python: model urllib.parse.parse_qs

yoff · yoff · commit 768d866e72da · 2024-10-03T12:20:40.000+02:00
diff --git a/python/ql/lib/semmle/python/frameworks/Stdlib.model.yml b/python/ql/lib/semmle/python/frameworks/Stdlib.model.yml
@@ -134,6 +134,8 @@ extensions:
       - ["traceback.StackSummary", "Member[from_list]", "Argument[0,a_list:]", "ReturnValue", "taint"]
       # See https://docs.python.org/3/library/typing.html#typing.cast
       - ["typing", "Member[cast]", "Argument[1,val:]", "ReturnValue", "value"]
+      # See https://docs.python.org/3/library/urllib.parse.html#urllib.parse.parse_qs
+      - ["urllib", "Member[parse].Member[parse_qs]", "Argument[0,qs:]", "ReturnValue", "taint"]
       # See https://docs.python.org/3/library/urllib.parse.html#urllib.parse.quote
       - ["urllib", "Member[parse].Member[quote]", "Argument[0,string:]", "ReturnValue", "taint"]
       # See https://docs.python.org/3/library/urllib.parse.html#urllib.parse.quote_plus
diff --git a/python/ql/test/library-tests/frameworks/urllib/taint_test.py b/python/ql/test/library-tests/frameworks/urllib/taint_test.py
@@ -6,5 +6,5 @@ def test():
     params = urllib.parse.parse_qs(ts)
 
     ensure_tainted(
-        params, # $ MISSING: tainted
+        params, # $ tainted
     )

Original file line number	Diff line number	Diff line change
`@@ -6,5 +6,5 @@ def test():`
`6`	`6`	`params = urllib.parse.parse_qs(ts)`
`7`	`7`
`8`	`8`	`ensure_tainted(`
`9`		`- params, # $ MISSING: tainted`
	`9`	`+ params, # $ tainted`
`10`	`10`	`)`