Add additional info to concept tests

Author: joefarebrother

python/ql/test/experimental/meta/ConceptsTest.qll

@@ -320,7 +320,13 @@ module HttpServerHttpResponseTest implements TestSig {
 }
 
 module HttpResponseHeaderWriteTest implements TestSig {
-  string getARelevantTag() { result = ["headerWriteName", "headerWriteValue", "headerWriteBulk"] }
+  string getARelevantTag() {
+    result =
+      [
+        "headerWriteNameUnsanitized", "headerWriteNameSanitized", "headerWriteValueUnsanitized",
+        "headerWriteValueSanitized", "headerWriteBulk"
+      ]
+  }
 
   predicate hasActualResult(Location location, string element, string tag, string value) {
     exists(location.getFile().getRelativePath()) and
@@ -330,26 +336,43 @@ module HttpResponseHeaderWriteTest implements TestSig {
         element = node.toString()
       |
         node = write.getNameArg() and
-        tag = "headerWriteName" and
-        (if write.nameAllowsNewline() then value = "unsanitized" else value = "sanitized")
+        (
+          if write.nameAllowsNewline()
+          then tag = "headerWriteNameUnsanitized"
+          else tag = "headerWriteNameSanitized"
+        ) and
+        value = prettyNodeForInlineTest(node)
         or
         node = write.getValueArg() and
-        tag = "headerWriteValue" and
-        (if write.valueAllowsNewline() then value = "unsanitized" else value = "sanitized")
+        (
+          if write.valueAllowsNewline()
+          then tag = "headerWriteValueUnsanitized"
+          else tag = "headerWriteValueSanitized"
+        ) and
+        value = prettyNodeForInlineTest(node)
       )
       or
-      exists(Http::Server::ResponseHeaderBulkWrite write |
-        location = write.getBulkArg().getLocation() and
-        element = write.getBulkArg().toString() and
+      exists(Http::Server::ResponseHeaderBulkWrite write, DataFlow::Node node |
+        node = write.getBulkArg() and
+        location = node.getLocation() and
+        element = node.toString() and
         (
           tag = "headerWriteBulk" and
-          value = ""
+          value = prettyNodeForInlineTest(node)
           or
-          tag = "headerWriteName" and
-          (if write.nameAllowsNewline() then value = "unsanitized" else value = "sanitized")
+          (
+            if write.nameAllowsNewline()
+            then tag = "headerWriteNameUnsanitized"
+            else tag = "headerWriteNameSanitized"
+          ) and
+          value = ""
           or
-          tag = "headerWriteValue" and
-          (if write.valueAllowsNewline() then value = "unsanitized" else value = "sanitized")
+          (
+            if write.valueAllowsNewline()
+            then tag = "headerWriteValueUnsanitized"
+            else tag = "headerWriteValueSanitized"
+          ) and
+          value = ""
         )
       )
     )

python/ql/test/library-tests/frameworks/flask/response_test.py

@@ -118,7 +118,7 @@ def response_modification1():  # $requestHandler
 @app.route("/content-type/response-modification2")  # $routeSetup="/content-type/response-modification2"
 def response_modification2():  # $requestHandler
     resp = make_response("<h1>hello</h1>")  # $HttpResponse mimetype=text/html responseBody="<h1>hello</h1>"
-    resp.headers["content-type"] = "text/plain"  # $ headerWriteName=unsanitized headerWriteValue=sanitized MISSING: HttpResponse mimetype=text/plain
+    resp.headers["content-type"] = "text/plain"  # $ headerWriteNameUnsanitized="content-type" headerWriteValueSanitized="text/plain" MISSING: HttpResponse mimetype=text/plain
     return resp  # $ SPURIOUS: HttpResponse mimetype=text/html responseBody=resp
 
