Skip to content

Commit 6f297f4

Browse files
committed
Python: Fix SSRF sanitizer tests
They were very misleading before, because a sanitizer that happened early, would remove taint from the rest of the cases by use-use flow :|
1 parent 4b5599f commit 6f297f4

File tree

3 files changed

+243
-93
lines changed

3 files changed

+243
-93
lines changed

python/ql/test/query-tests/Security/CWE-918-ServerSideRequestForgery/FullServerSideRequestForgery.expected

Lines changed: 98 additions & 37 deletions
Original file line numberDiff line numberDiff line change
@@ -10,30 +10,58 @@ edges
1010
| full_partial_test.py:7:18:7:48 | ControlFlowNode for Subscript | full_partial_test.py:13:18:13:20 | ControlFlowNode for url |
1111
| full_partial_test.py:7:18:7:48 | ControlFlowNode for Subscript | full_partial_test.py:19:18:19:20 | ControlFlowNode for url |
1212
| full_partial_test.py:7:18:7:48 | ControlFlowNode for Subscript | full_partial_test.py:23:18:23:20 | ControlFlowNode for url |
13-
| full_partial_test.py:7:18:7:48 | ControlFlowNode for Subscript | full_partial_test.py:28:18:28:20 | ControlFlowNode for url |
14-
| full_partial_test.py:7:18:7:48 | ControlFlowNode for Subscript | full_partial_test.py:31:18:31:20 | ControlFlowNode for url |
15-
| full_partial_test.py:7:18:7:48 | ControlFlowNode for Subscript | full_partial_test.py:34:18:34:20 | ControlFlowNode for url |
16-
| full_partial_test.py:7:18:7:48 | ControlFlowNode for Subscript | full_partial_test.py:39:18:39:20 | ControlFlowNode for url |
17-
| full_partial_test.py:7:18:7:48 | ControlFlowNode for Subscript | full_partial_test.py:42:18:42:20 | ControlFlowNode for url |
18-
| full_partial_test.py:7:18:7:48 | ControlFlowNode for Subscript | full_partial_test.py:44:38:44:58 | ControlFlowNode for Tuple |
19-
| full_partial_test.py:7:18:7:48 | ControlFlowNode for Subscript | full_partial_test.py:50:18:50:20 | ControlFlowNode for url |
20-
| full_partial_test.py:7:18:7:48 | ControlFlowNode for Subscript | full_partial_test.py:53:18:53:20 | ControlFlowNode for url |
21-
| full_partial_test.py:7:18:7:48 | ControlFlowNode for Subscript | full_partial_test.py:56:18:56:20 | ControlFlowNode for url |
2213
| full_partial_test.py:8:17:8:23 | ControlFlowNode for request | full_partial_test.py:8:17:8:28 | ControlFlowNode for Attribute |
2314
| full_partial_test.py:8:17:8:28 | ControlFlowNode for Attribute | full_partial_test.py:8:17:8:41 | ControlFlowNode for Subscript |
2415
| full_partial_test.py:8:17:8:41 | ControlFlowNode for Subscript | full_partial_test.py:23:18:23:20 | ControlFlowNode for url |
25-
| full_partial_test.py:8:17:8:41 | ControlFlowNode for Subscript | full_partial_test.py:34:18:34:20 | ControlFlowNode for url |
26-
| full_partial_test.py:8:17:8:41 | ControlFlowNode for Subscript | full_partial_test.py:44:38:44:58 | ControlFlowNode for Tuple |
27-
| full_partial_test.py:8:17:8:41 | ControlFlowNode for Subscript | full_partial_test.py:56:18:56:20 | ControlFlowNode for url |
28-
| full_partial_test.py:44:38:44:58 | ControlFlowNode for Tuple | full_partial_test.py:45:18:45:20 | ControlFlowNode for url |
29-
| full_partial_test.py:60:18:60:24 | ControlFlowNode for request | full_partial_test.py:60:18:60:29 | ControlFlowNode for Attribute |
30-
| full_partial_test.py:60:18:60:29 | ControlFlowNode for Attribute | full_partial_test.py:60:18:60:48 | ControlFlowNode for Subscript |
31-
| full_partial_test.py:60:18:60:48 | ControlFlowNode for Subscript | full_partial_test.py:63:18:63:20 | ControlFlowNode for url |
32-
| full_partial_test.py:60:18:60:48 | ControlFlowNode for Subscript | full_partial_test.py:66:18:66:20 | ControlFlowNode for url |
33-
| full_partial_test.py:60:18:60:48 | ControlFlowNode for Subscript | full_partial_test.py:69:18:69:20 | ControlFlowNode for url |
34-
| full_partial_test.py:60:18:60:48 | ControlFlowNode for Subscript | full_partial_test.py:72:18:72:20 | ControlFlowNode for url |
35-
| full_partial_test.py:60:18:60:48 | ControlFlowNode for Subscript | full_partial_test.py:78:18:78:20 | ControlFlowNode for url |
36-
| full_partial_test.py:60:18:60:48 | ControlFlowNode for Subscript | full_partial_test.py:81:18:81:20 | ControlFlowNode for url |
16+
| full_partial_test.py:30:18:30:24 | ControlFlowNode for request | full_partial_test.py:30:18:30:29 | ControlFlowNode for Attribute |
17+
| full_partial_test.py:30:18:30:24 | ControlFlowNode for request | full_partial_test.py:31:17:31:23 | ControlFlowNode for request |
18+
| full_partial_test.py:30:18:30:24 | ControlFlowNode for request | full_partial_test.py:31:17:31:28 | ControlFlowNode for Attribute |
