Skip to content

Commit fe50811

Browse files
RasmusWLRasmusWL
committed
Python: In taint test, list comprehension => for loop
Apparently they're not the same thing :(
1 parent 06edd07 commit fe50811

File tree

3 files changed

+6
-3
lines changed

3 files changed

+6
-3
lines changed

python/ql/test/library-tests/taint/strings/TestStep.expected

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -62,14 +62,16 @@
6262
| Taint externally controlled string | test.py:66 | test.py:66:22:66:35 | TAINTED_STRING | | --> | Taint externally controlled string | test.py:68 | test.py:68:29:68:42 | tainted_string | |
6363
| Taint externally controlled string | test.py:67 | test.py:67:29:67:42 | tainted_string | | --> | Taint [externally controlled string] | test.py:67 | test.py:67:20:67:43 | urlsplit() | |
6464
| Taint externally controlled string | test.py:68 | test.py:68:29:68:42 | tainted_string | | --> | Taint [externally controlled string] | test.py:68 | test.py:68:20:68:43 | urlparse() | |
65+
| Taint externally controlled string | test.py:79 | test.py:79:5:79:29 | For | | --> | Taint externally controlled string | test.py:80 | test.py:80:14:80:17 | line | |
6566
| Taint file[externally controlled string] | test.py:72 | test.py:72:20:72:31 | TAINTED_FILE | | --> | Taint file[externally controlled string] | test.py:74 | test.py:74:9:74:20 | tainted_file | |
6667
| Taint file[externally controlled string] | test.py:72 | test.py:72:20:72:31 | TAINTED_FILE | | --> | Taint file[externally controlled string] | test.py:75 | test.py:75:9:75:20 | tainted_file | |
6768
| Taint file[externally controlled string] | test.py:72 | test.py:72:20:72:31 | TAINTED_FILE | | --> | Taint file[externally controlled string] | test.py:76 | test.py:76:9:76:20 | tainted_file | |
6869
| Taint file[externally controlled string] | test.py:72 | test.py:72:20:72:31 | TAINTED_FILE | | --> | Taint file[externally controlled string] | test.py:77 | test.py:77:9:77:20 | tainted_file | |
69-
| Taint file[externally controlled string] | test.py:72 | test.py:72:20:72:31 | TAINTED_FILE | | --> | Taint file[externally controlled string] | test.py:78 | test.py:78:27:78:38 | tainted_file | |
70+
| Taint file[externally controlled string] | test.py:72 | test.py:72:20:72:31 | TAINTED_FILE | | --> | Taint file[externally controlled string] | test.py:79 | test.py:79:17:79:28 | tainted_file | |
7071
| Taint file[externally controlled string] | test.py:75 | test.py:75:9:75:20 | tainted_file | | --> | Taint externally controlled string | test.py:75 | test.py:75:9:75:27 | Attribute() | |
7172
| Taint file[externally controlled string] | test.py:76 | test.py:76:9:76:20 | tainted_file | | --> | Taint externally controlled string | test.py:76 | test.py:76:9:76:31 | Attribute() | |
7273
| Taint file[externally controlled string] | test.py:77 | test.py:77:9:77:20 | tainted_file | | --> | Taint [externally controlled string] | test.py:77 | test.py:77:9:77:32 | Attribute() | |
74+
| Taint file[externally controlled string] | test.py:79 | test.py:79:17:79:28 | tainted_file | | --> | Taint externally controlled string | test.py:79 | test.py:79:5:79:29 | For | |
7375
| Taint json[externally controlled string] | test.py:6 | test.py:6:20:6:45 | Attribute() | | --> | Taint json[externally controlled string] | test.py:7 | test.py:7:9:7:20 | tainted_json | |
7476
| Taint json[externally controlled string] | test.py:7 | test.py:7:9:7:20 | tainted_json | | --> | Taint externally controlled string | test.py:7 | test.py:7:9:7:25 | Subscript | |
7577
| Taint json[externally controlled string] | test.py:7 | test.py:7:9:7:20 | tainted_json | | --> | Taint json[externally controlled string] | test.py:7 | test.py:7:9:7:25 | Subscript | |

python/ql/test/library-tests/taint/strings/TestTaint.expected

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -26,4 +26,4 @@
2626
| test.py:75 | test_tainted_file | Attribute() | externally controlled string |
2727
| test.py:76 | test_tainted_file | Attribute() | externally controlled string |
2828
| test.py:77 | test_tainted_file | Attribute() | [externally controlled string] |
29-
| test.py:78 | test_tainted_file | ListComp | NO TAINT |
29+
| test.py:80 | test_tainted_file | line | externally controlled string |

python/ql/test/library-tests/taint/strings/test.py

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -75,5 +75,6 @@ def test_tainted_file():
7575
tainted_file.read(),
7676
tainted_file.readline(),
7777
tainted_file.readlines(),
78-
[line for line in tainted_file],
7978
)
79+
for line in tainted_file:
80+
test(line)

0 commit comments

Comments
 (0)