Python: Add support for x != "safe" BarrierGuard

Author: RasmusWL

python/ql/src/semmle/python/dataflow/new/internal/DataFlowPublic.qll

@@ -360,17 +360,22 @@ module BarrierGuard {
   /** A validation of unknown node by comparing with a constant string value. */
   class StringConstCompare extends BarrierGuard, CompareNode {
     ControlFlowNode checked_node;
+    boolean safe_branch;
 
     StringConstCompare() {
-      exists(StrConst str_const |
-        this.operands(str_const.getAFlowNode(), any(Eq eq), checked_node)
+      exists(StrConst str_const, Cmpop op |
+        op = any(Eq eq) and safe_branch = true
         or
-        this.operands(checked_node, any(Eq eq), str_const.getAFlowNode())
+        op = any(NotEq ne) and safe_branch = false
+      |
+        this.operands(str_const.getAFlowNode(), op, checked_node)
+        or
+        this.operands(checked_node, op, str_const.getAFlowNode())
       )
     }
 
     override predicate checks(ControlFlowNode node, boolean branch) {
-      node = checked_node and branch = true
+      node = checked_node and branch = safe_branch
     }
   }
 }

python/ql/test/experimental/dataflow/tainttracking/commonSanitizer/TestTaint.expected

@@ -6,7 +6,7 @@
 | test_string_const_compare.py:35 | fail | test_eq_with_or | ts |
 | test_string_const_compare.py:37 | ok   | test_eq_with_or | ts |
 | test_string_const_compare.py:43 | ok   | test_non_eq1 | ts |
-| test_string_const_compare.py:45 | fail | test_non_eq1 | ts |
+| test_string_const_compare.py:45 | ok   | test_non_eq1 | ts |
 | test_string_const_compare.py:51 | ok   | test_non_eq2 | ts |
 | test_string_const_compare.py:53 | fail | test_non_eq2 | ts |
 | test_string_const_compare.py:59 | fail | test_in_list | ts |