19+
| full_partial_test.py:30:18:30:29 | ControlFlowNode for Attribute | full_partial_test.py:30:18:30:48 | ControlFlowNode for Subscript |
20+
| full_partial_test.py:30:18:30:48 | ControlFlowNode for Subscript | full_partial_test.py:35:18:35:20 | ControlFlowNode for url |
21+
| full_partial_test.py:30:18:30:48 | ControlFlowNode for Subscript | full_partial_test.py:38:18:38:20 | ControlFlowNode for url |
22+
| full_partial_test.py:30:18:30:48 | ControlFlowNode for Subscript | full_partial_test.py:41:18:41:20 | ControlFlowNode for url |
23+
| full_partial_test.py:31:17:31:23 | ControlFlowNode for request | full_partial_test.py:31:17:31:28 | ControlFlowNode for Attribute |
24+
| full_partial_test.py:31:17:31:28 | ControlFlowNode for Attribute | full_partial_test.py:31:17:31:41 | ControlFlowNode for Subscript |
25+
| full_partial_test.py:31:17:31:41 | ControlFlowNode for Subscript | full_partial_test.py:41:18:41:20 | ControlFlowNode for url |
26+
| full_partial_test.py:44:18:44:24 | ControlFlowNode for request | full_partial_test.py:44:18:44:29 | ControlFlowNode for Attribute |
27+
| full_partial_test.py:44:18:44:24 | ControlFlowNode for request | full_partial_test.py:45:17:45:23 | ControlFlowNode for request |
28+
| full_partial_test.py:44:18:44:24 | ControlFlowNode for request | full_partial_test.py:45:17:45:28 | ControlFlowNode for Attribute |
29+
| full_partial_test.py:44:18:44:29 | ControlFlowNode for Attribute | full_partial_test.py:44:18:44:48 | ControlFlowNode for Subscript |
30+
| full_partial_test.py:44:18:44:48 | ControlFlowNode for Subscript | full_partial_test.py:49:18:49:20 | ControlFlowNode for url |
31+
| full_partial_test.py:44:18:44:48 | ControlFlowNode for Subscript | full_partial_test.py:52:18:52:20 | ControlFlowNode for url |
32+
| full_partial_test.py:44:18:44:48 | ControlFlowNode for Subscript | full_partial_test.py:54:38:54:58 | ControlFlowNode for Tuple |
33+
| full_partial_test.py:45:17:45:23 | ControlFlowNode for request | full_partial_test.py:45:17:45:28 | ControlFlowNode for Attribute |
34+
| full_partial_test.py:45:17:45:28 | ControlFlowNode for Attribute | full_partial_test.py:45:17:45:41 | ControlFlowNode for Subscript |
35+
| full_partial_test.py:45:17:45:41 | ControlFlowNode for Subscript | full_partial_test.py:54:38:54:58 | ControlFlowNode for Tuple |
36+
| full_partial_test.py:54:38:54:58 | ControlFlowNode for Tuple | full_partial_test.py:55:18:55:20 | ControlFlowNode for url |
37+
| full_partial_test.py:58:18:58:24 | ControlFlowNode for request | full_partial_test.py:58:18:58:29 | ControlFlowNode for Attribute |
38+
| full_partial_test.py:58:18:58:24 | ControlFlowNode for request | full_partial_test.py:59:17:59:23 | ControlFlowNode for request |
39+
| full_partial_test.py:58:18:58:24 | ControlFlowNode for request | full_partial_test.py:59:17:59:28 | ControlFlowNode for Attribute |
40+
| full_partial_test.py:58:18:58:29 | ControlFlowNode for Attribute | full_partial_test.py:58:18:58:48 | ControlFlowNode for Subscript |
41+
| full_partial_test.py:58:18:58:48 | ControlFlowNode for Subscript | full_partial_test.py:63:18:63:20 | ControlFlowNode for url |
42+
| full_partial_test.py:58:18:58:48 | ControlFlowNode for Subscript | full_partial_test.py:66:18:66:20 | ControlFlowNode for url |
43+
| full_partial_test.py:58:18:58:48 | ControlFlowNode for Subscript | full_partial_test.py:69:18:69:20 | ControlFlowNode for url |
44+
| full_partial_test.py:59:17:59:23 | ControlFlowNode for request | full_partial_test.py:59:17:59:28 | ControlFlowNode for Attribute |
45+
| full_partial_test.py:59:17:59:28 | ControlFlowNode for Attribute | full_partial_test.py:59:17:59:41 | ControlFlowNode for Subscript |
46+
| full_partial_test.py:59:17:59:41 | ControlFlowNode for Subscript | full_partial_test.py:69:18:69:20 | ControlFlowNode for url |
47+
| full_partial_test.py:73:18:73:24 | ControlFlowNode for request | full_partial_test.py:73:18:73:29 | ControlFlowNode for Attribute |
48+
| full_partial_test.py:73:18:73:29 | ControlFlowNode for Attribute | full_partial_test.py:73:18:73:48 | ControlFlowNode for Subscript |
49+
| full_partial_test.py:73:18:73:48 | ControlFlowNode for Subscript | full_partial_test.py:76:18:76:20 | ControlFlowNode for url |
50+
| full_partial_test.py:79:18:79:24 | ControlFlowNode for request | full_partial_test.py:79:18:79:29 | ControlFlowNode for Attribute |
51+
| full_partial_test.py:79:18:79:29 | ControlFlowNode for Attribute | full_partial_test.py:79:18:79:48 | ControlFlowNode for Subscript |
52+
| full_partial_test.py:79:18:79:48 | ControlFlowNode for Subscript | full_partial_test.py:82:18:82:20 | ControlFlowNode for url |
