mirror of
https://github.com/github/codeql.git
synced 2026-04-29 18:55:14 +02:00
Python: Remove strange-pointsto-interaction-investigation
These tests are not relevant anymore 💪
This commit is contained in:
Rasmus Wriedt Larsen
@@ -1,96 +0,0 @@
|
||||
While working on the field-flow tests, I encountered some very strange behavior. By moving some tests into a new file, they suddenly started working :O
|
||||
|
||||
This folder contains the artifacts from investigating this problem, so we can recall the facts (but besides that, don't have much value in itself).
|
||||
|
||||
The test files can be found in `src/`, and I have set of a bunch of different tests with different extractor options in the `test-*` folders.
|
||||
|
||||
The core of the problem is that in _some_ configuration of extractor options, after seeing the code below, points-to gives up trying to resolve calls :flushed:
|
||||
|
||||
```py
|
||||
import os
|
||||
cond = os.urandom(1)[0] > 128
|
||||
|
||||
if cond:
|
||||
pass
|
||||
|
||||
if cond:
|
||||
pass
|
||||
```
|
||||
|
||||
This seems to have been caused by not allowing enough imports to be resolved. There is also some interaction with splitting, since turning that off also removes the problem.
|
||||
|
||||
But allowing our test to see more imports is more representative of what happens when analyzing real code, so that's the better approach :+1: (and going above 3 does not seem to change anything in this case).
|
||||
|
||||
I've thought about whether we can write a query to reliably cases such as this, but I don't see any solutions. However, we can easily try running all our tests with `--max-import-depth=100` and see if anything changes from this.
|
||||
|
||||
# Seeing the solutions work
|
||||
|
||||
Doing `diff -u -r test-1-normal/ test-5-max-import-depth-3/` shows that all the calls we should be able to resolve, are now resolved properly. and critically this line is added:
|
||||
|
||||
```diff
|
||||
+| ../src/urandom_problem.py:43:6:43:8 | ControlFlowNode for foo | Fixed missing result:flow="SOURCE, l:-15 -> foo" |
|
||||
```
|
||||
|
||||
<details>
|
||||
<summary>full diff</summary>
|
||||
|
||||
```diff
|
||||
diff '--color=auto' -u -r test-1-normal/NormalDataflowTest.expected test-5-max-import-depth-3/NormalDataflowTest.expected
|
||||
--- test-1-normal/NormalDataflowTest.expected 2022-02-27 10:33:00.603882599 +0100
|
||||
+++ test-5-max-import-depth-3/NormalDataflowTest.expected 2022-02-28 10:10:08.930743800 +0100
|
||||
@@ -1,2 +1,3 @@
|
||||
missingAnnotationOnSink
|
||||
failures
|
||||
+| ../src/urandom_problem.py:43:6:43:8 | ControlFlowNode for foo | Fixed missing result:flow="SOURCE, l:-15 -> foo" |
|
||||
diff '--color=auto' -u -r test-1-normal/options test-5-max-import-depth-3/options
|
||||
--- test-1-normal/options 2022-02-27 10:36:51.124793909 +0100
|
||||
+++ test-5-max-import-depth-3/options 2022-02-27 11:01:43.908098372 +0100
|
||||
@@ -1 +1 @@
|
||||
-semmle-extractor-options: --max-import-depth=1 -R ../src
|
||||
+semmle-extractor-options: --max-import-depth=3 -R ../src
|
||||
diff '--color=auto' -u -r test-1-normal/UnresolvedCalls.expected test-5-max-import-depth-3/UnresolvedCalls.expected
|
||||
--- test-1-normal/UnresolvedCalls.expected 2022-02-28 10:09:19.213742437 +0100
|
||||
+++ test-5-max-import-depth-3/UnresolvedCalls.expected 2022-02-28 10:10:08.638737921 +0100
|
||||
@@ -0,0 +1,5 @@
|
||||
+| ../src/isfile_no_problem.py:34:33:34:70 | Comment # $ unresolved_call=os.path.isfile(..) | Missing result:unresolved_call=os.path.isfile(..) |
|
||||
+| ../src/urandom_no_if_no_problem.py:34:31:34:64 | Comment # $ unresolved_call=os.urandom(..) | Missing result:unresolved_call=os.urandom(..) |
|
||||
+| ../src/urandom_problem.py:34:31:34:64 | Comment # $ unresolved_call=os.urandom(..) | Missing result:unresolved_call=os.urandom(..) |
|
||||
