Python: Test taint step for string augmented assignment

RasmusWL · RasmusWL · commit 627363d6eab3 · 2020-08-27T11:37:56.000+02:00
Apprently it just works 😕 :magic:
diff --git a/python/ql/test/experimental/dataflow/tainttracking/defaultAdditionalTaintStep/TestTaint.expected b/python/ql/test/experimental/dataflow/tainttracking/defaultAdditionalTaintStep/TestTaint.expected
@@ -71,57 +71,59 @@
 | string_.py:33 | ok   | str_operations | str(..) |
 | string_.py:34 | ok   | str_operations | bytes(..) |
 | string_.py:35 | ok   | str_operations | unicode(..) |
-| string_.py:44 | ok   | str_methods | ts.capitalize() |
-| string_.py:45 | ok   | str_methods | ts.center(..) |
-| string_.py:46 | ok   | str_methods | ts.expandtabs() |
-| string_.py:48 | ok   | str_methods | ts.format() |
-| string_.py:49 | ok   | str_methods | "{}".format(..) |
-| string_.py:50 | ok   | str_methods | "{unsafe}".format(..) |
-| string_.py:52 | ok   | str_methods | ts.join(..) |
-| string_.py:53 | ok   | str_methods | "".join(..) |
-| string_.py:55 | ok   | str_methods | ts.ljust(..) |
-| string_.py:56 | ok   | str_methods | ts.lstrip() |
-| string_.py:57 | ok   | str_methods | ts.lower() |
-| string_.py:59 | ok   | str_methods | ts.replace(..) |
-| string_.py:60 | ok   | str_methods | "safe".replace(..) |
-| string_.py:62 | ok   | str_methods | ts.rjust(..) |
-| string_.py:63 | ok   | str_methods | ts.rstrip() |
-| string_.py:64 | ok   | str_methods | ts.strip() |
-| string_.py:65 | ok   | str_methods | ts.swapcase() |
-| string_.py:66 | ok   | str_methods | ts.title() |
-| string_.py:67 | ok   | str_methods | ts.upper() |
-| string_.py:68 | ok   | str_methods | ts.zfill(..) |
-| string_.py:70 | ok   | str_methods | ts.encode(..) |
-| string_.py:71 | ok   | str_methods | ts.encode(..).decode(..) |
-| string_.py:73 | ok   | str_methods | tb.decode(..) |
-| string_.py:74 | ok   | str_methods | tb.decode(..).encode(..) |
-| string_.py:77 | ok   | str_methods | ts.partition(..) |
-| string_.py:78 | ok   | str_methods | ts.rpartition(..) |
-| string_.py:79 | ok   | str_methods | ts.rsplit(..) |
-| string_.py:80 | ok   | str_methods | ts.split(..) |
-| string_.py:81 | ok   | str_methods | ts.splitlines() |
-| string_.py:86 | ok   | str_methods | "safe".replace(..) |
-| string_.py:88 | fail | str_methods | ts.join(..) |
-| string_.py:89 | fail | str_methods | ts.join(..) |
-| string_.py:99 | fail | non_syntactic | meth() |
-| string_.py:100 | fail | non_syntactic | _str(..) |
-| string_.py:109 | ok   | percent_fmt | BinaryExpr |
-| string_.py:110 | ok   | percent_fmt | BinaryExpr |
-| string_.py:111 | ok   | percent_fmt | BinaryExpr |
-| string_.py:121 | fail | binary_decode_encode | base64.b64encode(..) |
-| string_.py:122 | fail | binary_decode_encode | base64.b64decode(..) |
-| string_.py:124 | fail | binary_decode_encode | base64.standard_b64encode(..) |
-| string_.py:125 | fail | binary_decode_encode | base64.standard_b64decode(..) |
-| string_.py:127 | fail | binary_decode_encode | base64.urlsafe_b64encode(..) |
-| string_.py:128 | fail | binary_decode_encode | base64.urlsafe_b64decode(..) |
-| string_.py:130 | fail | binary_decode_encode | base64.b32encode(..) |
-| string_.py:131 | fail | binary_decode_encode | base64.b32decode(..) |
-| string_.py:133 | fail | binary_decode_encode | base64.b16encode(..) |
-| string_.py:134 | fail | binary_decode_encode | base64.b16decode(..) |
-| string_.py:137 | fail | binary_decode_encode | base64.encodestring(..) |
-| string_.py:138 | fail | binary_decode_encode | base64.decodestring(..) |
-| string_.py:143 | fail | binary_decode_encode | quopri.encodestring(..) |
-| string_.py:144 | fail | binary_decode_encode | quopri.decodestring(..) |
+| string_.py:39 | ok   | str_operations | aug_assignment |