53+
| full_partial_test.py:85:18:85:24 | ControlFlowNode for request | full_partial_test.py:85:18:85:29 | ControlFlowNode for Attribute |
54+
| full_partial_test.py:85:18:85:29 | ControlFlowNode for Attribute | full_partial_test.py:85:18:85:48 | ControlFlowNode for Subscript |
55+
| full_partial_test.py:85:18:85:48 | ControlFlowNode for Subscript | full_partial_test.py:88:18:88:20 | ControlFlowNode for url |
56+
| full_partial_test.py:91:18:91:24 | ControlFlowNode for request | full_partial_test.py:91:18:91:29 | ControlFlowNode for Attribute |
57+
| full_partial_test.py:91:18:91:29 | ControlFlowNode for Attribute | full_partial_test.py:91:18:91:48 | ControlFlowNode for Subscript |
58+
| full_partial_test.py:91:18:91:48 | ControlFlowNode for Subscript | full_partial_test.py:94:18:94:20 | ControlFlowNode for url |
59+
| full_partial_test.py:97:18:97:24 | ControlFlowNode for request | full_partial_test.py:97:18:97:29 | ControlFlowNode for Attribute |
60+
| full_partial_test.py:97:18:97:29 | ControlFlowNode for Attribute | full_partial_test.py:97:18:97:48 | ControlFlowNode for Subscript |
61+
| full_partial_test.py:97:18:97:48 | ControlFlowNode for Subscript | full_partial_test.py:103:18:103:20 | ControlFlowNode for url |
62+
| full_partial_test.py:106:18:106:24 | ControlFlowNode for request | full_partial_test.py:106:18:106:29 | ControlFlowNode for Attribute |
63+
| full_partial_test.py:106:18:106:29 | ControlFlowNode for Attribute | full_partial_test.py:106:18:106:48 | ControlFlowNode for Subscript |
64+
| full_partial_test.py:106:18:106:48 | ControlFlowNode for Subscript | full_partial_test.py:109:18:109:20 | ControlFlowNode for url |
3765
| test_http_client.py:9:19:9:25 | ControlFlowNode for request | test_http_client.py:9:19:9:30 | ControlFlowNode for Attribute |
3866
| test_http_client.py:9:19:9:25 | ControlFlowNode for request | test_http_client.py:9:19:9:30 | ControlFlowNode for Attribute |
3967
| test_http_client.py:9:19:9:25 | ControlFlowNode for request | test_http_client.py:10:19:10:25 | ControlFlowNode for request |
@@ -87,25 +115,58 @@ nodes
87115
| full_partial_test.py:13:18:13:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
88116
| full_partial_test.py:19:18:19:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
89117
| full_partial_test.py:23:18:23:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
90-
| full_partial_test.py:28:18:28:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
91-
| full_partial_test.py:31:18:31:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
92-
| full_partial_test.py:34:18:34:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
93-
| full_partial_test.py:39:18:39:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
94-
| full_partial_test.py:42:18:42:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
95-
| full_partial_test.py:44:38:44:58 | ControlFlowNode for Tuple | semmle.label | ControlFlowNode for Tuple |
96-
| full_partial_test.py:45:18:45:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
97-
| full_partial_test.py:50:18:50:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
98-
| full_partial_test.py:53:18:53:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
99-
| full_partial_test.py:56:18:56:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
100-
| full_partial_test.py:60:18:60:24 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
101-
| full_partial_test.py:60:18:60:29 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
102-
| full_partial_test.py:60:18:60:48 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
118+
| full_partial_test.py:30:18:30:24 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
119+
| full_partial_test.py:30:18:30:29 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
120+
| full_partial_test.py:30:18:30:48 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
121+
| full_partial_test.py:31:17:31:23 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
122+
| full_partial_test.py:31:17:31:28 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
123+
| full_partial_test.py:31:17:31:41 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
124+
| full_partial_test.py:35:18:35:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
125+
| full_partial_test.py:38:18:38:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
126+
| full_partial_test.py:41:18:41:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
127+
| full_partial_test.py:44:18:44:24 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
128+