+| ../src/urandom_problem.py:42:18:42:47 | Comment # $ unresolved_call=give_src() | Missing result:unresolved_call=give_src() |
|
||||
+| ../src/urandom_problem.py:43:11:43:75 | Comment # $ unresolved_call=SINK(..) MISSING: flow="SOURCE, l:-15 -> foo" | Missing result:unresolved_call=SINK(..) |
|
||||
diff '--color=auto' -u -r test-1-normal/UnresolvedPointsToCalls.expected test-5-max-import-depth-3/UnresolvedPointsToCalls.expected
|
||||
--- test-1-normal/UnresolvedPointsToCalls.expected 2022-02-28 10:09:19.033738812 +0100
|
||||
+++ test-5-max-import-depth-3/UnresolvedPointsToCalls.expected 2022-02-28 10:12:48.572752108 +0100
|
||||
@@ -1,5 +1 @@
|
||||
-| ../src/urandom_no_if_no_problem.py:34:8:34:20 | ../src/urandom_no_if_no_problem.py:34 | os.urandom(..) |
|
||||
| ../src/urandom_no_import_no_problem.py:34:8:34:20 | ../src/urandom_no_import_no_problem.py:34 | os.urandom(..) |
|
||||
-| ../src/urandom_problem.py:34:8:34:20 | ../src/urandom_problem.py:34 | os.urandom(..) |
|
||||
-| ../src/urandom_problem.py:42:7:42:16 | ../src/urandom_problem.py:42 | give_src() |
|
||||
-| ../src/urandom_problem.py:43:1:43:9 | ../src/urandom_problem.py:43 | SINK(..) |
|
||||
```
|
||||
|
||||
</details>
|
||||
|
||||
There are no benefit in increasing import depth above 3 for this test-example:
|
||||
|
||||
```diff
|
||||
$ diff -u -r test-4-max-import-depth-100/ test-5-max-import-depth-3/
|
||||
--- test-4-max-import-depth-100/options 2022-02-28 10:02:09.269071781 +0100
|
||||
+++ test-5-max-import-depth-3/options 2022-02-27 11:01:43.908098372 +0100
|
||||
@@ -1 +1 @@
|
||||
-semmle-extractor-options: --max-import-depth=100 -R ../src
|
||||
+semmle-extractor-options: --max-import-depth=3 -R ../src
|
||||
```
|
||||
|
||||
Also notice that using import depth 2 actually makes things worse, as we no longer handle the `isfile_no_problem.py` file properly :facepalm: :sweat_smile: NOTE: This was only for Python 3, for Python 2 there was no change :flushed:
|
||||
|
||||
```diff
|
||||
diff '--color=auto' -u -r test-4-max-import-depth-100/NormalDataflowTest.expected test-6-max-import-depth-2/NormalDataflowTest.expected
|
||||
--- test-4-max-import-depth-100/NormalDataflowTest.expected 2022-02-28 10:10:02.206608379 +0100
|
||||
+++ test-6-max-import-depth-2/NormalDataflowTest.expected 2022-02-28 10:10:13.882716665 +0100
|
||||
@@ -1,3 +1,5 @@
|
||||
missingAnnotationOnSink
|
||||
+| ../src/isfile_no_problem.py:43:6:43:8 | ../src/isfile_no_problem.py:43 | ERROR, you should add `# $ MISSING: flow` annotation | foo |
|
||||
failures
|
||||
+| ../src/isfile_no_problem.py:43:11:43:41 | Comment # $ flow="SOURCE, l:-15 -> foo" | Missing result:flow="SOURCE, l:-15 -> foo" |
|
||||
| ../src/urandom_problem.py:43:6:43:8 | ControlFlowNode for foo | Fixed missing result:flow="SOURCE, l:-15 -> foo" |
|
||||
```
|
||||
@@ -1,43 +0,0 @@
|
||||
# These are defined so that we can evaluate the test code.
|
||||
NONSOURCE = "not a source"
|
||||
SOURCE = "source"
|
||||
|
||||
|
||||
def is_source(x):
|
||||
return x == "source" or x == b"source" or x == 42 or x == 42.0 or x == 42j
|
||||
|
||||
|
||||
def SINK(x):
|
||||
if is_source(x):
|
||||
print("OK")
|
||||
else:
|
||||
print("Unexpected flow", x)
|
||||
|
||||
|
||||
def SINK_F(x):
|
||||
if is_source(x):
|
||||
print("Unexpected flow", x)
|
||||
else:
|
||||
print("OK")
|
||||
|
||||
# ------------------------------------------------------------------------------
|
||||
# Actual tests
|
||||
# ------------------------------------------------------------------------------
|
||||
|
||||
def give_src():
|
||||
return SOURCE
|
||||
|
||||
foo = give_src()
|
||||
SINK(foo) # $ flow="SOURCE, l:-3 -> foo"
|
||||
|
||||
import os
|
||||
cond = eval("False")
|
||||
|
||||
if cond:
|
||||
pass
|
||||
|
||||
if cond:
|
||||
pass
|
||||
|
||||
foo = give_src()
|
||||
SINK(foo) # $ flow="SOURCE, l:-15 -> foo"
