From 4977790617e3c947852f7f7cb72e8c4f617b7eb8 Mon Sep 17 00:00:00 2001 From: Rasmus Wriedt Larsen Date: Wed, 2 Sep 2020 13:46:47 +0200 Subject: [PATCH 1/4] Python: dataflow regression tests: fix source2 --- .../test/experimental/dataflow/regression/dataflow.expected | 6 +++--- python/ql/test/experimental/dataflow/regression/test.py | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/python/ql/test/experimental/dataflow/regression/dataflow.expected b/python/ql/test/experimental/dataflow/regression/dataflow.expected index 2281a9011427..d573ec5d17f1 100644 --- a/python/ql/test/experimental/dataflow/regression/dataflow.expected +++ b/python/ql/test/experimental/dataflow/regression/dataflow.expected @@ -10,10 +10,10 @@ | test.py:76:9:76:14 | ControlFlowNode for SOURCE | test.py:78:10:78:10 | ControlFlowNode for t | | test.py:128:13:128:18 | ControlFlowNode for SOURCE | test.py:132:14:132:14 | ControlFlowNode for t | | test.py:159:10:159:15 | ControlFlowNode for SOURCE | test.py:160:14:160:14 | ControlFlowNode for t | -| test.py:163:9:163:14 | ControlFlowNode for SOURCE | test.py:165:10:165:10 | ControlFlowNode for s | +| test.py:163:9:163:14 | ControlFlowNode for SOURCE | test.py:165:12:165:12 | ControlFlowNode for s | | test.py:178:9:178:14 | ControlFlowNode for SOURCE | test.py:180:14:180:14 | ControlFlowNode for t | -| test.py:178:9:178:14 | ControlFlowNode for SOURCE | test.py:182:14:182:14 | ControlFlowNode for t | -| test.py:178:9:178:14 | ControlFlowNode for SOURCE | test.py:184:14:184:14 | ControlFlowNode for t | +| test.py:178:9:178:14 | ControlFlowNode for SOURCE | test.py:182:16:182:16 | ControlFlowNode for t | +| test.py:178:9:178:14 | ControlFlowNode for SOURCE | test.py:184:16:184:16 | ControlFlowNode for t | | test.py:178:9:178:14 | ControlFlowNode for SOURCE | test.py:186:14:186:14 | ControlFlowNode for t | | test.py:195:9:195:14 | ControlFlowNode for SOURCE | test.py:197:14:197:14 | ControlFlowNode for t | | test.py:195:9:195:14 | ControlFlowNode for SOURCE | test.py:199:14:199:14 | ControlFlowNode for t | diff --git a/python/ql/test/experimental/dataflow/regression/test.py b/python/ql/test/experimental/dataflow/regression/test.py index dc19f6b9e785..dbfc6485f4e7 100644 --- a/python/ql/test/experimental/dataflow/regression/test.py +++ b/python/ql/test/experimental/dataflow/regression/test.py @@ -40,8 +40,8 @@ def test7(cond): if cond: SINK(t) -def source2(arg): - return source(arg) +def source2(): + return source() def sink2(arg): sink(arg) @@ -50,7 +50,7 @@ def sink3(cond, arg): if cond: sink(arg) -def test8(cond): # This flow is shadowed by previous tests, perhaps do a path query +def test8(cond): t = source2() sink2(t) From 552637a446698aa16e441e3d646687dba17b3f42 Mon Sep 17 00:00:00 2001 From: Rasmus Wriedt Larsen Date: Wed, 2 Sep 2020 13:50:24 +0200 Subject: [PATCH 2/4] Python: dataflow regression tests: fix flow_in_iteration --- python/ql/test/experimental/dataflow/regression/test.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/python/ql/test/experimental/dataflow/regression/test.py b/python/ql/test/experimental/dataflow/regression/test.py index dbfc6485f4e7..0908bb557499 100644 --- a/python/ql/test/experimental/dataflow/regression/test.py +++ b/python/ql/test/experimental/dataflow/regression/test.py @@ -201,8 +201,8 @@ def flow_through_type_test_if_no_class(): def flow_in_iteration(): t = ITERABLE_SOURCE # Seems to not be sunk anywhere for i in t: - i - return i + SINK(i) + SINK(i) def flow_in_generator(): seq = [SOURCE] From bf3a266f581ccbe14497dc50b7ecd85a243c1890 Mon Sep 17 00:00:00 2001 From: Rasmus Wriedt Larsen Date: Wed, 2 Sep 2020 13:51:00 +0200 Subject: [PATCH 3/4] Python: dataflow regression tests: remove taint tracking tests they will be reintroduced in an other PR --- .../experimental/dataflow/regression/test.py | 19 ------------------- 1 file changed, 19 deletions(-) diff --git a/python/ql/test/experimental/dataflow/regression/test.py b/python/ql/test/experimental/dataflow/regression/test.py index 0908bb557499..40fe30c8499f 100644 --- a/python/ql/test/experimental/dataflow/regression/test.py +++ b/python/ql/test/experimental/dataflow/regression/test.py @@ -212,22 +212,3 @@ def flow_in_generator(): def flow_from_generator(): for x in flow_in_generator(): SINK(x) # Flow not found - -def const_eq_clears_taint(): - tainted = SOURCE - if tainted == "safe": - SINK(tainted) # safe # FP - SINK(tainted) # unsafe - -def const_eq_clears_taint2(): - tainted = SOURCE - if tainted != "safe": - return - SINK(tainted) # safe # FP - -def non_const_eq_preserves_taint(x): - tainted = SOURCE - if tainted == tainted: - SINK(tainted) # unsafe - if tainted == x: - SINK(tainted) # unsafe From b958c3b833706e4344cc0640e673079d2ffabae0 Mon Sep 17 00:00:00 2001 From: Rasmus Wriedt Larsen Date: Thu, 3 Sep 2020 11:13:32 +0200 Subject: [PATCH 4/4] Python: Update comment for test8 --- python/ql/test/experimental/dataflow/regression/test.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/python/ql/test/experimental/dataflow/regression/test.py b/python/ql/test/experimental/dataflow/regression/test.py index 40fe30c8499f..fcf7573b452a 100644 --- a/python/ql/test/experimental/dataflow/regression/test.py +++ b/python/ql/test/experimental/dataflow/regression/test.py @@ -50,7 +50,7 @@ def sink3(cond, arg): if cond: sink(arg) -def test8(cond): +def test8(cond): # This test currently adds nothing, as we only track SOURCE -> SINK, and previous tests already add flow from line 10 to line 13 t = source2() sink2(t)