| full_partial_test.py:44:18:44:29 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
129+
| full_partial_test.py:44:18:44:48 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
130+
| full_partial_test.py:45:17:45:23 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
131+
| full_partial_test.py:45:17:45:28 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
132+
| full_partial_test.py:45:17:45:41 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
133+
| full_partial_test.py:49:18:49:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
134+
| full_partial_test.py:52:18:52:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
135+
| full_partial_test.py:54:38:54:58 | ControlFlowNode for Tuple | semmle.label | ControlFlowNode for Tuple |
136+
| full_partial_test.py:55:18:55:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
137+
| full_partial_test.py:58:18:58:24 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
138+
| full_partial_test.py:58:18:58:29 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
139+
| full_partial_test.py:58:18:58:48 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
140+
| full_partial_test.py:59:17:59:23 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
141+
| full_partial_test.py:59:17:59:28 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
142+
| full_partial_test.py:59:17:59:41 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
103143
| full_partial_test.py:63:18:63:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
104144
| full_partial_test.py:66:18:66:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
105145
| full_partial_test.py:69:18:69:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
106-
| full_partial_test.py:72:18:72:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
107-
| full_partial_test.py:78:18:78:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
108-
| full_partial_test.py:81:18:81:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
146+
| full_partial_test.py:73:18:73:24 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
147+
| full_partial_test.py:73:18:73:29 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
148+
| full_partial_test.py:73:18:73:48 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
149+
| full_partial_test.py:76:18:76:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
150+
| full_partial_test.py:79:18:79:24 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
151+
| full_partial_test.py:79:18:79:29 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
152+
| full_partial_test.py:79:18:79:48 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
153+
| full_partial_test.py:82:18:82:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
154+
| full_partial_test.py:85:18:85:24 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
155+
| full_partial_test.py:85:18:85:29 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
156+
| full_partial_test.py:85:18:85:48 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
157+
| full_partial_test.py:88:18:88:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
158+
| full_partial_test.py:91:18:91:24 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
159+
| full_partial_test.py:91:18:91:29 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
160+
| full_partial_test.py:91:18:91:48 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
161+
| full_partial_test.py:94:18:94:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
162+
| full_partial_test.py:97:18:97:24 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
163+
| full_partial_test.py:97:18:97:29 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
164+
| full_partial_test.py:97:18:97:48 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
165+
| full_partial_test.py:103:18:103:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
166+
| full_partial_test.py:106:18:106:24 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
167+
| full_partial_test.py:106:18:106:29 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |
168+
| full_partial_test.py:106:18:106:48 | ControlFlowNode for Subscript | semmle.label | ControlFlowNode for Subscript |
169+
| full_partial_test.py:109:18:109:20 | ControlFlowNode for url | semmle.label | ControlFlowNode for url |
109170
| test_http_client.py:9:19:9:25 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
110171
| test_http_client.py:9:19:9:25 | ControlFlowNode for request | semmle.label | ControlFlowNode for request |
111172
| test_http_client.py:9:19:9:30 | ControlFlowNode for Attribute | semmle.label | ControlFlowNode for Attribute |

0 commit comments

Comments
 (0)