Skip to content

Small fixups to your PR to my PR #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
yoff merged 4 commits into from
Sep 3, 2020
Merged

Small fixups to your PR to my PR #1

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
4977790
Python: dataflow regression tests: fix source2
RasmusWL Sep 2, 2020
552637a
Python: dataflow regression tests: fix flow_in_iteration
RasmusWL Sep 2, 2020
bf3a266
Python: dataflow regression tests: remove taint tracking tests
RasmusWL Sep 2, 2020
b958c3b
Python: Update comment for test8
RasmusWL Sep 3, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 3 additions & 3 deletions python/ql/test/experimental/dataflow/regression/dataflow.expected
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,10 +10,10 @@
| test.py:76:9:76:14 | ControlFlowNode for SOURCE | test.py:78:10:78:10 | ControlFlowNode for t |
| test.py:128:13:128:18 | ControlFlowNode for SOURCE | test.py:132:14:132:14 | ControlFlowNode for t |
| test.py:159:10:159:15 | ControlFlowNode for SOURCE | test.py:160:14:160:14 | ControlFlowNode for t |
| test.py:163:9:163:14 | ControlFlowNode for SOURCE | test.py:165:10:165:10 | ControlFlowNode for s |
| test.py:163:9:163:14 | ControlFlowNode for SOURCE | test.py:165:12:165:12 | ControlFlowNode for s |
| test.py:178:9:178:14 | ControlFlowNode for SOURCE | test.py:180:14:180:14 | ControlFlowNode for t |
| test.py:178:9:178:14 | ControlFlowNode for SOURCE | test.py:182:14:182:14 | ControlFlowNode for t |
| test.py:178:9:178:14 | ControlFlowNode for SOURCE | test.py:184:14:184:14 | ControlFlowNode for t |
| test.py:178:9:178:14 | ControlFlowNode for SOURCE | test.py:182:16:182:16 | ControlFlowNode for t |
| test.py:178:9:178:14 | ControlFlowNode for SOURCE | test.py:184:16:184:16 | ControlFlowNode for t |
| test.py:178:9:178:14 | ControlFlowNode for SOURCE | test.py:186:14:186:14 | ControlFlowNode for t |
| test.py:195:9:195:14 | ControlFlowNode for SOURCE | test.py:197:14:197:14 | ControlFlowNode for t |
| test.py:195:9:195:14 | ControlFlowNode for SOURCE | test.py:199:14:199:14 | ControlFlowNode for t |
Expand Down
29 changes: 5 additions & 24 deletions python/ql/test/experimental/dataflow/regression/test.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -40,8 +40,8 @@ def test7(cond):
if cond:
SINK(t)

def source2(arg):
return source(arg)
def source2():
return source()

def sink2(arg):
sink(arg)
Expand All @@ -50,7 +50,7 @@ def sink3(cond, arg):
if cond:
sink(arg)

def test8(cond): # This flow is shadowed by previous tests, perhaps do a path query
def test8(cond): # This test currently adds nothing, as we only track SOURCE -> SINK, and previous tests already add flow from line 10 to line 13
t = source2()
sink2(t)

Expand Down Expand Up @@ -201,8 +201,8 @@ def flow_through_type_test_if_no_class():
def flow_in_iteration():
t = ITERABLE_SOURCE # Seems to not be sunk anywhere
for i in t:
i
return i
SINK(i)
SINK(i)

def flow_in_generator():
seq = [SOURCE]
Expand All @@ -212,22 +212,3 @@ def flow_in_generator():
def flow_from_generator():
for x in flow_in_generator():
SINK(x) # Flow not found

def const_eq_clears_taint():
tainted = SOURCE
if tainted == "safe":
SINK(tainted) # safe # FP
SINK(tainted) # unsafe

def const_eq_clears_taint2():
tainted = SOURCE
if tainted != "safe":
return
SINK(tainted) # safe # FP

def non_const_eq_preserves_taint(x):
tainted = SOURCE
if tainted == tainted:
SINK(tainted) # unsafe
if tainted == x:
SINK(tainted) # unsafe