 
@@ -148,23 +148,23 @@ def Response3():  # $requestHandler
 @app.route("/content-type/Response4")  # $routeSetup="/content-type/Response4"
 def Response4():  # $requestHandler
     # note: capitalization of Content-Type does not matter
-    resp = Response("<h1>hello</h1>", headers={"Content-TYPE": "text/plain"})  # $ headerWriteBulk headerWriteName=unsanitized headerWriteValue=sanitized HttpResponse responseBody="<h1>hello</h1>" SPURIOUS: mimetype=text/html MISSING: mimetype=text/plain
+    resp = Response("<h1>hello</h1>", headers={"Content-TYPE": "text/plain"})  # $ headerWriteBulk=Dict headerWriteNameUnsanitized headerWriteValueSanitized HttpResponse responseBody="<h1>hello</h1>" SPURIOUS: mimetype=text/html MISSING: mimetype=text/plain
     return resp  # $ SPURIOUS: HttpResponse mimetype=text/html responseBody=resp
 
 
 @app.route("/content-type/Response5")  # $routeSetup="/content-type/Response5"
 def Response5():  # $requestHandler
     # content_type argument takes priority (and result is text/plain)
     # note: capitalization of Content-Type does not matter
-    resp = Response("<h1>hello</h1>", headers={"Content-TYPE": "text/html"}, content_type="text/plain; charset=utf-8")  # $ headerWriteBulk headerWriteName=unsanitized headerWriteValue=sanitized HttpResponse mimetype=text/plain responseBody="<h1>hello</h1>"
+    resp = Response("<h1>hello</h1>", headers={"Content-TYPE": "text/html"}, content_type="text/plain; charset=utf-8")  # $ headerWriteBulk=Dict headerWriteNameUnsanitized headerWriteValueSanitized HttpResponse mimetype=text/plain responseBody="<h1>hello</h1>"
     return resp  # $ SPURIOUS: HttpResponse mimetype=text/html responseBody=resp
 
 
 @app.route("/content-type/Response6")  # $routeSetup="/content-type/Response6"
 def Response6():  # $requestHandler
     # mimetype argument takes priority over header (and result is text/plain)
     # note: capitalization of Content-Type does not matter
-    resp = Response("<h1>hello</h1>", headers={"Content-TYPE": "text/html"}, mimetype="text/plain")  # $ headerWriteBulk headerWriteName=unsanitized headerWriteValue=sanitized HttpResponse mimetype=text/plain responseBody="<h1>hello</h1>"
+    resp = Response("<h1>hello</h1>", headers={"Content-TYPE": "text/html"}, mimetype="text/plain")  # $ headerWriteBulk=Dict headerWriteNameUnsanitized headerWriteValueSanitized HttpResponse mimetype=text/plain responseBody="<h1>hello</h1>"
     return resp  # $ SPURIOUS: HttpResponse mimetype=text/html responseBody=resp
 
