hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
74,247 Commits 1,671 Branches 157 Tags
codeql-cli-2.20.1
Commit Graph

80 Commits

Author SHA1 Message Date
Michael Nebel
2321ca59f6 Python: Update all test util paths to point to the new location. 2024-12-12 13:54:30 +01:00
Jeroen Ketema
c3ea883b11 Python: Update expected test results 2024-12-03 19:18:57 +01:00
Paolo Tranquilli
daea773fce Python: tests with false positives around match 2024-06-14 17:28:35 +02:00
Taus
f1392712ee Python: Add .copy() as a copy step 2024-02-22 13:09:27 +00:00
Taus
5125973f9b Python: Add test case for .copy() as a copy step 2024-02-22 13:01:03 +00:00
Anders Schack-Mulligen
088a0a54ba Python: Add empty provenance column to expected files. 2024-02-09 11:32:08 +01:00
Taus
96b1b8e402 Python: Remove empty lines from test file 2024-01-24 12:31:23 +00:00
Taus
d6d59377d3 Python: Fix flow through deepcopy 
Or, more generally, any copy step, as these presumably do not preserve
object identity.

(Arguably, `copy` could still be susceptible to interior mutability, but
I think that's outside the scope of this query anyway.)
 2024-01-22 15:40:30 +00:00
Taus
14c958ac4d Python: Remove mutable default sources from inside stdlib 2024-01-22 15:23:52 +00:00
Taus
411c107660 Python: Add tests for deepcopy FPs 
There are two issues with `deepcopy` here. Firstly, the `deepcopy` function itself
has a mutable default value in its parameter `_nil` (set to the empty list by default).

Now, this value is never actually returned from `deepcopy`, as it is only used as a
sentinel, but our analysis is not clever enough to see this. Thus, it thinks that this
mutable default is returned, and hence the result of any call to `deepcopy` is a
potential source.

To remedy this, I opted to simply exclude all sources that originate from within the
standard library. It is very unlikely for any of the sources in the standard library
to be legit.

