Skip to content

Commit 2264b11

Browse files
yoffyoff
committed
python: more consistent tests
- do not test taint flow whne dataflow is established - test taint of both the collection and the expected element
1 parent 0f8ebd1 commit 2264b11

File tree

1 file changed

+15
-26
lines changed

1 file changed

+15
-26
lines changed

python/ql/test/experimental/dataflow/model-summaries/model_summaries.py

Lines changed: 15 additions & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -36,18 +36,10 @@ def SINK_F(x):
3636
via_identity = MS_identity(SOURCE)
3737
SINK(via_identity) # $ flow="SOURCE, l:-1 -> via_identity"
3838

39-
tainted = MS_identity(TAINTED_STRING)
40-
ensure_tainted(tainted) # $ tainted
41-
42-
4339
# Lambda summary
4440
via_lambda = MS_apply_lambda(lambda x: [x], SOURCE)
4541
SINK(via_lambda[0]) # $ flow="SOURCE, l:-1 -> via_lambda[0]"
4642

47-
tainted_lambda = MS_apply_lambda(lambda x: [x], TAINTED_STRING)
48-
ensure_tainted(tainted_lambda) # $ tainted
49-
50-
5143
# A lambda that breaks the flow
5244
not_via_lambda = MS_apply_lambda(lambda x: 1, SOURCE)
5345
SINK_F(not_via_lambda)
@@ -59,8 +51,11 @@ def SINK_F(x):
5951
via_reversed = MS_reversed([SOURCE])
6052
SINK(via_reversed[0]) # $ flow="SOURCE, l:-1 -> via_reversed[0]"
6153

62-
tainted_list = MS_reversed([TAINTED_STRING])
63-
ensure_tainted(tainted_list[0]) # $ tainted
54+
tainted_list = MS_reversed(TAINTED_LIST)
55+
ensure_tainted(
56+
tainted_list, # $ tainted
57+
tainted_list[0] # $ tainted
58+
)
6459

6560
# Complex summaries
6661
def box(x):
@@ -69,34 +64,31 @@ def box(x):
6964
via_map = MS_list_map(box, [SOURCE])
7065
SINK(via_map[0][0]) # $ flow="SOURCE, l:-1 -> via_map[0][0]"
7166

72-
tainted_mapped = MS_list_map(box, [TAINTED_STRING])
73-
ensure_tainted(tainted_mapped[0][0]) # $ tainted
67+
tainted_mapped = MS_list_map(box, TAINTED_LIST)
68+
ensure_tainted(
69+
tainted_mapped, # $ tainted
70+
tainted_mapped[0][0] # $ tainted
71+
)
7472

7573
def explicit_identity(x):
7674
return x
7775

7876
via_map_explicit = MS_list_map(explicit_identity, [SOURCE])
7977
SINK(via_map_explicit[0]) # $ flow="SOURCE, l:-1 -> via_map_explicit[0]"
8078

81-
tainted_mapped_explicit = MS_list_map(explicit_identity, [TAINTED_STRING])
82-
tainted_mapped_explicit_implicit = MS_list_map(explicit_identity, TAINTED_LIST)
79+
tainted_mapped_explicit = MS_list_map(explicit_identity, TAINTED_LIST)
8380
ensure_tainted(
8481
tainted_mapped_explicit, # $ tainted
85-
tainted_mapped_explicit[0], # $ tainted
86-
tainted_mapped_explicit_implicit, # $ tainted
87-
tainted_mapped_explicit_implicit[0] # $ tainted
82+
tainted_mapped_explicit[0] # $ tainted
8883
)
8984

9085
via_map_summary = MS_list_map(MS_identity, [SOURCE])
9186
SINK(via_map_summary[0]) # $ flow="SOURCE, l:-1 -> via_map_summary[0]"
9287

93-
tainted_mapped_summary = MS_list_map(MS_identity, [TAINTED_STRING])
94-
tainted_mapped_summary_implicit = MS_list_map(MS_identity, TAINTED_LIST)
88+
tainted_mapped_summary = MS_list_map(MS_identity, TAINTED_LIST)
9589
ensure_tainted(
9690
tainted_mapped_summary, # $ tainted
97-
tainted_mapped_summary[0], # $ tainted
98-
tainted_mapped_summary_implicit, # $ tainted
99-
tainted_mapped_summary_implicit[0] # $ tainted
91+
tainted_mapped_summary[0] # $ tainted
10092
)
10193

10294
via_append_el = MS_append_to_list([], SOURCE)
@@ -111,13 +103,10 @@ def explicit_identity(x):
111103
via_append = MS_append_to_list([SOURCE], NONSOURCE)
112104
SINK(via_append[0]) # $ flow="SOURCE, l:-1 -> via_append[0]"
113105

114-
tainted_list = MS_append_to_list([TAINTED_STRING], NONSOURCE)
115106
tainted_list_implicit = MS_append_to_list(TAINTED_LIST, NONSOURCE)
116107
ensure_tainted(
117108
tainted_list, # $ tainted
118-
tainted_list[0], # $ tainted
119-
tainted_list_implicit, # $ tainted
120-
tainted_list_implicit[0] # $ tainted
109+
tainted_list[0] # $ tainted
121110
)
122111

123112
# Modeled flow-summary is not value preserving

0 commit comments

Comments
 (0)