Skip to content

Commit eac1c5d

Browse files
RasmusWLRasmusWL
committed
Python: Fix concepts-tests for SQLAlchemy
1 parent 3ace495 commit eac1c5d

File tree

2 files changed

+14
-12
lines changed

2 files changed

+14
-12
lines changed

python/ql/test/experimental/library-tests/frameworks/sqlalchemy/ConceptsTest.ql

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,2 +1,3 @@
11
import python
22
import experimental.meta.ConceptsTest
3+
import experimental.semmle.python.frameworks.SqlAlchemy

python/ql/test/experimental/library-tests/frameworks/sqlalchemy/SqlExecution.py

Lines changed: 13 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -34,23 +34,24 @@ class User(Base):
3434
session.commit()
3535

3636
# Injection without requiring the text() taint-step
37-
session.query(User).filter_by(name="some sql") # $getSql="some sql"
38-
session.scalar("some sql") # $getSql="some sql"
39-
engine.scalar("some sql") # $getSql="some sql"
40-
session.execute("some sql") # $getSql="some sql"
37+
session.query(User).filter_by(name="some sql") # $ MISSING: getSql="some sql"
38+
session.scalar("some sql") # $ getSql="some sql"
39+
engine.scalar("some sql") # $ getSql="some sql"
40+
session.execute("some sql") # $ getSql="some sql"
4141

4242
with engine.connect() as connection:
43-
connection.execute("some sql") # $getSql="some sql"
43+
connection.execute("some sql") # $ getSql="some sql"
4444

4545
with engine.begin() as connection:
46-
connection.execute("some sql") # $getSql="some sql"
46+
connection.execute("some sql") # $ getSql="some sql"
4747

4848
# Injection requiring the text() taint-step
49-
session.query(User).filter(text("some sql")) # $getSql="some sql"
50-
session.query(User).group_by( User.id ).having(text("some sql")) # $getSql="some sql"
51-
session.query(User).group_by(text("name='some sql'")).first() # $getSql="some sql"
52-
session.query(User).order_by(text("name='some sql'")).first() # $getSql="some sql"
49+
t = text("some sql")
50+
session.query(User).filter(t) # $ getSql=t
51+
session.query(User).group_by(User.id).having(t) # $ getSql=Attribute MISSING: getSql=t
52+
session.query(User).group_by(t).first() # $ getSql=t
53+
session.query(User).order_by(t).first() # $ getSql=t
5354

54-
query = select(User).where(User.name == text("some sql")) # $getSql="some sql"
55+
query = select(User).where(User.name == t) # $ MISSING: getSql=t
5556
with engine.connect() as conn:
56-
conn.execute(query)
57+
conn.execute(query) # $ getSql=query

0 commit comments

Comments
 (0)