Python: Add taint-tests for SQLAlchemy

RasmusWL · RasmusWL · commit ef4873420615 · 2021-06-29T11:03:40.000+02:00
diff --git a/python/ql/test/experimental/library-tests/frameworks/sqlalchemy/InlineTaintTest.expected b/python/ql/test/experimental/library-tests/frameworks/sqlalchemy/InlineTaintTest.expected
@@ -0,0 +1,3 @@
+argumentToEnsureNotTaintedNotMarkedAsSpurious
+untaintedArgumentToEnsureTaintedNotMarkedAsMissing
+failures
diff --git a/python/ql/test/experimental/library-tests/frameworks/sqlalchemy/InlineTaintTest.ql b/python/ql/test/experimental/library-tests/frameworks/sqlalchemy/InlineTaintTest.ql
@@ -0,0 +1,2 @@
+import experimental.meta.InlineTaintTest
+import experimental.semmle.python.frameworks.SqlAlchemy
diff --git a/python/ql/test/experimental/library-tests/frameworks/sqlalchemy/taint_test.py b/python/ql/test/experimental/library-tests/frameworks/sqlalchemy/taint_test.py
@@ -0,0 +1,12 @@
+import sqlalchemy
+
+def test_taint():
+    ts = TAINTED_STRING
+
+    ensure_tainted(
+        ts, # $ tainted
+        sqlalchemy.text(ts), # $ MISSING: tainted
+        sqlalchemy.sql.text(ts),# $ MISSING: tainted
+        sqlalchemy.sql.expression.text(ts),# $ MISSING: tainted
+        sqlalchemy.sql.expression.TextClause(ts),# $ MISSING: tainted
+    )

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+argumentToEnsureNotTaintedNotMarkedAsSpurious`
	`2`	`+untaintedArgumentToEnsureTaintedNotMarkedAsMissing`
	`3`	`+failures`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+import experimental.meta.InlineTaintTest`
	`2`	`+import experimental.semmle.python.frameworks.SqlAlchemy`