 
@@ -208,7 +208,7 @@ def setting_cookie():  # $requestHandler
     resp = make_response() # $ HttpResponse mimetype=text/html
     resp.set_cookie("key", "value") # $ CookieWrite CookieName="key" CookieValue="value"
     resp.set_cookie(key="key", value="value") # $ CookieWrite CookieName="key" CookieValue="value"
-    resp.headers.add("Set-Cookie", "key2=value2") # $ headerWriteName=unsanitized headerWriteValue=sanitized MISSING: CookieWrite CookieRawHeader="key2=value2"
+    resp.headers.add("Set-Cookie", "key2=value2") # $ headerWriteNameUnsanitized="Set-Cookie" headerWriteValueSanitized="key2=value2" MISSING: CookieWrite CookieRawHeader="key2=value2"
     resp.delete_cookie("key3") # $ CookieWrite CookieName="key3"
     resp.delete_cookie(key="key3") # $ CookieWrite CookieName="key3"
     return resp  # $ SPURIOUS: HttpResponse mimetype=text/html responseBody=resp
@@ -220,28 +220,29 @@ def setting_cookie():  # $requestHandler
 @app.route("/headers") # $routeSetup="/headers"
 def headers():  # $requestHandler
     resp1 = Response() # $ HttpResponse mimetype=text/html
-    resp1.headers['X-MyHeader'] = 'a' # $ headerWriteName=unsanitized headerWriteValue=sanitized 
+    resp1.headers["X-MyHeader"] = "a" # $ headerWriteNameUnsanitized="X-MyHeader" headerWriteValueSanitized="a"
     resp2 = make_response() # $ HttpResponse mimetype=text/html
-    resp2.headers['X-MyHeader'] = 'a' # $ headerWriteName=unsanitized headerWriteValue=sanitized 
-    resp2.headers.extend({'X-MyHeader2': 'b'}) # $ headerWriteBulk headerWriteName=unsanitized headerWriteValue=sanitized 
-    resp3 = make_response("hello", 200, {'X-MyHeader3': 'c'}) # $ HttpResponse mimetype=text/html responseBody="hello" headerWriteBulk headerWriteName=unsanitized headerWriteValue=sanitized
-    resp4 = make_response("hello", {'X-MyHeader4': 'd'}) # $ HttpResponse mimetype=text/html responseBody="hello" headerWriteBulk headerWriteName=unsanitized headerWriteValue=sanitized
-    return resp4  # $ SPURIOUS: HttpResponse mimetype=text/html responseBody=resp4
+    resp2.headers["X-MyHeader"] = "aa" # $ headerWriteNameUnsanitized="X-MyHeader" headerWriteValueSanitized="aa"
+    resp2.headers.extend({"X-MyHeader2": "b"}) # $ headerWriteBulk=Dict headerWriteNameUnsanitized headerWriteValueSanitized 
+    resp3 = make_response("hello", 200, {"X-MyHeader3": "c"}) # $ HttpResponse mimetype=text/html responseBody="hello" headerWriteBulk=Dict headerWriteNameUnsanitized headerWriteValueSanitized
+    resp4 = make_response("hello", {"X-MyHeader4": "d"}) # $ HttpResponse mimetype=text/html responseBody="hello" headerWriteBulk=Dict headerWriteNameUnsanitized headerWriteValueSanitized
+    resp5 = Response(headers={"X-MyHeader5":"e"}) # $ HttpResponse mimetype=text/html headerWriteBulk=Dict headerWriteNameUnsanitized headerWriteValueSanitized
+    return resp5  # $ SPURIOUS: HttpResponse mimetype=text/html responseBody=resp5
 
 @app.route("/werkzeug-headers") # $routeSetup="/werkzeug-headers"
 def werkzeug_headers():  # $requestHandler
     response = Response() # $ HttpResponse mimetype=text/html
     headers = Headers()
-    headers.add("X-MyHeader1", "a") # $ headerWriteName=unsanitized headerWriteValue=sanitized 
-    headers.add_header("X-MyHeader2", "b") # $ headerWriteName=unsanitized headerWriteValue=sanitized 
-    headers.set("X-MyHeader3", "c") # $ headerWriteName=unsanitized headerWriteValue=sanitized 
-    headers.setdefault("X-MyHeader4", "d") # $ headerWriteName=unsanitized headerWriteValue=sanitized 
-    headers.__setitem__("X-MyHeader5", "e") # $ headerWriteName=unsanitized headerWriteValue=sanitized 
-    headers["X-MyHeader6"] = "f" # $ headerWriteName=unsanitized headerWriteValue=sanitized 
+    headers.add("X-MyHeader1", "a") # $ headerWriteNameUnsanitized="X-MyHeader1" headerWriteValueSanitized="a"
+    headers.add_header("X-MyHeader2", "b") # $ headerWriteNameUnsanitized="X-MyHeader2" headerWriteValueSanitized="b"
+    headers.set("X-MyHeader3", "c") # $ headerWriteNameUnsanitized="X-MyHeader3" headerWriteValueSanitized="c" 
+    headers.setdefault("X-MyHeader4", "d") # $ headerWriteNameUnsanitized="X-MyHeader4" headerWriteValueSanitized="d" 
+    headers.__setitem__("X-MyHeader5", "e") # $ headerWriteNameUnsanitized="X-MyHeader5" headerWriteValueSanitized="e" 
+    headers["X-MyHeader6"] = "f" # $ headerWriteNameUnsanitized="X-MyHeader6" headerWriteValueSanitized="f" 
     h1 = {"X-MyHeader7": "g"}
-    headers.extend(h1) # $ headerWriteBulk headerWriteName=unsanitized headerWriteValue=sanitized 
+    headers.extend(h1) # $ headerWriteBulk=h1 headerWriteNameUnsanitized headerWriteValueSanitized 
     h2 = [("X-MyHeader8", "h")]
-    headers.extend(h2) # $ headerWriteBulk headerWriteName=unsanitized headerWriteValue=sanitized 
+    headers.extend(h2) # $ headerWriteBulk=h2 headerWriteNameUnsanitized headerWriteValueSanitized 
     response.headers = headers 
     return response # $ SPURIOUS: HttpResponse mimetype=text/html responseBody=response
 

