Python: Add tests for ExternalFileObject

RasmusWL · RasmusWL · commit 7385ea50242e · 2020-04-23T10:36:51.000+02:00
diff --git a/python/ql/test/library-tests/taint/strings/Taint.qll b/python/ql/test/library-tests/taint/strings/Taint.qll
@@ -34,3 +34,11 @@ class ExceptionInfoSource extends TaintSource {
 
     override string toString() { result = "Exception info source" }
 }
+
+class ExternalFileObjectSource extends TaintSource {
+    ExternalFileObjectSource() { this.(NameNode).getId() = "TAINTED_FILE" }
+
+    override predicate isSourceOf(TaintKind kind) { kind instanceof ExternalFileObject }
+
+    override string toString() { result = "Tainted file source" }
+}
diff --git a/python/ql/test/library-tests/taint/strings/TestStep.expected b/python/ql/test/library-tests/taint/strings/TestStep.expected
@@ -62,6 +62,12 @@
 | Taint externally controlled string | test.py:66 | test.py:66:22:66:35 | TAINTED_STRING |  |  -->  | Taint externally controlled string | test.py:68 | test.py:68:29:68:42 | tainted_string |  |
 | Taint externally controlled string | test.py:67 | test.py:67:29:67:42 | tainted_string |  |  -->  | Taint [externally controlled string] | test.py:67 | test.py:67:20:67:43 | urlsplit() |  |
 | Taint externally controlled string | test.py:68 | test.py:68:29:68:42 | tainted_string |  |  -->  | Taint [externally controlled string] | test.py:68 | test.py:68:20:68:43 | urlparse() |  |
+| Taint file[externally controlled string] | test.py:72 | test.py:72:20:72:31 | TAINTED_FILE |  |  -->  | Taint file[externally controlled string] | test.py:74 | test.py:74:9:74:20 | tainted_file |  |
+| Taint file[externally controlled string] | test.py:72 | test.py:72:20:72:31 | TAINTED_FILE |  |  -->  | Taint file[externally controlled string] | test.py:75 | test.py:75:9:75:20 | tainted_file |  |
+| Taint file[externally controlled string] | test.py:72 | test.py:72:20:72:31 | TAINTED_FILE |  |  -->  | Taint file[externally controlled string] | test.py:76 | test.py:76:9:76:20 | tainted_file |  |
+| Taint file[externally controlled string] | test.py:72 | test.py:72:20:72:31 | TAINTED_FILE |  |  -->  | Taint file[externally controlled string] | test.py:77 | test.py:77:9:77:20 | tainted_file |  |
+| Taint file[externally controlled string] | test.py:72 | test.py:72:20:72:31 | TAINTED_FILE |  |  -->  | Taint file[externally controlled string] | test.py:78 | test.py:78:27:78:38 | tainted_file |  |
+| Taint file[externally controlled string] | test.py:75 | test.py:75:9:75:20 | tainted_file |  |  -->  | Taint externally controlled string | test.py:75 | test.py:75:9:75:27 | Attribute() |  |
 | Taint json[externally controlled string] | test.py:6 | test.py:6:20:6:45 | Attribute() |  |  -->  | Taint json[externally controlled string] | test.py:7 | test.py:7:9:7:20 | tainted_json |  |
 | Taint json[externally controlled string] | test.py:7 | test.py:7:9:7:20 | tainted_json |  |  -->  | Taint externally controlled string | test.py:7 | test.py:7:9:7:25 | Subscript |  |
 | Taint json[externally controlled string] | test.py:7 | test.py:7:9:7:20 | tainted_json |  |  -->  | Taint json[externally controlled string] | test.py:7 | test.py:7:9:7:25 | Subscript |  |
diff --git a/python/ql/test/library-tests/taint/strings/TestTaint.expected b/python/ql/test/library-tests/taint/strings/TestTaint.expected
@@ -22,3 +22,8 @@
 | test.py:58 | test_untrusted | res | externally controlled string |
 | test.py:69 | test_urlsplit_urlparse | urlparse_res | [externally controlled string] |
 | test.py:69 | test_urlsplit_urlparse | urlsplit_res | [externally controlled string] |
+| test.py:74 | test_tainted_file | tainted_file | file[externally controlled string] |
+| test.py:75 | test_tainted_file | Attribute() | externally controlled string |
+| test.py:76 | test_tainted_file | Attribute() | NO TAINT |
+| test.py:77 | test_tainted_file | Attribute() | NO TAINT |
+| test.py:78 | test_tainted_file | ListComp | NO TAINT |
diff --git a/python/ql/test/library-tests/taint/strings/test.py b/python/ql/test/library-tests/taint/strings/test.py
@@ -67,3 +67,13 @@ def test_urlsplit_urlparse():
     urlsplit_res = urlsplit(tainted_string)
     urlparse_res = urlparse(tainted_string)
     test(urlsplit_res, urlparse_res)
+
+def test_tainted_file():
+    tainted_file = TAINTED_FILE
+    test(
+        tainted_file,
+        tainted_file.read(),
+        tainted_file.readline(),
+        tainted_file.readlines(),
+        [line for line in tainted_file],
+    )