|
||||
@@ -1,43 +0,0 @@
|
||||
# These are defined so that we can evaluate the test code.
|
||||
NONSOURCE = "not a source"
|
||||
SOURCE = "source"
|
||||
|
||||
|
||||
def is_source(x):
|
||||
return x == "source" or x == b"source" or x == 42 or x == 42.0 or x == 42j
|
||||
|
||||
|
||||
def SINK(x):
|
||||
if is_source(x):
|
||||
print("OK")
|
||||
else:
|
||||
print("Unexpected flow", x)
|
||||
|
||||
|
||||
def SINK_F(x):
|
||||
if is_source(x):
|
||||
print("Unexpected flow", x)
|
||||
else:
|
||||
print("OK")
|
||||
|
||||
# ------------------------------------------------------------------------------
|
||||
# Actual tests
|
||||
# ------------------------------------------------------------------------------
|
||||
|
||||
def give_src():
|
||||
return SOURCE
|
||||
|
||||
foo = give_src()
|
||||
SINK(foo) # $ flow="SOURCE, l:-3 -> foo"
|
||||
|
||||
import os
|
||||
cond = os.path.isfile(__file__) # $ unresolved_call=os.path.isfile(..)
|
||||
|
||||
if cond:
|
||||
pass
|
||||
|
||||
if cond:
|
||||
pass
|
||||
|
||||
foo = give_src()
|
||||
SINK(foo) # $ flow="SOURCE, l:-15 -> foo"
|
||||
@@ -1,43 +0,0 @@
|
||||
# These are defined so that we can evaluate the test code.
|
||||
NONSOURCE = "not a source"
|
||||
SOURCE = "source"
|
||||
|
||||
|
||||
def is_source(x):
|
||||
return x == "source" or x == b"source" or x == 42 or x == 42.0 or x == 42j
|
||||
|
||||
|
||||
def SINK(x):
|
||||
if is_source(x):
|
||||
print("OK")
|
||||
else:
|
||||
print("Unexpected flow", x)
|
||||
|
||||
|
||||
def SINK_F(x):
|
||||
if is_source(x):
|
||||
print("Unexpected flow", x)
|
||||
else:
|
||||
print("OK")
|
||||
|
||||
# ------------------------------------------------------------------------------
|
||||
# Actual tests
|
||||
# ------------------------------------------------------------------------------
|
||||
|
||||
def give_src():
|
||||
return SOURCE
|
||||
|
||||
foo = give_src()
|
||||
SINK(foo) # $ flow="SOURCE, l:-3 -> foo"
|
||||
|
||||
import os
|
||||
cond = 1 + 1 == 2
|
||||
|
||||
if cond:
|
||||
pass
|
||||
|
||||
if cond:
|
||||
pass
|
||||
|
||||
foo = give_src()
|
||||
SINK(foo) # $ flow="SOURCE, l:-15 -> foo"
|
||||
@@ -1,43 +0,0 @@
|
||||
# These are defined so that we can evaluate the test code.
|
||||
NONSOURCE = "not a source"
|
||||
SOURCE = "source"
|
||||
|
||||
|
||||
def is_source(x):
|
||||
return x == "source" or x == b"source" or x == 42 or x == 42.0 or x == 42j
|
||||
|
||||
|
||||
def SINK(x):
|
||||
if is_source(x):
|
||||
print("OK")
|
||||
else:
|
||||
print("Unexpected flow", x)
|
||||
|
||||
|
||||
def SINK_F(x):
|
||||
if is_source(x):
|
||||
print("Unexpected flow", x)
|
||||
else:
|
||||
print("OK")
|
||||
|
||||
# ------------------------------------------------------------------------------
|
||||
# Actual tests
|
||||
# ------------------------------------------------------------------------------
|
||||
|
||||
def give_src():
|
||||
return SOURCE
|
||||
|
||||
foo = give_src()
|
||||
SINK(foo) # $ flow="SOURCE, l:-3 -> foo"
|
||||
|
||||
import os
|
||||
cond = os.urandom(1)[0] > 128 # $ unresolved_call=os.urandom(..)
|
||||
|
||||
# if cond:
|
||||
# pass
|
||||
#
|
||||
# if cond:
|
||||
# pass
|
||||
|
||||
foo = give_src()
|
||||
SINK(foo) # $ flow="SOURCE, l:-15 -> foo"
|
||||
@@ -1,43 +0,0 @@
|
||||
# These are defined so that we can evaluate the test code.
|
||||
NONSOURCE = "not a source"
|
||||
SOURCE = "source"
|
||||
|
||||
|
||||
def is_source(x):
|
||||
return x == "source" or x == b"source" or x == 42 or x == 42.0 or x == 42j
|
||||
|
||||
|
||||
def SINK(x):
|
||||
if is_source(x):
|
||||
print("OK")
|
||||
else:
|
||||
print("Unexpected flow", x)
|
||||
|
||||
|
||||
def SINK_F(x):
|
||||
if is_source(x):
|
||||
print("Unexpected flow", x)
|
||||
else:
|
||||
print("OK")
|
||||
|
||||
# ------------------------------------------------------------------------------
|
||||
# Actual tests
|
||||
# ------------------------------------------------------------------------------
|
||||
|
||||
def give_src():
|
||||
return SOURCE
|
||||
|
||||
foo = give_src()
|
||||
SINK(foo) # $ flow="SOURCE, l:-3 -> foo"
|
||||
|
||||
# import os
|
||||
cond = os.urandom(1)[0] > 128 # $ unresolved_call=os.urandom(..)
