File tree Expand file tree Collapse file tree 2 files changed +40
-53
lines changed
experimental/dataflow/tainttracking/defaultAdditionalTaintStep
library-tests/frameworks/stdlib Expand file tree Collapse file tree 2 files changed +40
-53
lines changed Load Diff This file was deleted.
Original file line number Diff line number Diff line change 1+ from io import StringIO
2+ import json
3+
4+ def test ():
5+ print ("\n # test" )
6+ ts = TAINTED_STRING
7+
8+ encoded = json .dumps (ts ) # $ encodeOutput=json.dumps(..) encodeFormat=JSON encodeInput=ts
9+
10+ ensure_tainted (
11+ encoded , # $ tainted
12+ json .dumps (ts ), # $ tainted encodeOutput=json.dumps(..) encodeFormat=JSON encodeInput=ts
13+ json .dumps (obj = ts ), # $ tainted encodeOutput=json.dumps(..) encodeFormat=JSON encodeInput=ts
14+ json .loads (encoded ), # $ tainted decodeOutput=json.loads(..) decodeFormat=JSON decodeInput=encoded
15+ json .loads (s = encoded ), # $ tainted decodeOutput=json.loads(..) decodeFormat=JSON decodeInput=encoded
16+ )
17+
18+ # load/dump with file-like
19+ tainted_filelike = StringIO ()
20+ json .dump (ts , tainted_filelike ) # $ encodeFormat=JSON encodeInput=ts
21+
22+ tainted_filelike .seek (0 )
23+ ensure_tainted (
24+ tainted_filelike , # $ tainted
25+ json .load (tainted_filelike ), # $ tainted decodeOutput=json.load(..) decodeFormat=JSON decodeInput=tainted_filelike
26+ )
27+
28+ # load/dump with file-like using keyword-args
29+ tainted_filelike = StringIO ()
30+ json .dump (obj = ts , fp = tainted_filelike ) # $ encodeFormat=JSON encodeInput=ts
31+
32+ tainted_filelike .seek (0 )
33+ ensure_tainted (
34+ tainted_filelike , # $ tainted
35+ json .load (fp = tainted_filelike ), # $ tainted decodeOutput=json.load(..) decodeFormat=JSON decodeInput=tainted_filelike
36+ )
37+
38+
39+ # Make tests runable
40+ test ()
You can’t perform that action at this time.
0 commit comments