hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 18:10:39 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,738 Commits 1,671 Branches 157 Tags
tausbn/python-add-models-for-zstd-compression
Commit Graph

88 Commits

Author SHA1 Message Date
Taus
7176898503 Python: Fix library tests 2025-11-26 12:30:31 +00:00
Taus
fef08afff9 Python: Remove points-to to from ControlFlowNode 
Moves the existing points-to predicates to the newly added class
`ControlFlowNodeWithPointsTo` which resides in the `LegacyPointsTo`
module.

(Existing code that uses these predicates should import this module, and
references to `ControlFlowNode` should be changed to
`ControlFlowNodeWithPointsTo`.)

Also updates all existing points-to based code to do just this.
 2025-10-30 13:30:04 +00:00
Taus
58eaddf627 Python: Update all .expected files 
I'm beginning to realise why I didn't do the `toString` overriding way
back when. Thankfully, now that all of our tests are in the same place,
this is actually not a terrible ordeal.
 2024-04-22 12:00:09 +00:00
erik-krogh
bfe7e62f35 update some expected outputs - some tests no longer have an edges relation - and XsltSinks lost a result 2023-06-14 08:31:57 +02:00
erik-krogh
e463819bc2 get ParamSource.ql to compile by deleting import that got deleted - I have no if this is a good change 2023-06-14 08:31:57 +02:00
erik-krogh
ae8bf5ed3c delete old deprecations 2023-06-14 08:31:51 +02:00
Erik Krogh Kristensen
755b0bbcb9 PY: update tests to not use deleted deprecations 2022-03-09 18:28:13 +01:00
Erik Krogh Kristensen
61e282da84 PY: delete test that mostly used deleted deprecated features 2022-03-09 18:28:13 +01:00
Erik Krogh Kristensen
309e376c6d PY: convert test to not use deleted deprecations 2022-03-09 18:28:12 +01:00
Taus
d2603884ca Python: Fix a bunch of class QLDoc 2022-03-07 18:59:49 +00:00
Mathias Vorreiter Pedersen
a80860cdc6 Python: Replace '.prefix'/'.suffix' with '.matches'. 2021-10-13 13:23:12 +01:00
Erik Krogh Kristensen
1d2ca42d49 update expected output 2020-10-15 13:42:13 +02:00
Erik Krogh Kristensen
9b7c59f4b4 implement printAst for Python 2020-10-12 21:17:46 +02:00
Taus Brock-Nannestad
45eccb2521 Python: Fix test failures. 2020-07-07 17:01:17 +02:00
Taus Brock-Nannestad
f07a7bf8cf Python: Autoformat everything using qlformat. 
Will need subsequent PRs fixing up test failures (due to deprecated
methods moving around), but other than that everything should be
straight-forward.
 2020-07-07 15:43:52 +02:00
Taus Brock-Nannestad
48e3e9c0b4 Python: Do all the renames. 2020-06-19 17:02:47 +02:00
Rasmus Wriedt Larsen
f602f3e1c7 Python: Use proper import for semmle.python.dataflow.TaintTracking 
It was moved in 637677d515, but imports were not
updated.
 2020-05-25 13:45:49 +02:00
Rasmus Wriedt Larsen
e569d7ae41 Merge branch 'master' into python-parse_qs 2020-04-30 17:05:17 +02:00
Rasmus Wriedt Larsen
e0b4518a3e Merge branch 'master' into python-improve-file-taint 2020-04-30 11:24:29 +02:00
Rasmus Wriedt Larsen
fe50811bbf Python: In taint test, list comprehension => for loop 
Apparently they're not the same thing :(
 2020-04-23 14:13:00 +02:00
Rasmus Wriedt Larsen
1fe0040086 Python: Don't use six in urllib.parse string related tests 
Since this test inheriently has `--max-import-depth=1`, by using six, we would
never look at the actual source-code of urllib.parse/urlparse and therefore the
test would never show if we understood the library code good enough that we
could propagate taint out-of-the-box.

All tests moved by one line... that is why the diff is so big
 2020-04-23 13:00:45 +02:00
Rasmus Wriedt Larsen
94ae2febe5 Python: Propagate taint through parse_qsl 2020-04-23 12:14:22 +02:00
Rasmus Wriedt Larsen
86630f1d6c Python: Handle readline, readlines for ExternalFileObject 2020-04-23 10:40:16 +02:00
Rasmus Wriedt Larsen
7385ea5024 Python: Add tests for ExternalFileObject 2020-04-23 10:36:51 +02:00
Rasmus Wriedt Larsen
30e2592701 Python: Propagate taint through parse_qs 2020-04-22 08:55:35 +02:00
Rasmus Wriedt Larsen
b7145af447 Python: Handle all methods in StringKind.getTaintOfMethodResult 2020-04-20 16:07:30 +02:00
Rasmus Wriedt Larsen
10b36bb7a8 Python: Taint of string method reference isn't handled 2020-04-20 15:01:40 +02:00
Rasmus Wriedt Larsen
0b4bfed726 Merge pull request #3156 from tausbn/python-autoformat-all-ql-files 
Python: Autoformat all `.ql` files.
 2020-03-30 16:24:18 +02:00
Taus Brock-Nannestad
b990fac97b Python: Fix test failures. 
How could the tests fail because of autoformatting, you may ask?