|
||||
|
||||
# if cond:
|
||||
# pass
|
||||
#
|
||||
# if cond:
|
||||
# pass
|
||||
|
||||
foo = give_src()
|
||||
SINK(foo) # $ flow="SOURCE, l:-15 -> foo"
|
||||
@@ -1,43 +0,0 @@
|
||||
# These are defined so that we can evaluate the test code.
|
||||
NONSOURCE = "not a source"
|
||||
SOURCE = "source"
|
||||
|
||||
|
||||
def is_source(x):
|
||||
return x == "source" or x == b"source" or x == 42 or x == 42.0 or x == 42j
|
||||
|
||||
|
||||
def SINK(x):
|
||||
if is_source(x):
|
||||
print("OK")
|
||||
else:
|
||||
print("Unexpected flow", x)
|
||||
|
||||
|
||||
def SINK_F(x):
|
||||
if is_source(x):
|
||||
print("Unexpected flow", x)
|
||||
else:
|
||||
print("OK")
|
||||
|
||||
# ------------------------------------------------------------------------------
|
||||
# Actual tests
|
||||
# ------------------------------------------------------------------------------
|
||||
|
||||
def give_src():
|
||||
return SOURCE
|
||||
|
||||
foo = give_src()
|
||||
SINK(foo) # $ flow="SOURCE, l:-3 -> foo"
|
||||
|
||||
import os
|
||||
cond = os.urandom(1)[0] > 128 # $ unresolved_call=os.urandom(..)
|
||||
|
||||
if cond:
|
||||
pass
|
||||
|
||||
if cond:
|
||||
pass
|
||||
|
||||
foo = give_src() # $ unresolved_call=give_src()
|
||||
SINK(foo) # $ unresolved_call=SINK(..) MISSING: flow="SOURCE, l:-15 -> foo"
|
||||
@@ -1,2 +0,0 @@
|
||||
missingAnnotationOnSink
|
||||
failures
|
||||
@@ -1,2 +0,0 @@
|
||||
import python
|
||||
import experimental.dataflow.TestUtil.NormalDataflowTest
|
||||
@@ -1,6 +0,0 @@
|
||||
| ../src/eval_no_problem.py | has splitting |
|
||||
| ../src/isfile_no_problem.py | has splitting |
|
||||
| ../src/simple_no_problem.py | has splitting |
|
||||
| ../src/urandom_no_if_no_problem.py | does not have splitting |
|
||||
| ../src/urandom_no_import_no_problem.py | does not have splitting |
|
||||
| ../src/urandom_problem.py | has splitting |
|
||||
@@ -1,16 +0,0 @@
|
||||
import python
|
||||
|
||||
// this can be quick-eval to see which ones have splitting. But that's basically just
|
||||
// anything from line 39 and further.
|
||||
predicate exprWithSplitting(Expr e) {
|
||||
exists(e.getLocation().getFile().getRelativePath()) and
|
||||
1 < count(ControlFlowNode cfn | cfn.getNode() = e)
|
||||
}
|
||||
|
||||
from File f, string msg
|
||||
where
|
||||
exists(f.getRelativePath()) and
|
||||
if exists(Expr e | e.getLocation().getFile() = f and exprWithSplitting(e))
|
||||
then msg = "has splitting"
|
||||
else msg = "does not have splitting"
|
||||
select f.toString(), msg
|
||||
@@ -1,2 +0,0 @@
|
||||
import python
|
||||
import experimental.dataflow.TestUtil.UnresolvedCalls
|
||||
@@ -1,5 +0,0 @@
|
||||
| ../src/urandom_no_if_no_problem.py:34:8:34:20 | ../src/urandom_no_if_no_problem.py:34 | os.urandom(..) |
|
||||
| ../src/urandom_no_import_no_problem.py:34:8:34:20 | ../src/urandom_no_import_no_problem.py:34 | os.urandom(..) |
|
||||
| ../src/urandom_problem.py:34:8:34:20 | ../src/urandom_problem.py:34 | os.urandom(..) |
|
||||
| ../src/urandom_problem.py:42:7:42:16 | ../src/urandom_problem.py:42 | give_src() |
|
||||
| ../src/urandom_problem.py:43:1:43:9 | ../src/urandom_problem.py:43 | SINK(..) |
|
||||
@@ -1,10 +0,0 @@
|
||||
import python
|
||||
private import semmle.python.dataflow.new.internal.PrintNode
|
||||
|
||||
from CallNode call
|
||||
where
|
||||
exists(call.getLocation().getFile().getRelativePath()) and
|
||||
not exists(Value value | call = value.getACall()) and
|
||||
// somehow print is not resolved, but that is not the focus right now
|
||||
not call.getFunction().(NameNode).getId() = "print"
|
||||
select call.getLocation(), prettyExpr(call.getNode())
|
||||
@@ -1 +0,0 @@
|
||||
