Python: tests to show modeling is very syntactical

RasmusWL · RasmusWL · commit 6cb2ca63a6f9 · 2020-09-28T11:23:06.000+02:00
diff --git a/python/ql/test/experimental/library-tests/frameworks/stdlib/SystemCommandExecution.py b/python/ql/test/experimental/library-tests/frameworks/stdlib/SystemCommandExecution.py
@@ -111,6 +111,19 @@ def os_members():
 
 os.spawnl(os.P_WAIT, "/bin/sh", "<progname>", "-c", "vuln")  # $SystemCommandExecution_getCommand="/bin/sh" $f-:SystemCommandExecution_getCommand="vuln"
 
+
+########################################
+# Passing arguments by reference
+
+args = ["/bin/sh", "-c", "vuln"]
+subprocess.Popen(args)  # $SystemCommandExecution_getCommand=args
+
+args = "<progname>"
+use_shell = False
+exe = "executable"
+subprocess.Popen(args, shell=use_shell, executable=exe)  # $f+:SystemCommandExecution_getCommand=args $SystemCommandExecution_getCommand=exe
+
+
 ################################################################################
 # Taint related
 
