Module InlineFlowTest
Provides a simple base test for flow-related tests using inline expectations.
To add this framework to a new language, add a new file (usually called InlineFlowTest.qll)
with:
private import codeql.dataflow.test.InlineFlowTest- private imports of the libraries implementing
DataFlow::InputSig,TaintTracking::InputSig, andInlineExpectationsTest::InlineExpectationsTestSig. - An implementation of the signature
InputSigdefined below. - An import of an appropriately instantiated
InlineFlowTestMakemodule.
To declare expectations, you can use the $ hasTaintFlow or $ hasValueFlow comments within the
test source files. For example, in the case of Ruby test.rb file:
s = source(1)
sink(s); // $ hasValueFlow=1
t = "foo" + taint(2);
sink(t); // $ hasTaintFlow=2
If you are only interested in value flow, then instead of importing DefaultFlowTest, you can import
ValueFlowTest<DefaultFlowConfig>. Similarly, if you are only interested in taint flow, then instead of
importing DefaultFlowTest, you can import TaintFlowTest<DefaultFlowConfig>. In both cases
DefaultFlowConfig can be replaced by another implementation of DataFlow::ConfigSig.
If you need more fine-grained tuning, consider implementing a test using InlineExpectationsTest.
Import path
import codeql.dataflow.test.InlineFlowTest