Merge pull request #4195 from RasmusWL/python-taint-default-sanitizer

Approved by tausbn

Author: codeql-ci

python/ql/test/experimental/dataflow/tainttracking/defaultSanitizer/TestTaint.expected

@@ -0,0 +1,5 @@
+| test.py:16 | fail | const_eq_clears_taint | ts |
+| test.py:18 | ok   | const_eq_clears_taint | ts |
+| test.py:24 | fail | const_eq_clears_taint2 | ts |
+| test.py:29 | ok   | non_const_eq_preserves_taint | ts |
+| test.py:31 | ok   | non_const_eq_preserves_taint | ts |

python/ql/test/experimental/dataflow/tainttracking/defaultSanitizer/TestTaint.ql

@@ -0,0 +1 @@
+import experimental.dataflow.tainttracking.TestTaintLib

python/ql/test/experimental/dataflow/tainttracking/defaultSanitizer/test.py

@@ -0,0 +1,38 @@
+# Add taintlib to PATH so it can be imported during runtime without any hassle
+import sys; import os; sys.path.append(os.path.dirname(os.path.dirname((__file__))))
+from taintlib import *
+
+# This has no runtime impact, but allows autocomplete to work
+from typing import TYPE_CHECKING
+if TYPE_CHECKING:
+    from ..taintlib import *
+
+
+# Actual tests
+
+def const_eq_clears_taint():
+    ts = TAINTED_STRING
+    if ts == "safe":
+        ensure_not_tainted(ts)
+    # ts should still be tainted after exiting the if block
+    ensure_tainted(ts)
+
+def const_eq_clears_taint2():
+    ts = TAINTED_STRING
+    if ts != "safe":
+        return
+    ensure_not_tainted(ts)
+
+def non_const_eq_preserves_taint(x="foo"):
+    ts = TAINTED_STRING
+    if ts == ts:
+        ensure_tainted(ts)
+    if ts == x:
+        ensure_tainted(ts)
+
+
+# Make tests runable
+
+const_eq_clears_taint()
+const_eq_clears_taint2()
+non_const_eq_preserves_taint()