hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-20 10:46:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
ee314a4dad92fe6bbd3f99d08373f5088c2e467a
codeql/python/ql/test/experimental/dataflow/tainttracking/defaultAdditionalTaintStep-py3/test_string.py
Rasmus Wriedt Larsen 3e7dc12246 Python: Port taint tests to use inline expectations 
The meat of this PR is described in the new python/ql/test/experimental/meta/InlineTaintTest.qll file:

> Defines a InlineExpectationsTest for checking whether any arguments in
> `ensure_tainted` and `ensure_not_tainted` calls are tainted.
>
> Also defines query predicates to ensure that:
> - if any arguments to `ensure_not_tainted` are tainted, their annotation is marked with `SPURIOUS`.
> - if any arguments to `ensure_tainted` are not tainted, their annotation is marked with `MISSING`.
>
> The functionality of this module is tested in `ql/test/experimental/meta/inline-taint-test-demo`.
2021-04-15 18:00:33 +02:00

56 lines
1.3 KiB
Python
Raw Blame History

# Add taintlib to PATH so it can be imported during runtime without any hassle
import sys; import os; sys.path.append(os.path.dirname(os.path.dirname((__file__))))
from taintlib import *
# This has no runtime impact, but allows autocomplete to work
from typing import TYPE_CHECKING
if TYPE_CHECKING:
from ..taintlib import *
# Actual tests
def str_methods():
print("\n# str_methods")
ts = TAINTED_STRING
tb = TAINTED_BYTES
ensure_tainted(
ts.casefold(), # $ tainted
ts.format_map({}), # $ tainted
"{unsafe}".format_map({"unsafe": ts}), # $ tainted
)
def binary_decode_encode():
print("\n# binary_decode_encode")
tb = TAINTED_BYTES
import base64
ensure_tainted(
# New in Python 3.4
base64.a85encode(tb), # $ tainted
base64.a85decode(base64.a85encode(tb)), # $ tainted
# New in Python 3.4
base64.b85encode(tb), # $ tainted
base64.b85decode(base64.b85encode(tb)), # $ tainted
# New in Python 3.1
base64.encodebytes(tb), # $ tainted
base64.decodebytes(base64.encodebytes(tb)), # $ tainted
)
def f_strings():
print("\n# f_strings")
ts = TAINTED_STRING
ensure_tainted(f"foo {ts} bar") # $ tainted
# Make tests runable
str_methods()
binary_decode_encode()
f_strings()
Reference in New Issue View Git Blame Copy Permalink