Exemple #1
0
def lists_of_dictionary_iteration_is_precise():
    list_of_dicts = [
        {"with_feature": __test_source(), "without_feature": 0} for x in []
    ]
    for dict in list_of_dicts:
        __test_sink(dict["with_feature"])
        __test_sink(dict["without_feature"])
Exemple #2
0
def setters_are_simulated() -> None:
    x = SetterMutatesValue()
    # Expect no issue
    __test_sink(x.p)
    x.p = __test_source()
    # x.p should now have an issue
    __test_sink(x.p)
Exemple #3
0
def test_items_backward_values(x, y):
    key_is_tainted = {x: "a"}
    value_is_tainted = {"b": y}
    for k, v in key_is_tainted.items():
        __test_sink(v)

    for k, v in value_is_tainted.items():
        __test_sink(v)
Exemple #4
0
def alternate_fields():
    d = {"a": __test_source(), "b": __test_source()}
    if 1 > 2:
        x = d["a"]
    else:
        x = d["b"]
    __test_sink(x)
    return x
Exemple #5
0
def test_keys_and_values():
    tainted_values = {"benign": ("benign", __test_source())}
    # Should be an issue.
    __test_sink(tainted_values.values())
    # Shouldn't be an issue.
    __test_sink(tainted_values.keys())
    for item in tainted_values.values():
        __test_sink(item[0])

    tainted_keys = {__test_source(): ""}
    # Should be an issue.
    __test_sink(tainted_keys.keys())
    # Shouldn't be an issue.
    __test_sink(tainted_keys.values())
Exemple #6
0
def test_keys_and_values():
    tainted_values = {"benign": ("benign", __test_source())}
    # Should be an issue.
    __test_sink(tainted_values.values())
    # Shouldn't be an issue.
    __test_sink(tainted_values.keys())
    for item in tainted_values.values():
        # TODO(T61722447) we need to make iteration read [*][1] here.
        __test_sink(item[0])

    tainted_keys = {__test_source(): ""}
    # Should be an issue.
    __test_sink(tainted_keys.keys())
    # Shouldn't be an issue.
    __test_sink(tainted_keys.values())
Exemple #7
0
def issue_only_with_nested_first():
    first, second = only_applies_to_nested()
    a, issue = first
    c, d = second
    __test_sink(issue)
    __test_sink(a)
    __test_sink(c)
    __test_sink(d)
    return only_applies_to_nested()
Exemple #8
0
def test(complicated_service: ComplicatedService):
    exception = False
    result = None
    try:
        result = complicated_service.serve_tainted_request()

    except:
        exception = True

    # Only try reactivation if all other checks passed
    if exception:
        try:
            result = complicated_service.serve_tainted_request()
        except:
            raise

    __test_sink(result)
Exemple #9
0
def test_items():
    key_is_tainted = {__test_source(): ""}
    value_is_tainted = {"a": __test_source()}
    for k, v in key_is_tainted.items():
        # Should be an issue.
        __test_sink(k)
        # Should not be an issue.
        __test_sink(v)

    for k, v in value_is_tainted.items():
        # Should not be an issue.
        __test_sink(k)
        # Should be an issue.
        __test_sink(v)
Exemple #10
0
def locals_to_sink():
    # No issue before assigning.
    __test_sink(locals()["x"])
    x = __test_source()

    __test_sink(locals()["x"])
    __test_sink(locals()["y"])

    # We properly handle named parameters through `**`.
    named_sink(**locals())
Exemple #11
0
 def __init__(self, argument: str) -> None:
     __test_sink(argument)
Exemple #12
0
def test():
    obj = C.async_create(1, {__test_source(): __test_source()}, "")
    __test_sink(obj.id)
Exemple #13
0
 def __init__(self, bad: int) -> None:
     self.bad = bad
     __test_sink(bad)
Exemple #14
0
def benign_is_untainted():
    context = DataClass(bad=__test_source(), benign=1)
    __test_sink(context.benign)
    return context
Exemple #15
0
def bad_is_tainted():
    context = DataClass(bad=__test_source(), benign=1)
    __test_sink(context)
    return context
Exemple #16
0
 def __setitem__(self, key: Any, value: Any) -> None:
     __test_sink(key)
Exemple #17
0
def issue_from_tuple():
    a, b = return_tuple_of_bools()
    __test_sink(a)
Exemple #18
0
def issue_via_bool():
    o = __test_source()
    x = bool(o)
    __test_sink(x)
Exemple #19
0
def test_getattr_backwards_default(t):
    __test_sink(getattr(None, "", t.token))
Exemple #20
0
def to_sink_via_side_effect(y):
    x = {}
    change_arg0(x, y)
    __test_sink(x)
Exemple #21
0
def dictionary_entry_sink(arg):
    result = {"a": __test_sink(arg)}
Exemple #22
0
def sink_dictionary_through_keys(d: Dict[str, str]) -> None:
    [__test_sink(k) for k in d]
Exemple #23
0
def test_getattr_backwards(t):
    __test_sink(getattr(t, "token", None))
Exemple #24
0
def test_with_issue_in_dict_comprehension():
    sources = [__test_source()]
    {"k": s for s in sources if __test_sink(s)}
Exemple #25
0
def test_attribute_via_dunder_dict():
    obj = UseViaDict(a=__test_source(), b=None)
    # First two should be flows, and the third shouldn't.
    __test_sink(obj.__dict__)
    __test_sink(obj.__dict__["a"])
    __test_sink(obj.__dict__["b"])
Exemple #26
0
def test_service_with_dict():
    service = Service()
    __test_sink(service.async_get_dict(__test_source()))
Exemple #27
0
def issue_via_equality():
    o = returns_tainted_object()
    matches_tainted = o == "tainted"
    __test_sink(matches_tainted)
Exemple #28
0
def test_service_with_mapping():
    service = Service()
    __test_sink(service.async_get_mapping(__test_source()))
Exemple #29
0
async def async_issue_bools() -> None:
    x, y = await async_tuple_of_bools()
    __test_sink(x)
Exemple #30
0
def flow_through_keywords():
    tainted_map = {"a": __test_source()}
    new_map = {**tainted_map}
    __test_sink(tainted_map["a"])