Python: Add CodeExecution tests for stdlib

Author: RasmusWL

python/ql/test/experimental/library-tests/frameworks/stdlib-py2/CodeExecution.py

@@ -0,0 +1,2 @@
+# exec statement is Python 2 specific
+exec "print(42)"  # $getCode="print(42)"

python/ql/test/experimental/library-tests/frameworks/stdlib-py2/ConceptsTest.expected

@@ -0,0 +1 @@
+| CodeExecution.py:2:19:2:40 | Comment # $getCode="print(42)" | Missing result:getCode="print(42)" |

python/ql/test/experimental/library-tests/frameworks/stdlib-py2/ConceptsTest.ql

@@ -0,0 +1,2 @@
+import python
+import experimental.meta.ConceptsTest

python/ql/test/experimental/library-tests/frameworks/stdlib-py2/options

@@ -0,0 +1 @@
+semmle-extractor-options: --max-import-depth=1 --lang=2

python/ql/test/experimental/library-tests/frameworks/stdlib-py3/CodeExecution.py

@@ -0,0 +1,4 @@
+import builtins
+
+# exec being part of builtins is Python 3 only
+builtins.exec("print(42)")  # $getCode="print(42)"

python/ql/test/experimental/library-tests/frameworks/stdlib-py3/ConceptsTest.expected

@@ -0,0 +1 @@
+| CodeExecution.py:4:29:4:50 | Comment # $getCode="print(42)" | Missing result:getCode="print(42)" |

python/ql/test/experimental/library-tests/frameworks/stdlib-py3/ConceptsTest.ql

@@ -0,0 +1,2 @@
+import python
+import experimental.meta.ConceptsTest

python/ql/test/experimental/library-tests/frameworks/stdlib-py3/options

@@ -0,0 +1 @@
+semmle-extractor-options: --max-import-depth=1 --lang=3

python/ql/test/experimental/library-tests/frameworks/stdlib/CodeExecution.py

@@ -0,0 +1,39 @@
+# without this, `eval("print(42)")` becomes invalid syntax in Python 2, since print is a
+# statement
+from __future__ import print_function
+
+import sys
+
+if sys.version_info[0] == 3:
+    import builtins
+if sys.version_info[0] == 2:
+    import __builtin__ as builtins
+
+exec("print(42)")  # $getCode="print(42)"
+eval("print(42)")  # $getCode="print(42)"
+
+builtins.eval("print(42)")  # $getCode="print(42)"
+
+cmd = compile("print(42)", "<filename>", "exec")
+exec(cmd)  # $getCode=cmd
+
+cmd = builtins.compile("print(42)", "<filename>", "exec")
+exec(cmd)  # $getCode=cmd
+
+# ------------------------------------------------------------------------------
+# taint related
+
+
+def test_additional_taint():
+    src = TAINTED_STRING
+
+    cmd1 = compile(src, "<filename>", "exec")
+    cmd2 = compile(source=src, filename="<filename>", mode="exec")
+    cmd3 = builtins.compile(src, "<filename>", "exec")
+
+    ensure_tainted(
+        src,
+        cmd1,
+        cmd2,
+        cmd3,
+    )

python/ql/test/experimental/library-tests/frameworks/stdlib/CodeExecutionPossibleFP1.py

@@ -0,0 +1,11 @@
+# without this, `eval("print(42)")` becomes invalid syntax in Python 2, since print is a
+# statement
+from __future__ import print_function
+
+
+def eval(*args, **kwargs):
+    raise Exception("no eval")
+
+
+# This function call might be marked as a code execution, but it actually isn't.
+eval("print(42)")