MCPcopy Index your code
hub / github.com/SourceCode-AI/aura / test_flask_app

Function test_flask_app

tests/test_taint.py:52–78  ·  view source on GitHub ↗
(fixtures, fuzzy_rule_match)

Source from the content-addressed store, hash-verified

50
51
52def test_flask_app(fixtures, fuzzy_rule_match):
53 output = fixtures.scan_test_file('flask_app.py')
54 assert len(output['detections']) > 0, output
55
56 # TODO: also perhaps 24? `eval(self.code)`
57 # TODO: cover the case at vuln5:72
58 lines = [17, 34, 36, 45, 53, 61, 88]
59
60 matches = [
61 {
62 'type': 'TaintAnomaly',
63 'line_no': x,
64 'message': 'Tainted input is passed to the sink'
65 } for x in lines
66 ]
67
68 output_line_nos = {x['line_no'] for x in output['detections']} - set(lines)
69
70 for x in matches:
71 assert any(fuzzy_rule_match(h, x) for h in output['detections']), (output_line_nos, x)
72
73 excluded = [105, 111]
74 for hit in output['detections']:
75 if hit.get('type') != 'TaintAnomaly':
76 continue
77
78 assert hit.get('line_no') not in excluded, hit
79
80
81def test_taint_log_flask_app(fixtures, fuzzy_rule_match):

Callers

nothing calls this directly

Calls 3

fuzzy_rule_matchFunction · 0.85
scan_test_fileMethod · 0.80
getMethod · 0.80

Tested by

no test coverage detected