semmle-extractor-options: --lang=3 --max-import-depth=1 -R ../src
|
||||
@@ -1,3 +0,0 @@
|
||||
missingAnnotationOnSink
|
||||
failures
|
||||
| ../src/urandom_problem.py:43:6:43:8 | ControlFlowNode for foo | Fixed missing result:flow="SOURCE, l:-15 -> foo" |
|
||||
@@ -1,2 +0,0 @@
|
||||
import python
|
||||
import experimental.dataflow.TestUtil.NormalDataflowTest
|
||||
@@ -1,6 +0,0 @@
|
||||
| ../src/eval_no_problem.py | does not have splitting |
|
||||
| ../src/isfile_no_problem.py | does not have splitting |
|
||||
| ../src/simple_no_problem.py | does not have splitting |
|
||||
| ../src/urandom_no_if_no_problem.py | does not have splitting |
|
||||
| ../src/urandom_no_import_no_problem.py | does not have splitting |
|
||||
| ../src/urandom_problem.py | does not have splitting |
|
||||
@@ -1,16 +0,0 @@
|
||||
import python
|
||||
|
||||
// this can be quick-eval to see which ones have splitting. But that's basically just
|
||||
// anything from line 39 and further.
|
||||
predicate exprWithSplitting(Expr e) {
|
||||
exists(e.getLocation().getFile().getRelativePath()) and
|
||||
1 < count(ControlFlowNode cfn | cfn.getNode() = e)
|
||||
}
|
||||
|
||||
from File f, string msg
|
||||
where
|
||||
exists(f.getRelativePath()) and
|
||||
if exists(Expr e | e.getLocation().getFile() = f and exprWithSplitting(e))
|
||||
then msg = "has splitting"
|
||||
else msg = "does not have splitting"
|
||||
select f.toString(), msg
|
||||
@@ -1,2 +0,0 @@
|
||||
| ../src/urandom_problem.py:42:18:42:47 | Comment # $ unresolved_call=give_src() | Missing result:unresolved_call=give_src() |
|
||||
| ../src/urandom_problem.py:43:11:43:75 | Comment # $ unresolved_call=SINK(..) MISSING: flow="SOURCE, l:-15 -> foo" | Missing result:unresolved_call=SINK(..) |
|
||||
@@ -1,2 +0,0 @@
|
||||
import python
|
||||
import experimental.dataflow.TestUtil.UnresolvedCalls
|
||||
@@ -1,3 +0,0 @@
|
||||
| ../src/urandom_no_if_no_problem.py:34:8:34:20 | ../src/urandom_no_if_no_problem.py:34 | os.urandom(..) |
|
||||
| ../src/urandom_no_import_no_problem.py:34:8:34:20 | ../src/urandom_no_import_no_problem.py:34 | os.urandom(..) |
|
||||
| ../src/urandom_problem.py:34:8:34:20 | ../src/urandom_problem.py:34 | os.urandom(..) |
|
||||
@@ -1,10 +0,0 @@
|
||||
import python
|
||||
private import semmle.python.dataflow.new.internal.PrintNode
|
||||
|
||||
from CallNode call
|
||||
where
|
||||
exists(call.getLocation().getFile().getRelativePath()) and
|
||||
not exists(Value value | call = value.getACall()) and
|
||||
// somehow print is not resolved, but that is not the focus right now
|
||||
not call.getFunction().(NameNode).getId() = "print"
|
||||
select call.getLocation(), prettyExpr(call.getNode())
|
||||
@@ -1 +0,0 @@
|
||||
semmle-extractor-options: --lang=3 --dont-split-graph --max-import-depth=1 -R ../src
|
||||
@@ -1,3 +0,0 @@
|
||||
missingAnnotationOnSink
|
||||
failures
|
||||
| ../src/urandom_problem.py:43:6:43:8 | ControlFlowNode for foo | Fixed missing result:flow="SOURCE, l:-15 -> foo" |
|
||||
@@ -1,2 +0,0 @@
|
||||
import python
|
||||
import experimental.dataflow.TestUtil.NormalDataflowTest
|
||||
@@ -1,6 +0,0 @@
|
||||
| ../src/eval_no_problem.py | has splitting |
|
||||
| ../src/isfile_no_problem.py | has splitting |
|
||||
| ../src/simple_no_problem.py | has splitting |
|
||||
| ../src/urandom_no_if_no_problem.py | does not have splitting |
|
||||
| ../src/urandom_no_import_no_problem.py | does not have splitting |
|
||||
| ../src/urandom_problem.py | has splitting |
|
||||
@@ -1,16 +0,0 @@
|
||||
import python
|
||||
|
||||
// this can be quick-eval to see which ones have splitting. But that's basically just
|
||||
// anything from line 39 and further.
