python: fix test

yoff · yoff · commit e13a43d2b129 · 2025-04-23T14:41:03.000+02:00
diff --git a/python/ql/test/library-tests/frameworks/tornado/taint_test.py b/python/ql/test/library-tests/frameworks/tornado/taint_test.py
@@ -63,9 +63,8 @@ def get(self, name = "World!", number="0", foo="foo"):  # $ requestHandler route
             request.headers["header-name"], # $ tainted
             request.headers.get_list("header-name"), # $ tainted
             request.headers.get_all(), # $ tainted
-            [(k, v) for (k, v) in request.headers.get_all()], # $ MISSING: tainted
             [(k, v) for (k, v) in request.headers.get_all()][0], # $ tainted
-            list([(k, v) for (k, v) in request.headers.get_all()]), # $ MISSING: tainted
+            list([(k, v) for (k, v) in request.headers.get_all()])[0], # $ tainted
 
             # Dict[str, http.cookies.Morsel]
             request.cookies, # $ tainted
@@ -75,6 +74,11 @@ def get(self, name = "World!", number="0", foo="foo"):  # $ requestHandler route
             request.cookies["cookie-name"].coded_value, # $ tainted
         )
 
+        ensure_not_tainted(
+            [(k, v) for (k, v) in request.headers.get_all()], # The comprehension is not tainted, only the elements
+            list([(k, v) for (k, v) in request.headers.get_all()]), # Here, all the elements of the list are tainted, but the list is not.
+        )
+
 
 def make_app():
     return tornado.web.Application(