The answer is deprecation warnings. These specify the location of the deprecated
entity, and due to autoformatting these moved around.
 2020-03-30 13:55:38 +02:00
Taus Brock-Nannestad
6eb9c6f84d Merge branch 'master' into python-autoformat-almost-everything 2020-03-30 12:24:01 +02:00
Taus Brock-Nannestad
87a9f51c78 Python: Autoformat all .ql files. 2020-03-30 11:59:10 +02:00
Rasmus Wriedt Larsen
8aadb8bd06 Python: Fix iterable-unpacking tests 2020-03-27 11:42:37 +01:00
Taus Brock-Nannestad
165dcd37a1 Python: Autoformat library-tests. 2020-03-20 16:35:37 +01:00
Taus Brock-Nannestad
48a47e1b54 Python: Fix broken test output. 2020-03-03 19:45:13 +01:00
Taus Brock-Nannestad
eecace788f Python: Fix or disable CPs introduced by #2700 and #2875. 2020-03-03 18:18:03 +01:00
Rasmus Wriedt Larsen
771dfecf6d Python: Add sanitized edges for urlsplit test 2020-02-26 14:10:30 +01:00
Rasmus Wriedt Larsen
0b31cb1716 Python: Show that we have initial taint in urlsplit test 2020-02-26 14:09:02 +01:00
Rasmus Wriedt Larsen
bfa7553095 Python: urlsplit sanitizer handles in [KNOWN_VALUE] 2020-02-21 16:03:29 +01:00
Rasmus Wriedt Larsen
798db91f71 Python: Add more urlsplit tests 2020-02-21 15:51:33 +01:00
Rasmus Wriedt Larsen
31ff652cb3 Python: Make Sanitizer available for urlsplit taint 
It isn't used by default, it has to *actively* be enabled.
 2020-02-21 15:18:53 +01:00
Rasmus Wriedt Larsen
fd270cc02c Python: Add basic taint support for urlsplit/urlparse 2020-02-19 16:31:10 +01:00
Rasmus Wriedt Larsen
74345b1c05 Python: Make library-tests/taint/strings tests more transparent 
Following the setup I invented for library-tests/taint/unpacking.

TestStep is still a bit annoying, since the output is not easy to eyeball; but
for now I guess we can live with it :)

I honestly didn't get the point of DistinctStringKinds.ql, other than showing we
can handle multiple taint kinds
 2020-02-19 16:24:22 +01:00
Rasmus Wriedt Larsen
781024d679 Python: Recognize taint for iterable unpacking 2020-01-27 14:43:07 +01:00
Rasmus Wriedt Larsen
a3f1f4cb87 Python: Add iterable unpacking tests 2020-01-27 14:43:07 +01:00
Rasmus Wriedt Larsen
fa48fb04f5 Python: Recognize nested tuple/list assignment 
Now we recognize `[(x,y)] = [(1,2)]` -- in itself not a widely used idiom, but
more of a warmup excersize for me
 2020-01-27 14:42:54 +01:00
Rasmus Wriedt Larsen
9763ec71fe Python: Add tests for nested assignment 2020-01-27 14:39:34 +01:00
Taus
5a2dfd40af Merge pull request #2639 from RasmusWL/python-improve-dict-taint 
Python: Improve tests for tainted collections
 2020-01-24 15:06:01 +01:00
Rasmus Wriedt Larsen
5778764a48 Python: Stop using deprecated getName in collections taint test 2020-01-24 10:32:17 +01:00
Rasmus Wriedt Larsen
3db551d6bc Python: Use variables in collection-taint test 
They are not tainted in assignment, only in use.

I also adopted an attempt at a better test-setup, where it's easy to see if
everything is the way you hoped for, instead of browsing through 100 of lines of
taint-step output :P
 2020-01-24 10:32:17 +01:00
Taus
d06e86f54d Merge pull request #2662 from RasmusWL/python-taint-on-eq-test 
Python: Only clear taint on constant comparison in if
 2020-01-23 13:41:40 +01:00