python/ql/test/library-tests/frameworks/stdlib/wsgiref_simple_server_test.py

@@ -18,7 +18,7 @@ def func(environ, start_response): # $ requestHandler
         environ, # $ tainted
         environ["PATH_INFO"], # $ tainted
     )
-    write = start_response("200 OK", [("Content-Type", "text/plain")]) # $ headerWriteBulk headerWriteName=unsanitized headerWriteValue=unsanitized
+    write = start_response("200 OK", [("Content-Type", "text/plain")]) # $ headerWriteBulk=List headerWriteNameUnsanitized headerWriteValueUnsanitized
     write(b"hello") # $ HttpResponse responseBody=b"hello"
     write(data=b" ") # $ HttpResponse responseBody=b" "
 
@@ -33,16 +33,16 @@ def __init__(self):
         self.set_app(self.my_method)
 
     def my_method(self, _env, start_response): # $ requestHandler
-        start_response("200 OK", []) # $ headerWriteBulk headerWriteName=unsanitized headerWriteValue=unsanitized
+        start_response("200 OK", []) # $ headerWriteBulk=List headerWriteNameUnsanitized headerWriteValueUnsanitized
         return [b"my_method"] # $ HttpResponse responseBody=List
 
 def func2(environ, start_response): # $ requestHandler
-    headers = wsgiref.headers.Headers([("Content-Type", "text/plain")]) # $ headerWriteBulk headerWriteName=unsanitized headerWriteValue=unsanitized
-    headers.add_header("X-MyHeader", "a") # $ headerWriteName=unsanitized headerWriteValue=unsanitized 
-    headers.setdefault("X-MyHeader2", "b") # $ headerWriteName=unsanitized headerWriteValue=unsanitized 
-    headers.__setitem__("X-MyHeader3", "c") # $ headerWriteName=unsanitized headerWriteValue=unsanitized 
-    headers["X-MyHeader4"] = "d" # $ headerWriteName=unsanitized headerWriteValue=unsanitized 
-    start_response(status, headers) # $ headerWriteBulk headerWriteName=unsanitized headerWriteValue=unsanitized
+    headers = wsgiref.headers.Headers([("Content-Type", "text/plain")]) # $ headerWriteBulk=List headerWriteNameUnsanitized headerWriteValueUnsanitized
+    headers.add_header("X-MyHeader", "a") # $ headerWriteNameUnsanitized="X-MyHeader" headerWriteValueUnsanitized="a"
+    headers.setdefault("X-MyHeader2", "b") # $ headerWriteNameUnsanitized="X-MyHeader2" headerWriteValueUnsanitized="b"
+    headers.__setitem__("X-MyHeader3", "c") # $ headerWriteNameUnsanitized="X-MyHeader3" headerWriteValueUnsanitized="c"
+    headers["X-MyHeader4"] = "d" # $ headerWriteNameUnsanitized="X-MyHeader4" headerWriteValueUnsanitized="d"
+    start_response(status, headers) # $ headerWriteBulk=headers headerWriteNameUnsanitized headerWriteValueUnsanitized
     return [b"Hello"] # $ HttpResponse responseBody=List
 
 case = sys.argv[1]
@@ -54,7 +54,7 @@ def func2(environ, start_response): # $ requestHandler
 elif case == "3":
     server = MyServer()
     def func3(_env, start_response): # $ requestHandler
-        start_response("200 OK", []) # $ headerWriteBulk headerWriteName=unsanitized headerWriteValue=unsanitized
+        start_response("200 OK", []) # $ headerWriteBulk=List headerWriteNameUnsanitized headerWriteValueUnsanitized
         return [b"foo"] # $ HttpResponse responseBody=List
     server.set_app(func3)
 elif case == "4":