File tree Expand file tree Collapse file tree
python/ql/test/experimental/dataflow/tainttracking Expand file tree Collapse file tree Original file line number Diff line number Diff line change 33TAINTED_LIST = ["tainted-{}" .format (i ) for i in range (5 )]
44TAINTED_DICT = {"name" : TAINTED_STRING , "some key" : "foo" }
55
6+ NOT_TAINTED = "NOT_TAINTED"
7+
68def ensure_tainted (* args ):
79 print ("- ensure_tainted" )
810 for i , arg in enumerate (args ):
Original file line number Diff line number Diff line change 1+ import sys ; import os ; sys .path .append (os .path .dirname (os .path .dirname ((__file__ ))))
2+ from taintlib import *
3+
4+ # Various instances where flow is undesirable
5+
6+ tainted = NOT_TAINTED
7+ ensure_not_tainted (tainted )
8+
9+ def write_global ():
10+ global tainted
11+ tainted = TAINTED_STRING
12+
13+ tainted2 = TAINTED_STRING
14+ len (tainted2 )
15+ tainted2 = NOT_TAINTED
16+ ensure_not_tainted (tainted2 )
17+
18+ def use_of_tainted2 ():
19+ global tainted2
20+ tainted2 = NOT_TAINTED
21+
22+ # Flow via global assigment
23+
24+ def write_tainted ():
25+ global g
26+ g = TAINTED_STRING
27+
28+ def sink_global ():
29+ ensure_tainted (g )
30+
31+ write_tainted ()
32+ sink_global ()
Original file line number Diff line number Diff line change 1+ | test.py:7 | ok | test | tainted |
2+ | test.py:16 | ok | test | tainted2 |
3+ | test.py:29 | ok | sink_global | g |
Original file line number Diff line number Diff line change 1+ import experimental.dataflow.tainttracking.TestTaintLib
You can’t perform that action at this time.
0 commit comments