Create re.compile().ReMethod test

jorgectf · jorgectf · commit c127b109d0cc · 2021-04-27T19:54:27.000+02:00
diff --git a/python/ql/src/experimental/Security/CWE-730/unit_tests/re_bad.py b/python/ql/src/experimental/Security/CWE-730/unit_tests/re_bad.py
@@ -1,3 +1,5 @@
+# move outside test folder
+
 from flask import request, Flask
 import re
 
@@ -7,16 +9,18 @@
 @app.route("/direct")
 def direct():
     pattern = request.args['pattern']
-
     re.search(pattern, "")
 
 
 @app.route("/compile")
 def compile():
     pattern = re.compile(request.args['pattern'])
-
     pattern.search("")
 
 
+@app.route("/compile_direct")
+def compile_direct():
+    re.compile(request.args['pattern']).search("")
+
 # if __name__ == "__main__":
 #     app.run(debug=True)
diff --git a/python/ql/src/experimental/Security/CWE-730/unit_tests/re_good.py b/python/ql/src/experimental/Security/CWE-730/unit_tests/re_good.py
@@ -1,3 +1,5 @@
+# move outside test folder
+
 from flask import request, Flask
 import re
 
@@ -7,16 +9,19 @@
 @app.route("/direct")
 def direct():
     pattern = re.escape(request.args['pattern'])
-
     re.search(pattern, "")
 
 
 @app.route("/compile")
 def compile():
     pattern = re.compile(re.escape(request.args['pattern']))
-
     pattern.search("")
 
 
+@app.route("/compile_direct")
+def compile_direct():
+    re.compile(re.escape(request.args['pattern'])).search("")
+
+
 # if __name__ == "__main__":
 #     app.run(debug=True)