|
||||
predicate exprWithSplitting(Expr e) {
|
||||
exists(e.getLocation().getFile().getRelativePath()) and
|
||||
1 < count(ControlFlowNode cfn | cfn.getNode() = e)
|
||||
}
|
||||
|
||||
from File f, string msg
|
||||
where
|
||||
exists(f.getRelativePath()) and
|
||||
if exists(Expr e | e.getLocation().getFile() = f and exprWithSplitting(e))
|
||||
then msg = "has splitting"
|
||||
else msg = "does not have splitting"
|
||||
select f.toString(), msg
|
||||
@@ -1,2 +0,0 @@
|
||||
| ../src/urandom_problem.py:42:18:42:47 | Comment # $ unresolved_call=give_src() | Missing result:unresolved_call=give_src() |
|
||||
| ../src/urandom_problem.py:43:11:43:75 | Comment # $ unresolved_call=SINK(..) MISSING: flow="SOURCE, l:-15 -> foo" | Missing result:unresolved_call=SINK(..) |
|
||||
@@ -1,2 +0,0 @@
|
||||
import python
|
||||
import experimental.dataflow.TestUtil.UnresolvedCalls
|
||||
@@ -1,2 +0,0 @@
|
||||
| ../src/isfile_no_problem.py:34:8:34:31 | ../src/isfile_no_problem.py:34 | os.path.isfile(..) |
|
||||
| ../src/urandom_no_import_no_problem.py:34:8:34:20 | ../src/urandom_no_import_no_problem.py:34 | os.urandom(..) |
|
||||
@@ -1,10 +0,0 @@
|
||||
import python
|
||||
private import semmle.python.dataflow.new.internal.PrintNode
|
||||
|
||||
from CallNode call
|
||||
where
|
||||
exists(call.getLocation().getFile().getRelativePath()) and
|
||||
not exists(Value value | call = value.getACall()) and
|
||||
// somehow print is not resolved, but that is not the focus right now
|
||||
not call.getFunction().(NameNode).getId() = "print"
|
||||
select call.getLocation(), prettyExpr(call.getNode())
|
||||
@@ -1 +0,0 @@
|
||||
semmle-extractor-options: --lang=3 --max-import-depth=0 -R ../src
|
||||
@@ -1,3 +0,0 @@
|
||||
missingAnnotationOnSink
|
||||
failures
|
||||
| ../src/urandom_problem.py:43:6:43:8 | ControlFlowNode for foo | Fixed missing result:flow="SOURCE, l:-15 -> foo" |
|
||||
@@ -1,2 +0,0 @@
|
||||
import python
|
||||
import experimental.dataflow.TestUtil.NormalDataflowTest
|
||||
@@ -1,6 +0,0 @@
|
||||
| ../src/eval_no_problem.py | has splitting |
|
||||
| ../src/isfile_no_problem.py | has splitting |
|
||||
| ../src/simple_no_problem.py | has splitting |
|
||||
| ../src/urandom_no_if_no_problem.py | does not have splitting |
|
||||
| ../src/urandom_no_import_no_problem.py | does not have splitting |
|
||||
| ../src/urandom_problem.py | has splitting |
|
||||
@@ -1,16 +0,0 @@
|
||||
import python
|
||||
|
||||
// this can be quick-eval to see which ones have splitting. But that's basically just
|
||||
// anything from line 39 and further.
