hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-03 04:39:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

Python: Improve taint tracking to account for truthiness of the taint kind.

Browse Source
This commit is contained in:
Mark Shannon
2019-03-01 10:54:05 +00:00
parent 8a16164270
commit ebd9bc3cb5
7 changed files with 42 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
python/ql/test/library-tests/taint/general/TestNode.expected
View File

@@ -215,6 +215,11 @@
| Taint simple.test | test.py:169 | SOURCE | |
| Taint simple.test | test.py:172 | Subscript | |
| Taint simple.test | test.py:173 | Subscript | |
| Taint simple.test | test.py:178 | SOURCE | |
| Taint simple.test | test.py:179 | t | |
| Taint simple.test | test.py:180 | t | |
| Taint simple.test | test.py:183 | t | |
| Taint simple.test | test.py:186 | t | |
| Taint {simple.test} | test.py:169 | Dict | |
| Taint {simple.test} | test.py:171 | d | |
| Taint {simple.test} | test.py:173 | y | |

2
python/ql/test/library-tests/taint/general/TestSink.expected
View File

@@ -32,3 +32,5 @@
| simple.test | test.py:159 | 160 | t | simple.test |
| simple.test | test.py:168 | 172 | Subscript | simple.test |
| simple.test | test.py:169 | 173 | Subscript | simple.test |
| simple.test | test.py:178 | 180 | t | simple.test |
| simple.test | test.py:178 | 186 | t | simple.test |

1
python/ql/test/library-tests/taint/general/TestSource.expected
View File

@@ -40,3 +40,4 @@
| test.py:163 | SOURCE | simple.test |
| test.py:168 | SOURCE | simple.test |
| test.py:169 | SOURCE | simple.test |
| test.py:178 | SOURCE | simple.test |

4
python/ql/test/library-tests/taint/general/TestStep.expected
View File

@@ -173,6 +173,10 @@
| Taint simple.test | test.py:163 | SOURCE | | --> | Taint simple.test | test.py:164 | s | |
| Taint simple.test | test.py:168 | SOURCE | | --> | Taint [simple.test] | test.py:168 | List | |
| Taint simple.test | test.py:169 | SOURCE | | --> | Taint {simple.test} | test.py:169 | Dict | |
| Taint simple.test | test.py:178 | SOURCE | | --> | Taint simple.test | test.py:179 | t | |
| Taint simple.test | test.py:178 | SOURCE | | --> | Taint simple.test | test.py:180 | t | |
| Taint simple.test | test.py:178 | SOURCE | | --> | Taint simple.test | test.py:183 | t | |
| Taint simple.test | test.py:178 | SOURCE | | --> | Taint simple.test | test.py:186 | t | |
| Taint {simple.test} | test.py:169 | Dict | | --> | Taint {simple.test} | test.py:171 | d | |
| Taint {simple.test} | test.py:169 | Dict | | --> | Taint {simple.test} | test.py:175 | d | |
| Taint {simple.test} | test.py:171 | d | | --> | Taint {simple.test} | test.py:173 | y | |

5
python/ql/test/library-tests/taint/general/TestVar.expected
View File

@@ -177,3 +177,8 @@
| test.py:174 | l_2 | test.py:168 | Taint [simple.test] | List |
| test.py:175 | d2_0 | test.py:175 | Taint {simple.test} | dict() |
| test.py:175 | d_2 | test.py:169 | Taint {simple.test} | Dict |
| test.py:178 | t_0 | test.py:178 | Taint simple.test | SOURCE |
| test.py:180 | t_1 | test.py:178 | Taint simple.test | SOURCE |
| test.py:180 | t_2 | test.py:178 | Taint simple.test | SOURCE |
| test.py:183 | t_3 | test.py:178 | Taint simple.test | SOURCE |
| test.py:186 | t_4 | test.py:178 | Taint simple.test | SOURCE |

11
python/ql/test/library-tests/taint/general/test.py
View File

@@ -173,3 +173,14 @@ def test_update_extend(x, y):
SINK(y["key"])
l2 = list(l)
d2 = dict(d)
def test_truth():
t = SOURCE
if t:
SINK(t)
else:
SINK(t)
if not t:
SINK(t)
else:
SINK(t)