From fa758d6bf5e44bbd22298de3ad609483b3f7988a Mon Sep 17 00:00:00 2001
From: Rasmus Lerchedahl Petersen <yoff@github.com>
Date: Tue, 3 Dec 2024 18:33:47 +0100
Subject: [PATCH] python: fix test

---
 .../test/library-tests/frameworks/tornado/taint_test.py   | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/python/ql/test/library-tests/frameworks/tornado/taint_test.py b/python/ql/test/library-tests/frameworks/tornado/taint_test.py
index c4f95ec511d..d6dac013fbc 100644
--- a/python/ql/test/library-tests/frameworks/tornado/taint_test.py
+++ b/python/ql/test/library-tests/frameworks/tornado/taint_test.py
@@ -63,9 +63,8 @@ class TaintTest(tornado.web.RequestHandler):
             request.headers["header-name"], # $ tainted
             request.headers.get_list("header-name"), # $ tainted
             request.headers.get_all(), # $ tainted
-            [(k, v) for (k, v) in request.headers.get_all()], # $ MISSING: tainted
             [(k, v) for (k, v) in request.headers.get_all()][0], # $ tainted
-            list([(k, v) for (k, v) in request.headers.get_all()]), # $ MISSING: tainted
+            list([(k, v) for (k, v) in request.headers.get_all()])[0], # $ tainted
 
             # Dict[str, http.cookies.Morsel]
             request.cookies, # $ tainted
@@ -75,6 +74,11 @@ class TaintTest(tornado.web.RequestHandler):
             request.cookies["cookie-name"].coded_value, # $ tainted
         )
 
+        ensure_not_tainted(
+            [(k, v) for (k, v) in request.headers.get_all()], # The comprehension is not tainted, only the elements
+            list([(k, v) for (k, v) in request.headers.get_all()]), # Here, all the elements of the list are tainted, but the list is not.
+        )
+
 
 def make_app():
     return tornado.web.Application(