|
||||
predicate exprWithSplitting(Expr e) {
|
||||
exists(e.getLocation().getFile().getRelativePath()) and
|
||||
1 < count(ControlFlowNode cfn | cfn.getNode() = e)
|
||||
}
|
||||
|
||||
from File f, string msg
|
||||
where
|
||||
exists(f.getRelativePath()) and
|
||||
if exists(Expr e | e.getLocation().getFile() = f and exprWithSplitting(e))
|
||||
then msg = "has splitting"
|
||||
else msg = "does not have splitting"
|
||||
select f.toString(), msg
|
||||
@@ -1,5 +0,0 @@
|
||||
| ../src/isfile_no_problem.py:34:33:34:70 | Comment # $ unresolved_call=os.path.isfile(..) | Missing result:unresolved_call=os.path.isfile(..) |
|
||||
| ../src/urandom_no_if_no_problem.py:34:31:34:64 | Comment # $ unresolved_call=os.urandom(..) | Missing result:unresolved_call=os.urandom(..) |
|
||||
| ../src/urandom_problem.py:34:31:34:64 | Comment # $ unresolved_call=os.urandom(..) | Missing result:unresolved_call=os.urandom(..) |
|
||||
| ../src/urandom_problem.py:42:18:42:47 | Comment # $ unresolved_call=give_src() | Missing result:unresolved_call=give_src() |
|
||||
| ../src/urandom_problem.py:43:11:43:75 | Comment # $ unresolved_call=SINK(..) MISSING: flow="SOURCE, l:-15 -> foo" | Missing result:unresolved_call=SINK(..) |
|
||||
@@ -1,2 +0,0 @@
|
||||
import python
|
||||
import experimental.dataflow.TestUtil.UnresolvedCalls
|
||||
@@ -1 +0,0 @@
|
||||
| ../src/urandom_no_import_no_problem.py:34:8:34:20 | ../src/urandom_no_import_no_problem.py:34 | os.urandom(..) |
|
||||
@@ -1,10 +0,0 @@
|
||||
import python
|
||||
private import semmle.python.dataflow.new.internal.PrintNode
|
||||
|
||||
from CallNode call
|
||||
where
|
||||
exists(call.getLocation().getFile().getRelativePath()) and
|
||||
not exists(Value value | call = value.getACall()) and
|
||||
// somehow print is not resolved, but that is not the focus right now
|
||||
not call.getFunction().(NameNode).getId() = "print"
|
||||
select call.getLocation(), prettyExpr(call.getNode())
|
||||
@@ -1 +0,0 @@
|
||||
semmle-extractor-options: --lang=3 --max-import-depth=100 -R ../src
|
||||
@@ -1,3 +0,0 @@
|
||||
missingAnnotationOnSink
|
||||
failures
|
||||
| ../src/urandom_problem.py:43:6:43:8 | ControlFlowNode for foo | Fixed missing result:flow="SOURCE, l:-15 -> foo" |
|
||||
@@ -1,2 +0,0 @@
|
||||
import python
|
||||
import experimental.dataflow.TestUtil.NormalDataflowTest
|
||||
@@ -1,6 +0,0 @@
|
||||
| ../src/eval_no_problem.py | has splitting |
|
||||
| ../src/isfile_no_problem.py | has splitting |
|
||||
| ../src/simple_no_problem.py | has splitting |
|
||||
| ../src/urandom_no_if_no_problem.py | does not have splitting |
|
||||
| ../src/urandom_no_import_no_problem.py | does not have splitting |
|
||||
| ../src/urandom_problem.py | has splitting |
|
||||
@@ -1,16 +0,0 @@
|
||||
import python
|
||||
|
||||
// this can be quick-eval to see which ones have splitting. But that's basically just
|
||||
// anything from line 39 and further.
|
||||
predicate exprWithSplitting(Expr e) {
|
||||
exists(e.getLocation().getFile().getRelativePath()) and
|
||||
1 < count(ControlFlowNode cfn | cfn.getNode() = e)
|
||||
}
|
||||
|
||||
from File f, string msg
|
||||
where
|
||||
exists(f.getRelativePath()) and
|
||||
if exists(Expr e | e.getLocation().getFile() = f and exprWithSplitting(e))
|
||||
then msg = "has splitting"
|
||||
else msg = "does not have splitting"
|
||||
select f.toString(), msg
|
||||
@@ -1,5 +0,0 @@
|
||||
| ../src/isfile_no_problem.py:34:33:34:70 | Comment # $ unresolved_call=os.path.isfile(..) | Missing result:unresolved_call=os.path.isfile(..) |
|
||||
| ../src/urandom_no_if_no_problem.py:34:31:34:64 | Comment # $ unresolved_call=os.urandom(..) | Missing result:unresolved_call=os.urandom(..) |
|
||||
| ../src/urandom_problem.py:34:31:34:64 | Comment # $ unresolved_call=os.urandom(..) | Missing result:unresolved_call=os.urandom(..) |
|
||||
| ../src/urandom_problem.py:42:18:42:47 | Comment # $ unresolved_call=give_src() | Missing result:unresolved_call=give_src() |
|
||||
| ../src/urandom_problem.py:43:11:43:75 | Comment # $ unresolved_call=SINK(..) MISSING: flow="SOURCE, l:-15 -> foo" | Missing result:unresolved_call=SINK(..) |
|
||||
@@ -1,2 +0,0 @@
|
||||
import python
|
||||
import experimental.dataflow.TestUtil.UnresolvedCalls
|
||||
@@ -1 +0,0 @@
|
||||
