow::Node node) {
exists(CallNode call |
call.getFunction().(NameNode).getId() = "SINK" and
node.asCfgNode() = call.getAnArg()
)
}
}

13
python/ql/test/experimental/dataflow/regression/dataflow.expected Normal file
View File

@@ -0,0 +1,13 @@
| test.py:3:10:3:15 | ControlFlowNode for SOURCE | test.py:3:10:3:15 | ControlFlowNode for SOURCE |
| test.py:6:9:6:14 | ControlFlowNode for SOURCE | test.py:7:10:7:10 | ControlFlowNode for s |
| test.py:10:12:10:17 | ControlFlowNode for SOURCE | test.py:13:10:13:12 | ControlFlowNode for arg |
| test.py:10:12:10:17 | ControlFlowNode for SOURCE | test.py:17:10:17:10 | ControlFlowNode for t |
| test.py:20:9:20:14 | ControlFlowNode for SOURCE | test.py:13:10:13:12 | ControlFlowNode for arg |
| test.py:37:13:37:18 | ControlFlowNode for SOURCE | test.py:41:14:41:14 | ControlFlowNode for t |
| test.py:76:9:76:14 | ControlFlowNode for SOURCE | test.py:78:10:78:10 | ControlFlowNode for t |
| test.py:108:13:108:18 | ControlFlowNode for SOURCE | test.py:112:14:112:14 | ControlFlowNode for t |
| test.py:143:9:143:14 | ControlFlowNode for SOURCE | test.py:145:10:145:10 | ControlFlowNode for s |
| test.py:158:9:158:14 | ControlFlowNode for SOURCE | test.py:160:14:160:14 | ControlFlowNode for t |
| test.py:158:9:158:14 | ControlFlowNode for SOURCE | test.py:162:14:162:14 | ControlFlowNode for t |
| test.py:158:9:158:14 | ControlFlowNode for SOURCE | test.py:164:14:164:14 | ControlFlowNode for t |
| test.py:158:9:158:14 | ControlFlowNode for SOURCE | test.py:166:14:166:14 | ControlFlowNode for t |

10
python/ql/test/experimental/dataflow/regression/dataflow.ql Normal file
View File

@@ -0,0 +1,10 @@
import config
from
DataFlow::Node source,
DataFlow::Node sink
where
// source != sink and
exists(TestConfiguration cfg | cfg.hasFlow(source, sink))
select
source, sink

167
python/ql/test/experimental/dataflow/regression/test.py Normal file
View File

@@ -0,0 +1,167 @@
def test1():
SINK(SOURCE)
def test2():
s = SOURCE
SINK(s)
def source():
return SOURCE
def sink(arg):
SINK(arg)
def test3():
t = source()
SINK(t)
def test4():
t = SOURCE
sink(t)
def test5():
t = source()
sink(t)
def test6(cond):
if cond:
t = "Safe"
else:
t = SOURCE
if cond:
SINK(t)
def test7(cond):
if cond:
t = SOURCE
else:
t = "Safe"
if cond:
SINK(t)
def source2(arg):
return source(arg)
def sink2(arg):
sink(arg)
def sink3(cond, arg):
if cond:
sink(arg)
def test8(cond):
t = source2()
sink2(t)
#False positive
def test9(cond):
if cond:
t = "Safe"
else:
t = SOURCE
sink3(cond, t)
def test10(cond):
if cond:
t = SOURCE
else:
t = "Safe"
sink3(cond, t)
def hub(arg):
return arg
def test11():
t = SOURCE
t = hub(t)
SINK(t)
def test12():
t = "safe"
t = hub(t)
SINK(t)
import module
def test13():
t = module.dangerous
SINK(t)
def test14():
t = module.safe
SINK(t)
def test15():
t = module.safe2
SINK(t)
def test16():
t = module.dangerous_func()
SINK(t)
def test20(cond):
if cond:
t = CUSTOM_SOURCE
else:
t = SOURCE
if cond:
CUSTOM_SINK(t)
else:
SINK(t)
def test21(cond):
if cond:
t = CUSTOM_SOURCE
else:
t = SOURCE
if not cond:
CUSTOM_SINK(t)
else:
SINK(t)
def test22(cond):
if cond:
t = CUSTOM_SOURCE
else:
t = SOURCE
t = TAINT_FROM_ARG(t)
if cond:
CUSTOM_SINK(t)
else:
SINK(t)
from module import dangerous as unsafe
SINK(unsafe)
def test23():
with SOURCE as t:
SINK(t)
def test24():
s = SOURCE
SANITIZE(s)
SINK(s)
def test_update_extend(x, y):
l = [SOURCE]
d = {"key" : SOURCE}
x.extend(l)
y.update(d)
SINK(x[0])
SINK(y["key"])
l2 = list(l)
d2 = dict(d)
def test_truth():
t = SOURCE
if t:
SINK(t)
else:
SINK(t)
if not t:
SINK(t)
else:
SINK(t)