mirror of
https://github.com/github/codeql.git
synced 2025-12-21 11:16:30 +01:00
3e7dc12246
The meat of this PR is described in the new python/ql/test/experimental/meta/InlineTaintTest.qll file: > Defines a InlineExpectationsTest for checking whether any arguments in > `ensure_tainted` and `ensure_not_tainted` calls are tainted. > > Also defines query predicates to ensure that: > - if any arguments to `ensure_not_tainted` are tainted, their annotation is marked with `SPURIOUS`. > - if any arguments to `ensure_tainted` are not tainted, their annotation is marked with `MISSING`. > > The functionality of this module is tested in `ql/test/experimental/meta/inline-taint-test-demo`.
33 lines
739 B
Python
33 lines
739 B
Python
# Add taintlib to PATH so it can be imported during runtime without any hassle
|
|
import sys; import os; sys.path.append(os.path.dirname(os.path.dirname((__file__))))
|
|
from taintlib import *
|
|
|
|
# This has no runtime impact, but allows autocomplete to work
|
|
from typing import TYPE_CHECKING
|
|
if TYPE_CHECKING:
|
|
from ..taintlib import *
|
|
|
|
# Actual tests
|
|
|
|
def test_access():
|
|
tainted_list = TAINTED_LIST
|
|
|
|
ensure_tainted(
|
|
tainted_list.copy(), # $ tainted
|
|
)
|
|
|
|
|
|
def list_clear():
|
|
tainted_string = TAINTED_STRING
|
|
tainted_list = [tainted_string]
|
|
|
|
ensure_tainted(tainted_list) # $ tainted
|
|
|
|
tainted_list.clear()
|
|
ensure_not_tainted(tainted_list) # $ SPURIOUS: tainted
|
|
|
|
# Make tests runable
|
|
|
|
test_access()
|
|
list_clear()
|