| ../src/urandom_no_import_no_problem.py:34:8:34:20 | ../src/urandom_no_import_no_problem.py:34 | os.urandom(..) |
|
||||
@@ -1,10 +0,0 @@
|
||||
import python
|
||||
private import semmle.python.dataflow.new.internal.PrintNode
|
||||
|
||||
from CallNode call
|
||||
where
|
||||
exists(call.getLocation().getFile().getRelativePath()) and
|
||||
not exists(Value value | call = value.getACall()) and
|
||||
// somehow print is not resolved, but that is not the focus right now
|
||||
not call.getFunction().(NameNode).getId() = "print"
|
||||
select call.getLocation(), prettyExpr(call.getNode())
|
||||
@@ -1 +0,0 @@
|
||||
semmle-extractor-options: --lang=3 --max-import-depth=3 -R ../src
|
||||
@@ -1,5 +0,0 @@
|
||||
missingAnnotationOnSink
|
||||
| ../src/isfile_no_problem.py:43:6:43:8 | ../src/isfile_no_problem.py:43 | ERROR, you should add `# $ MISSING: flow` annotation | foo |
|
||||
failures
|
||||
| ../src/isfile_no_problem.py:43:11:43:41 | Comment # $ flow="SOURCE, l:-15 -> foo" | Missing result:flow="SOURCE, l:-15 -> foo" |
|
||||
| ../src/urandom_problem.py:43:6:43:8 | ControlFlowNode for foo | Fixed missing result:flow="SOURCE, l:-15 -> foo" |
|
||||
@@ -1,2 +0,0 @@
|
||||
import python
|
||||
import experimental.dataflow.TestUtil.NormalDataflowTest
|
||||
@@ -1,6 +0,0 @@
|
||||
| ../src/eval_no_problem.py | has splitting |
|
||||
| ../src/isfile_no_problem.py | has splitting |
|
||||
| ../src/simple_no_problem.py | has splitting |
|
||||
| ../src/urandom_no_if_no_problem.py | does not have splitting |
|
||||
| ../src/urandom_no_import_no_problem.py | does not have splitting |
|
||||
| ../src/urandom_problem.py | has splitting |
|
||||
@@ -1,16 +0,0 @@
|
||||
import python
|
||||
|
||||
// this can be quick-eval to see which ones have splitting. But that's basically just
|
||||
// anything from line 39 and further.
|
||||
predicate exprWithSplitting(Expr e) {
|
||||
exists(e.getLocation().getFile().getRelativePath()) and
|
||||
1 < count(ControlFlowNode cfn | cfn.getNode() = e)
|
||||
}
|
||||
|
||||
from File f, string msg
|
||||
where
|
||||
exists(f.getRelativePath()) and
|
||||
if exists(Expr e | e.getLocation().getFile() = f and exprWithSplitting(e))
|
||||
then msg = "has splitting"
|
||||
else msg = "does not have splitting"
|
||||
select f.toString(), msg
|
||||
@@ -1,6 +0,0 @@
|
||||
| ../src/isfile_no_problem.py:42:7:42:16 | ControlFlowNode for give_src() | Unexpected result: unresolved_call=give_src() |
|
||||
| ../src/isfile_no_problem.py:43:1:43:9 | ControlFlowNode for SINK() | Unexpected result: unresolved_call=SINK(..) |
|
||||
| ../src/urandom_no_if_no_problem.py:34:31:34:64 | Comment # $ unresolved_call=os.urandom(..) | Missing result:unresolved_call=os.urandom(..) |
|
||||
| ../src/urandom_problem.py:34:31:34:64 | Comment # $ unresolved_call=os.urandom(..) | Missing result:unresolved_call=os.urandom(..) |
|
||||
| ../src/urandom_problem.py:42:18:42:47 | Comment # $ unresolved_call=give_src() | Missing result:unresolved_call=give_src() |
|
||||
| ../src/urandom_problem.py:43:11:43:75 | Comment # $ unresolved_call=SINK(..) MISSING: flow="SOURCE, l:-15 -> foo" | Missing result:unresolved_call=SINK(..) |
|
||||
@@ -1,2 +0,0 @@
|
||||
import python
|
||||
import experimental.dataflow.TestUtil.UnresolvedCalls
|
||||
@@ -1,4 +0,0 @@
|
||||
| ../src/isfile_no_problem.py:34:8:34:31 | ../src/isfile_no_problem.py:34 | os.path.isfile(..) |
|
||||
| ../src/isfile_no_problem.py:42:7:42:16 | ../src/isfile_no_problem.py:42 | give_src() |
|
||||
| ../src/isfile_no_problem.py:43:1:43:9 | ../src/isfile_no_problem.py:43 | SINK(..) |
|
||||
| ../src/urandom_no_import_no_problem.py:34:8:34:20 | ../src/urandom_no_import_no_problem.py:34 | os.urandom(..) |
|
||||
@@ -1,10 +0,0 @@
|
||||
import python
|
||||
private import semmle.python.dataflow.new.internal.PrintNode
|
||||
|
||||
from CallNode call
|
||||
where
|
||||
exists(call.getLocation().getFile().getRelativePath()) and
|
||||
not exists(Value value | call = value.getACall()) and
|
||||
// somehow print is not resolved, but that is not the focus right now
|
||||
not call.getFunction().(NameNode).getId() = "print"
|
||||
select call.getLocation(), prettyExpr(call.getNode())
|
||||
@@ -1 +0,0 @@
|
||||
semmle-extractor-options: --lang=3 --max-import-depth=2 -R ../src
|
||||
Reference in New Issue
Block a user