+| string_.py:41 | ok   | str_operations | aug_assignment |
+| string_.py:49 | ok   | str_methods | ts.capitalize() |
+| string_.py:50 | ok   | str_methods | ts.center(..) |
+| string_.py:51 | ok   | str_methods | ts.expandtabs() |
+| string_.py:53 | ok   | str_methods | ts.format() |
+| string_.py:54 | ok   | str_methods | "{}".format(..) |
+| string_.py:55 | ok   | str_methods | "{unsafe}".format(..) |
+| string_.py:57 | ok   | str_methods | ts.join(..) |
+| string_.py:58 | ok   | str_methods | "".join(..) |
+| string_.py:60 | ok   | str_methods | ts.ljust(..) |
+| string_.py:61 | ok   | str_methods | ts.lstrip() |
+| string_.py:62 | ok   | str_methods | ts.lower() |
+| string_.py:64 | ok   | str_methods | ts.replace(..) |
+| string_.py:65 | ok   | str_methods | "safe".replace(..) |
+| string_.py:67 | ok   | str_methods | ts.rjust(..) |
+| string_.py:68 | ok   | str_methods | ts.rstrip() |
+| string_.py:69 | ok   | str_methods | ts.strip() |
+| string_.py:70 | ok   | str_methods | ts.swapcase() |
+| string_.py:71 | ok   | str_methods | ts.title() |
+| string_.py:72 | ok   | str_methods | ts.upper() |
+| string_.py:73 | ok   | str_methods | ts.zfill(..) |
+| string_.py:75 | ok   | str_methods | ts.encode(..) |
+| string_.py:76 | ok   | str_methods | ts.encode(..).decode(..) |
+| string_.py:78 | ok   | str_methods | tb.decode(..) |
+| string_.py:79 | ok   | str_methods | tb.decode(..).encode(..) |
+| string_.py:82 | ok   | str_methods | ts.partition(..) |
+| string_.py:83 | ok   | str_methods | ts.rpartition(..) |
+| string_.py:84 | ok   | str_methods | ts.rsplit(..) |
+| string_.py:85 | ok   | str_methods | ts.split(..) |
+| string_.py:86 | ok   | str_methods | ts.splitlines() |
+| string_.py:91 | ok   | str_methods | "safe".replace(..) |
+| string_.py:93 | fail | str_methods | ts.join(..) |
+| string_.py:94 | fail | str_methods | ts.join(..) |
+| string_.py:104 | fail | non_syntactic | meth() |
+| string_.py:105 | fail | non_syntactic | _str(..) |
+| string_.py:114 | ok   | percent_fmt | BinaryExpr |
+| string_.py:115 | ok   | percent_fmt | BinaryExpr |
+| string_.py:116 | ok   | percent_fmt | BinaryExpr |
+| string_.py:126 | fail | binary_decode_encode | base64.b64encode(..) |
+| string_.py:127 | fail | binary_decode_encode | base64.b64decode(..) |
+| string_.py:129 | fail | binary_decode_encode | base64.standard_b64encode(..) |
+| string_.py:130 | fail | binary_decode_encode | base64.standard_b64decode(..) |
+| string_.py:132 | fail | binary_decode_encode | base64.urlsafe_b64encode(..) |
+| string_.py:133 | fail | binary_decode_encode | base64.urlsafe_b64decode(..) |
+| string_.py:135 | fail | binary_decode_encode | base64.b32encode(..) |
+| string_.py:136 | fail | binary_decode_encode | base64.b32decode(..) |
+| string_.py:138 | fail | binary_decode_encode | base64.b16encode(..) |
+| string_.py:139 | fail | binary_decode_encode | base64.b16decode(..) |
+| string_.py:142 | fail | binary_decode_encode | base64.encodestring(..) |
+| string_.py:143 | fail | binary_decode_encode | base64.decodestring(..) |
+| string_.py:148 | fail | binary_decode_encode | quopri.encodestring(..) |
+| string_.py:149 | fail | binary_decode_encode | quopri.decodestring(..) |
 | unpacking_.py:16 | ok   | unpacking | a |
 | unpacking_.py:16 | ok   | unpacking | b |
 | unpacking_.py:16 | ok   | unpacking | c |
diff --git a/python/ql/test/experimental/dataflow/tainttracking/defaultAdditionalTaintStep/string_.py b/python/ql/test/experimental/dataflow/tainttracking/defaultAdditionalTaintStep/string_.py
@@ -35,6 +35,11 @@ def str_operations():
         unicode(ts),
     )
 
+    aug_assignment = "safe"
+    ensure_not_tainted(aug_assignment)
+    aug_assignment += TAINTED_STRING
+    ensure_tainted(aug_assignment)
+
 
 def str_methods():
     print("\n# str_methods")
