add tests

liangjinhuang · liangjinhuang · commit 1102f60f3e17 · 2021-12-04T00:52:15.000+08:00
diff --git a/python/ql/test/experimental/query-tests/Security/CWE-338/InsecureRandomness.expected b/python/ql/test/experimental/query-tests/Security/CWE-338/InsecureRandomness.expected
@@ -0,0 +1,6 @@
+edges
+nodes
+| InsecureRandomness.py:5:12:5:26 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
+subpaths
+#select
+| InsecureRandomness.py:5:12:5:26 | ControlFlowNode for Attribute() | InsecureRandomness.py:5:12:5:26 | ControlFlowNode for Attribute() | InsecureRandomness.py:5:12:5:26 | ControlFlowNode for Attribute() | Cryptographically insecure $@ in a security context. | InsecureRandomness.py:5:12:5:26 | ControlFlowNode for Attribute() | random value |
diff --git a/python/ql/test/experimental/query-tests/Security/CWE-338/InsecureRandomness.py b/python/ql/test/experimental/query-tests/Security/CWE-338/InsecureRandomness.py
@@ -0,0 +1,5 @@
+import random
+
+def generatePassword():
+    # BAD: the random is not cryptographically secure
+    return random.random()
diff --git a/python/ql/test/experimental/query-tests/Security/CWE-338/InsecureRandomness.qlref b/python/ql/test/experimental/query-tests/Security/CWE-338/InsecureRandomness.qlref
@@ -0,0 +1 @@
+experimental/Security/CWE-338/InsecureRandomness.ql

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+experimental/Security/CWE-338/InsecureRandomness.ql`