Python: Fix string taint tests

RasmusWL · RasmusWL · commit cac5d00ca273 · 2020-03-09T15:10:48.000+01:00
The tests in ql/python/ql/test/library-tests/taint/strings/ shows that
ClassValue::str() is not good enough.
diff --git a/python/ql/src/semmle/python/security/strings/Basic.qll b/python/ql/src/semmle/python/security/strings/Basic.qll
@@ -94,13 +94,11 @@ private predicate encode_decode(ControlFlowNode fromnode, CallNode tonode) {
 /* tonode = str(fromnode)*/
 private predicate to_str(ControlFlowNode fromnode, CallNode tonode) {
     tonode.getAnArg() = fromnode and
-    tonode = ClassValue::str().getACall()
-    // TODO: should it instead be this?
-    // (
-    //     tonode = ClassValue::bytes().getACall()
-    //     or
-    //     tonode = ClassValue::unicode().getACall()
-    // )
+    (
+        tonode = ClassValue::bytes().getACall()
+        or
+        tonode = ClassValue::unicode().getACall()
+    )
 }
 
 /* tonode = fromnode[:] */
