mirror of
https://github.com/github/codeql.git
synced 2026-02-23 02:13:41 +01:00
ab8cc23ce7
Most interesting to look at the custom sanitizers. Once we have use-use flow, we should handle this case: ``` s = TAINTED_STRING emulated_authentication_check(s) ensure_not_tainted(s) ```
57 lines
1.1 KiB
Python
57 lines
1.1 KiB
Python
import sys; import os; sys.path.append(os.path.dirname(os.path.dirname((__file__))))
|
|
from taintlib import *
|
|
|
|
# This has no runtime impact, but allows autocomplete to work
|
|
from typing import TYPE_CHECKING
|
|
if TYPE_CHECKING:
|
|
from ..taintlib import *
|
|
|
|
|
|
# Actual tests
|
|
|
|
def emulated_authentication_check(arg):
|
|
if not arg == "safe":
|
|
raise Exception("user unauthenticated")
|
|
|
|
|
|
def test_custom_sanitizer():
|
|
s = TAINTED_STRING
|
|
|
|
try:
|
|
emulated_authentication_check(s)
|
|
ensure_not_tainted(s)
|
|
except:
|
|
pass
|
|
|
|
|
|
def emulated_is_safe(arg):
|
|
# emulating something we won't be able to look at source code for
|
|
return eval("False")
|
|
|
|
|
|
def test_custom_sanitizer_guard():
|
|
s = TAINTED_STRING
|
|
|
|
if emulated_is_safe(s):
|
|
ensure_not_tainted(s)
|
|
else:
|
|
ensure_tainted(s)
|
|
|
|
|
|
def emulated_escaping(arg):
|
|
return arg.replace("<", "?").replace(">", "?").replace("'", "?").replace("\"", "?")
|
|
|
|
|
|
def test_escape():
|
|
s = TAINTED_STRING
|
|
|
|
s2 = emulated_escaping(s)
|
|
ensure_not_tainted(s2)
|
|
|
|
|
|
# Make tests runable
|
|
|
|
test_custom_sanitizer()
|
|
test_custom_sanitizer_guard()
|
|
test_escape()
|