def test_from_package_import_star_with_alias(self):
path = os.path.normpath('examples/import_test_project/test_from_package_import_star_with_alias.py')
project_modules = get_modules_and_packages(os.path.dirname(path))
local_modules = get_directory_modules(os.path.dirname(path))
self.cfg_create_from_file(path, project_modules, local_modules)
EXPECTED = ["Entry module",
"Module Entry package_star_with_alias",
"Module Entry A",
"Module Exit A",
"Module Entry B",
"Module Exit B",
"Module Entry folder",
"Module Entry C",
"Module Exit C",
"Module Exit folder",
"Module Exit package_star_with_alias",
"Function Entry husk.cobia",
"~call_2 = ret_print('A')",
"Exit husk.cobia",
"Function Entry meringue.al",
"~call_4 = ret_print('B')",
"Exit meringue.al",
"Function Entry corn.mousse.pastor",
"~call_6 = ret_print('C')",
"Exit corn.mousse.pastor",
"Exit module"]
for node, expected_label in zip(self.cfg.nodes, EXPECTED):
self.assertEqual(node.label, expected_label)
def test_from_file_import_star(self):
path = os.path.normpath('examples/import_test_project/test_from_file_import_star.py')
project_modules = get_modules_and_packages(os.path.dirname(path))
local_modules = get_directory_modules(os.path.dirname(path))
self.cfg_create_from_file(path, project_modules, local_modules)
EXPECTED = ["Entry module",
"Module Entry A",
"Module Exit A",
"temp_1_s = '60'",
"s = temp_1_s",
"Function Entry B",
"ret_B = s",
"Exit B",
"~call_1 = ret_B",
"temp_2_s = 'minute'",
"s = temp_2_s",
"Function Entry C",
"ret_C = s + 'see'",
"Exit C",
"~call_2 = ret_C",
"temp_3_s = 'IPA'",
"s = temp_3_s",
"Function Entry D",
"ret_D = s + 'dee'",
"Exit D",
"~call_3 = ret_D",
"Exit module"]
for node, expected_label in zip(self.cfg.nodes, EXPECTED):
self.assertEqual(node.label, expected_label)
def test_import_as(self):
path = os.path.normpath('examples/import_test_project/test_import_as.py')
project_modules = get_modules_and_packages(os.path.dirname(path))
local_modules = get_directory_modules(os.path.dirname(path))
self.cfg_create_from_file(path, project_modules, local_modules)
EXPECTED = ["Entry module",
"Module Entry A",
"Module Exit A",
"Module Entry A",
"Module Exit A",
"temp_1_s = 'str'",
"s = temp_1_s",
"Function Entry B",
"ret_B = s",
"Exit B",
"~call_1 = ret_B",
"b = ~call_1",
"save_2_b = b",
"temp_2_s = 'sss'",
"s = temp_2_s",
"Function Entry A.B",
"ret_foo.B = s",
"Exit A.B",
"b = save_2_b",
"~call_2 = ret_foo.B",
"c = ~call_2",
"Exit module"]
for node, expected_label in zip(self.cfg.nodes, EXPECTED):
self.assertEqual(node.label, expected_label)
def test_nested_user_defined_function_calls(self):
path = os.path.normpath('examples/nested_functions_code/nested_user_defined_function_calls.py')
project_modules = get_modules_and_packages(os.path.dirname(path))
local_modules = get_directory_modules(os.path.dirname(path))
self.cfg_create_from_file(path, project_modules, local_modules)
EXPECTED = ["Entry module",
"foo = 'bar'",
"save_1_foo = foo",
"save_2_foo = foo",
"temp_2_inner_arg = foo",
"inner_arg = temp_2_inner_arg",
"Function Entry inner",
"inner_ret_val = inner_arg + 'hey'",
"ret_inner = inner_ret_val",
"Exit inner",
"foo = save_2_foo",
"~call_2 = ret_inner",
"temp_1_outer_arg = ~call_2",
"outer_arg = temp_1_outer_arg",
"Function Entry outer",
"outer_ret_val = outer_arg + 'hey'",
"ret_outer = outer_ret_val",
"Exit outer",
"foo = save_1_foo",
"~call_1 = ret_outer",
"abc = ~call_1",
"Exit module"]
for node, expected_label in zip(self.cfg.nodes, EXPECTED):
self.assertEqual(node.label, expected_label)
def test_relative_level_2(self):
path = os.path.normpath('examples/import_test_project/test_relative_level_2.py')
project_modules = get_modules_and_packages(os.path.dirname(path))
local_modules = get_directory_modules(os.path.dirname(path))
try:
self.cfg_create_from_file(path, project_modules, local_modules)
except Exception as e:
self.assertTrue("OSError('Input needs to be a file. Path: " in repr(e))
self.assertTrue("examples/A.py" in repr(e))
def run_analysis(self, path):
path = os.path.normpath(path)
project_modules = get_modules(os.path.dirname(path))
local_modules = get_directory_modules(os.path.dirname(path))
self.cfg_create_from_file(path, project_modules, local_modules)
cfg_list = [self.cfg]
FrameworkAdaptor(cfg_list, [], [], is_flask_route_function)
initialize_constraint_table(cfg_list)
analyse(cfg_list)
return find_vulnerabilities(cfg_list, default_blackbox_mapping_file,
default_trigger_word_file)
def test_multiple_functions_with_aliases(self):
file_path = os.path.normpath('examples/import_test_project/test_multiple_functions_with_aliases.py')
project_path = os.path.normpath('examples/import_test_project')
