Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 649df1d

Browse files
erik-krogherik-krogh
committed
simple taint-flow test
1 parent a879041 commit 649df1d

3 files changed

Lines changed: 26 additions & 19 deletions

File tree

python/ql/test/library-tests/frameworks/data/test.expected

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@ taintFlow
44
| test.py:9:8:9:14 | ControlFlowNode for alias() | test.py:9:8:9:14 | ControlFlowNode for alias() |
55
| test.py:10:8:10:22 | ControlFlowNode for Attribute() | test.py:10:8:10:22 | ControlFlowNode for Attribute() |
66
| test.py:11:8:11:30 | ControlFlowNode for Attribute() | test.py:11:8:11:30 | ControlFlowNode for Attribute() |
7+
| test.py:71:28:71:38 | ControlFlowNode for getSource() | test.py:71:8:71:39 | ControlFlowNode for Attribute() |
78
isSink
89
| test.py:4:8:4:8 | ControlFlowNode for x | test-sink |
910
| test.py:7:17:7:17 | ControlFlowNode for x | test-sink |
@@ -28,6 +29,8 @@ isSink
2829
| test.py:66:23:66:26 | ControlFlowNode for arg2 | test-source |
2930
| test.py:66:34:66:43 | ControlFlowNode for namedThing | test-source |
3031
| test.py:67:34:67:44 | ControlFlowNode for secondNamed | test-source |
32+
| test.py:71:8:71:39 | ControlFlowNode for Attribute() | test-sink |
33+
| test.py:72:8:72:47 | ControlFlowNode for Attribute() | test-sink |
3134
isSource
3235
| test.py:3:5:3:15 | ControlFlowNode for getSource() | test-source |
3336
| test.py:9:8:9:14 | ControlFlowNode for alias() | test-source |
@@ -54,6 +57,8 @@ isSource
5457
| test.py:63:42:63:45 | ControlFlowNode for arg3 | test-source |
5558
| test.py:63:48:63:51 | ControlFlowNode for arg4 | test-source |
5659
| test.py:63:54:63:57 | ControlFlowNode for arg5 | test-source |
60+
| test.py:71:28:71:38 | ControlFlowNode for getSource() | test-source |
61+
| test.py:72:36:72:46 | ControlFlowNode for getSource() | test-source |
5762
syntaxErrors
5863
| Member[foo |
5964
| Member[foo] .Member[bar] |

python/ql/test/library-tests/frameworks/data/test.py

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -64,4 +64,9 @@ def secondAndAfter(self, arg1, arg2, arg3, arg4, arg5):
6464
pass
6565

6666
ArgPos.anyParam(arg1, arg2, name=namedThing)
67-
ArgPos.anyNamed(arg4, arg5, name=secondNamed)
67+
ArgPos.anyNamed(arg4, arg5, name=secondNamed)
68+
69+
from testlib import Steps
70+
71+
mySink(Steps.preserveTaint(getSource())) # FLOW
72+
mySink(Steps.preserveTaint("safe", getSource())) # NO FLOW

python/ql/test/library-tests/frameworks/data/test.ql

Lines changed: 15 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -5,24 +5,21 @@ import semmle.python.dataflow.new.TaintTracking
55
import semmle.python.dataflow.new.DataFlow
66
private import semmle.python.ApiGraphs
77

8-
// TODO:
9-
/*
10-
* class Steps extends ModelInput::SummaryModelCsv {
11-
* override predicate row(string row) {
12-
* // package;type;path;input;output;kind
13-
* row =
14-
* [
15-
* "testlib;;Member[preserveTaint];Argument[0];ReturnValue;taint",
16-
* "testlib;;Member[taintIntoCallback];Argument[0];Argument[1..2].Parameter[0];taint",
17-
* "testlib;;Member[taintIntoCallbackThis];Argument[0];Argument[1..2].Parameter[this];taint",
18-
* "testlib;;Member[preserveArgZeroAndTwo];Argument[0,2];ReturnValue;taint",
19-
* "testlib;;Member[preserveAllButFirstArgument];Argument[1..];ReturnValue;taint",
20-
* "testlib;;Member[preserveAllIfCall].Call;Argument[0..];ReturnValue;taint",
21-
* "testlib;;Member[getSource].ReturnValue.Member[continue];Argument[this];ReturnValue;taint",
22-
* ]
23-
* }
24-
* }
25-
*/
8+
class Steps extends ModelInput::SummaryModelCsv {
9+
override predicate row(string row) {
10+
// package;type;path;input;output;kind
11+
row =
12+
[
13+
"testlib;;Member[Steps].Member[preserveTaint];Argument[0];ReturnValue;taint",
14+
// "testlib;;Member[Steps].Member[taintIntoCallback];Argument[0];Argument[1..2].Parameter[0];taint",
15+
// "testlib;;Member[Steps].Member[taintIntoCallbackThis];Argument[0];Argument[1..2].Parameter[this];taint",
16+
// "testlib;;Member[Steps].Member[preserveArgZeroAndTwo];Argument[0,2];ReturnValue;taint",
17+
// "testlib;;Member[Steps].Member[preserveAllButFirstArgument];Argument[1..];ReturnValue;taint",
18+
// "testlib;;Member[Steps].Member[preserveAllIfCall].Call;Argument[0..];ReturnValue;taint",
19+
// "testlib;;Member[Steps].Member[getSource].ReturnValue.Member[continue];Argument[this];ReturnValue;taint",
20+
]
21+
}
22+
}
2623

2724
class Types extends ModelInput::TypeModelCsv {
2825
override predicate row(string row) {

0 commit comments

Comments
 (0)