Secondly, `deepcopy` -- by virtue of being a function that we model as preserving
values -- admits data-flow through its calls, but this is not correct for the mutable
default query, as it is here the _identity_ of the default value in question that is
important. Thus, we get spurious flow through `deepcopy` for this specific query.
 2024-01-22 15:21:57 +00:00
Taus
4742481070 Python: Consolidate "mutable default" tests 
Moves the existing tests into the `ModificationOfParameterWithDefault` subdirectory
which already contained a bunch more tests. In the process, I also removed some
duplicated test cases.
 2024-01-22 13:50:33 +00:00
Rasmus Wriedt Larsen
55f5b26ba6 Python: Accept new ordering of query predicates in .expected 2023-11-15 10:09:54 +01:00
Rasmus Wriedt Larsen
ce6335866b Python: Move ModificationOfParameterWithDefault to new dataflow API 2023-08-28 16:19:47 +02:00
Jeroen Ketema
8f599faf85 Python: Rewrite inline expectation tests to use parameterized module 2023-06-09 10:42:29 +02:00
Kasper Svendsen
d9f29a85d6 Python: Enable implicit this warnings 2023-05-04 10:16:52 +02:00
Calum Grant
a1d229e445 Python: Remove references to LGTM 2022-12-19 15:15:32 +00:00
erik-krogh
944ca4a0da fix some more style-guide violations in the alert-messages 2022-10-07 11:23:34 +02:00
erik-krogh
0de0325c8e change the alert-message for py/modification-of-default-value 2022-09-05 13:30:56 +02:00
erik-krogh
089ce5a8a4 change alert messages of path queries to use the same template 2022-09-02 14:45:40 +02:00
Rasmus Lerchedahl Petersen
2eb11731e2 Python: Subpaths in test output 2021-09-10 14:04:57 +02:00
Rasmus Lerchedahl Petersen
7cfa08abc8 Python: Do not use BarrierGuards 
They are simply not right for this problem.
We should not even make them available as an extension point.
 2021-09-10 12:48:24 +02:00
Rasmus Lerchedahl Petersen
b20232db3c Python: Simplify guards as suggested 2021-09-10 10:31:48 +02:00
Rasmus Lerchedahl Petersen
e8644f6f2a Python: coment out discriminating test 
The test case has different behaviour between py2/3.
When merging this, we should create an issue to resolve it.
 2021-09-07 10:30:38 +02:00
Rasmus Lerchedahl Petersen
b48caaf465 Python: fix reference to PrintNode.qll 2021-09-07 10:19:42 +02:00
Rasmus Lerchedahl Petersen
29cb067769 Python: Remember to update test expectations 2021-09-07 10:13:17 +02:00
Rasmus Lerchedahl Petersen
4998a48f99 Python: Fix simple guards 2021-09-06 22:40:30 +02:00
Rasmus Lerchedahl Petersen
913990bc62 Python: Add suggested comments and test case 2021-09-03 14:40:16 +02:00
yoff
c6eb795e76 Apply suggestions from code review 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2021-09-03 14:23:57 +02:00
Rasmus Lerchedahl Petersen
a855074588 Python: Try to remove py2/3 differences 2021-08-30 15:41:51 +02:00
Rasmus Lerchedahl Petersen
a762373ad6 Python: Implement simple barrier guard 
The one found in the original test case
 2021-08-30 11:04:27 +02:00
Rasmus Lerchedahl Petersen
49ae549e89 Python: Implement modifying syntax 2021-08-26 14:29:18 +02:00
Rasmus Lerchedahl Petersen
097c23e437 Python: add inline expectations test 
Consider removing the original test
 2021-08-26 14:08:52 +02:00
Rasmus Lerchedahl Petersen
d834cec9b9 Python: test simple sanitizer 2021-08-26 11:31:20 +02:00
Rasmus Lerchedahl Petersen
8614563b42 Python: More tests of syntactic constructs 2021-08-26 10:56:41 +02:00
Rasmus Lerchedahl Petersen
e865a290de Python: straight port of query 
The old query uses `pointsTo` to limit the sinks
to methods on lists and dictionaries.
That constraint is omitted here which could hurt performance.
 2021-08-24 16:35:11 +02:00
Rasmus Lerchedahl Petersen
e3765ced78 Python: Add tests for modification of defaults 2021-08-24 16:35:11 +02:00
Rasmus Lerchedahl Petersen
60d5ba23b3 Python: Move test into appropriate class. 
Also update test expectations with changed line numbers.
 2020-05-15 13:51:51 +02:00
Rasmus Lerchedahl Petersen
1b0687e2f2 Python: update expectations correctly 2020-05-15 13:25:20 +02:00
Rasmus Lerchedahl Petersen
21d1ea5d96 Merge branch 'boolDefault' of github.com:yoff/codeql into boolDefault 2020-05-14 16:06:58 +02:00
Rasmus Lerchedahl Petersen
1817d2af2b Make test for wrong bool type pass 2020-05-14 15:56:57 +02:00
Rasmus Lerchedahl Petersen
7b004c3746 Python: Add test for wrong exception type 2020-05-14 15:42:52 +02:00
yoff
e5eadf9126 Update python/ql/test/query-tests/Functions/general/protocols.py 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2020-05-14 07:34:53 +02:00
Rasmus Lerchedahl Petersen
6a35c6b4d4 Test: __bool__ does not raise TypeError by default 2020-05-12 15:28:12 +02:00
Rasmus Wriedt Larsen
5d5d412b78 Python: Add test of safe methods for py/modification-of-default-value 2020-05-05 11:14:37 +02:00
Rasmus Wriedt Larsen
b2b0296120 Merge pull request #3242 from BekaValentine/python-objectapi-to-valueapi-incorrectlyoverridenmethod 
Python: ObjectAPI to ValueAPI: IncorrectlyOverriddenMethod
 2020-04-24 16:28:11 +02:00
Rebecca Valentine
89752f4b55 Merge branch 'master' into python-objectapi-to-valueapi-wrongnumberargumentsincall 2020-04-22 09:52:33 -07:00
Rebecca Valentine
9cd2171fb8 Merge branch 'master' into python-objectapi-to-valueapi-incorrectlyoverridenmethod 2020-04-22 09:40:33 -07:00
Taus
8402e6a2e1 Merge pull request #3243 from BekaValentine/python-objectapi-to-valueapi-incorrectlyspecifiedoverriddenmethod 
Python: ObjectAPI to ValueAPI: IncorrectlySpecifiedOverriddenMethod
 2020-04-14 18:55:42 +02:00
Taus
3e46604fa5 Merge pull request #3223 from BekaValentine/python-objectapi-to-valueapi-iterreturnsnoniterator 
Python: ObjectAPI to ValueAPI: IterReturnsNonIterator
 2020-04-14 12:55:21 +02:00
Rebecca Valentine
336e48c5c6 Python: ObjectAPI to ValueAPI: IncorrectlySpecifiedOverriddenMethod: Adds preliminary modernization 2020-04-09 14:50:26 -07:00