project_modules = get_modules_and_packages(project_path)
local_modules = get_directory_modules(project_path)
self.cfg_create_from_file(file_path, project_modules, local_modules)
EXPECTED = ["Entry module",
"Module Entry A",
"Module Exit A",
"temp_1_s = 'mutton'",
"s = temp_1_s",
"Function Entry B",
"ret_keens = s",
"Exit B",
"~call_1 = ret_keens",
"a = ~call_1",
"save_2_a = a",
"temp_2_s = 'tasting'",
"s = temp_2_s",
"Function Entry C",
"ret_C = s + 'see'",
"Exit C",
"a = save_2_a",
"~call_2 = ret_C",
"b = ~call_2",
"save_3_a = a",
"save_3_b = b",
"temp_3_s = 'peking'",
"s = temp_3_s",
"Function Entry D",
"ret_duck_house = s + 'dee'",
"Exit D",
"a = save_3_a",
"b = save_3_b",
"~call_3 = ret_duck_house",
"c = ~call_3",
"Exit module"]
for node, expected_label in zip(self.cfg.nodes, EXPECTED):
self.assertEqual(node.label, expected_label)
def test_from_package_with_file_and_alias(self):
file_path = os.path.normpath('examples/import_test_project/test_from_package_with_file_and_alias.py')
project_path = os.path.normpath('examples/import_test_project')
project_modules = get_modules_and_packages(project_path)
local_modules = get_directory_modules(project_path)
self.cfg_create_from_file(file_path, project_modules, local_modules)
EXPECTED = ["Entry module",
"Module Entry package_with_file_and_alias",
"Module Entry Starbucks",
"Module Exit Starbucks",
"Module Exit package_with_file_and_alias",
"Function Entry Eataly.Tea",
"~call_2 = ret_print('Teavana Green')",
"Exit Eataly.Tea",
"Exit module"]
for node, expected_label in zip(self.cfg.nodes, EXPECTED):
self.assertEqual(node.label, expected_label)
def test_relative_from_directory(self):
file_path = os.path.normpath('examples/import_test_project/test_relative_from_directory.py')
project_path = os.path.normpath('examples/import_test_project')
project_modules = get_modules_and_packages(project_path)
local_modules = get_directory_modules(project_path)
self.cfg_create_from_file(file_path, project_modules, local_modules)
EXPECTED = ["Entry module",
"Module Entry bar",
"Module Exit bar",
"temp_1_s = 'hey'",
"s = temp_1_s",
"Function Entry bar.H",
"ret_bar.H = s + 'end'",
"Exit bar.H",
"~call_1 = ret_bar.H",
"Exit module"]
for node, expected_label in zip(self.cfg.nodes, EXPECTED):
self.assertEqual(node.label, expected_label)
def test_from_package_with_function(self):
file_path = os.path.normpath('examples/import_test_project/test_from_package_with_function.py')
project_path = os.path.normpath('examples/import_test_project')
project_modules = get_modules_and_packages(project_path)
local_modules = get_directory_modules(project_path)
self.cfg_create_from_file(file_path, project_modules, local_modules)
EXPECTED = ["Entry module",
"Module Entry package_with_function",
"Module Entry nested_folder_with_init",
"Module Entry starbucks",
"Module Exit starbucks",
"Module Exit nested_folder_with_init",
"Module Exit package_with_function",
"Function Entry StarbucksVisitor",
"~call_2 = ret_print('Iced Mocha')",
"Exit StarbucksVisitor",
"Exit module"]
for node, expected_label in zip(self.cfg.nodes, EXPECTED):
self.assertEqual(node.label, expected_label)
def test_package_with_folder_and_alias(self):
file_path = os.path.normpath('examples/import_test_project/test_package_with_folder_and_alias.py')
project_path = os.path.normpath('examples/import_test_project')
project_modules = get_modules_and_packages(project_path)
local_modules = get_directory_modules(project_path)
self.cfg_create_from_file(file_path, project_modules, local_modules)
EXPECTED = ["Entry module",
"Module Entry package_with_folder_and_alias",
"Module Entry nested_folder_with_init",
"Module Entry moose",
"Module Exit moose",
"Module Exit nested_folder_with_init",
"Module Exit package_with_folder_and_alias",
"Function Entry package_with_folder_and_alias.heyo.moose.fast",
"~call_2 = ret_print('real fast')",
"Exit package_with_folder_and_alias.heyo.moose.fast",
"Exit module"]
for node, expected_label in zip(self.cfg.nodes, EXPECTED):
self.assertEqual(node.label, expected_label)
def test_from_dot_dot(self):
file_path = os.path.normpath('examples/import_test_project/other_dir/test_from_dot_dot.py')
project_path = os.path.normpath('examples/import_test_project')
project_modules = get_modules_and_packages(project_path)
local_modules = get_directory_modules(project_path)
self.cfg_create_from_file(file_path, project_modules, local_modules)
EXPECTED = ['Entry module',
'Module Entry A',
'Module Exit A',
'temp_1_s = \'sss\'',
's = temp_1_s',
'Function Entry A.B',
'ret_A.B = s',
'Exit A.B',
'~call_1 = ret_A.B',
'c = ~call_1',
'Exit module']
for node, expected_label in zip(self.cfg.nodes, EXPECTED):
self.assertEqual(node.label, expected_label)
