- LongPath.expected: revert wrong rebless from 69c27c53c1b. CI generates
the long-path file during build, so the long-path entry is correct.
- 4 framework/query DataFlowConsistency.expected: pure toString polish
(ControlFlowNode for X -> X / After X).
- essa/ssa-compute/CONSISTENCY/TypeTrackingConsistency.expected: deleted.
The 6 prior 'unreachable node in step of kind ...' violations are gone
under the new SSA; per CI auto-rebless convention the empty file is
removed.
- extractor-tests/syntax_error/CONSISTENCY/CfgConsistency.expected: new.
Documents one expected deadEnd on `break` outside any loop in the
syntax-error test corpus.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Second batch of test reblessings, capturing changes in result content
(not just toString labels):
- Framework taint/concept tests (fastapi, sqlalchemy, aiohttp, lxml,
stdlib, django-orm): mostly gained MISSING-tainted annotations where
the new dataflow no longer reaches sinks. Some are real taint
regressions; left as documented failures for follow-up.
- Exception-handler tests (CWE-209-StackTraceExposure, EmptyExcept,
CatchingBaseException, IncorrectExceptOrder, FileNotAlwaysClosed,
FindSubclass/Find, Statements/exit/UseOfExit): the no-raise shared CFG
abstraction does not emit ExceptionSuccessor abrupt-completion edges
from arbitrary expressions, so except-handler bodies (and their
exception target Names) are statically dead. Tracked separately under
cfg-modelling-exceptions.
- Dataflow-path / control-flow node toString polish across the security
query suite (PathInjection, CodeInjection, UnsafeUnpacking,
UnsafeUsageOfClientSideEncryptionVersion, RequestWithoutValidation,
ReflectedXss, CallGraph): simple-leaf nodes now stringify as their
AST text instead of 'After X'.
- SSA / call-graph improvements (CmpTest, CallGraph/InlineCallGraphTest):
fewer SSA mismatches between new and old; two previously-MISSING tt=
annotations resolved.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
The base source is in basic-overlay-eval/orig_src,
the overlay source is in basic-full-eval.
We run two tests: a full evaluation test in basic-full-eval,
and an overlay evaluation test in basic-overlay-eval.
The test source and expected results are the SAME,
due to the .qlref, meaning we expect the same results
for full and overlay evaluation.
Observed on some test files in Nuitka/Nuitka, having `break` and
`continue` outside of loops in Python is (to Python) a syntax error, but
our parser happily accepted this broken syntax.
This then caused issues further downstream in the control-flow
construction, as it broke some invariants.
To fix this we now skip the code that would previously fail when the
invariants are broken.
Co-authored-by: yoff <yoff@github.com>
The `**/src_archive/**` exclusion patterns seem to have to do with
trying to exclude archived source files from being picked up for the
extractor while running the test itself. However it seems that directory
is not being used any more by `codeql` (which uses a `src` directory
instead).
A `*.testproj` exclusion pattern will work in a more robust way, by
excluding any file inside the database being built.
I'm beginning to realise why I didn't do the `toString` overriding way
back when. Thankfully, now that all of our tests are in the same place,
this is actually not a terrible ordeal.
These were causing `git` to behave strangely, leaving files that were
impossible to reset. In the future we should probably generate these
problematic test files on the fly, so that they don't have to exist in
the repo, but in the short run, it's easier to just remove them so as to
not block other users of the repo.
