Add tests

joefarebrother · joefarebrother · commit a83c70f99d8d · 2025-11-24T11:03:16.000Z
diff --git a/python/ql/lib/semmle/python/Frameworks.qll b/python/ql/lib/semmle/python/Frameworks.qll
@@ -78,6 +78,7 @@ private import semmle.python.frameworks.Sanic
 private import semmle.python.frameworks.ServerLess
 private import semmle.python.frameworks.Setuptools
 private import semmle.python.frameworks.Simplejson
+private import semmle.python.frameworks.Socketio
 private import semmle.python.frameworks.SqlAlchemy
 private import semmle.python.frameworks.Starlette
 private import semmle.python.frameworks.Stdlib
diff --git a/python/ql/lib/semmle/python/frameworks/Socketio.qll b/python/ql/lib/semmle/python/frameworks/Socketio.qll
@@ -6,6 +6,7 @@
 private import python
 private import semmle.python.dataflow.new.DataFlow
 private import semmle.python.dataflow.new.TaintTracking
+private import semmle.python.dataflow.new.RemoteFlowSources
 private import semmle.python.Concepts
 private import semmle.python.ApiGraphs
 private import semmle.python.frameworks.internal.PoorMansFunctionResolution
@@ -31,7 +32,9 @@ module SocketIO {
       serverEventAnnotation().getAValueReachableFromSource().asExpr() = this.getADecorator()
     }
 
-    override Parameter getARoutedParameter() { result = this.getAnArg() }
+    override Parameter getARoutedParameter() {
+      result = this.getAnArg() and not result = this.getArg(0)
+    }
 
     override string getFramework() { result = "socketio" }
   }
@@ -52,8 +55,16 @@ module SocketIO {
   private class CallbackHandler extends Http::Server::RequestHandler::Range {
     CallbackHandler() { any(CallbackArgument ca) = poorMansFunctionTracker(this) }
 
-    override Parameter getARoutedParameter() { result = this.getAnArg() }
+    override Parameter getARoutedParameter() {
+      result = this.getAnArg() and not result = this.getArg(0)
+    }
 
     override string getFramework() { result = "socketio" }
   }
+
+  private class SocketIOCall extends RemoteFlowSource::Range {
+    SocketIOCall() { this = server().getMember("call").getACall() }
+
+    override string getSourceType() { result = "socketio call" }
+  }
 }
diff --git a/python/ql/test/library-tests/frameworks/socketio/ConceptsTest.expected b/python/ql/test/library-tests/frameworks/socketio/ConceptsTest.expected
diff --git a/python/ql/test/library-tests/frameworks/socketio/ConceptsTest.ql b/python/ql/test/library-tests/frameworks/socketio/ConceptsTest.ql
@@ -0,0 +1,2 @@
+import python
+import experimental.meta.ConceptsTest
diff --git a/python/ql/test/library-tests/frameworks/socketio/test.py b/python/ql/test/library-tests/frameworks/socketio/test.py
@@ -0,0 +1,29 @@
+import socketio 
+
+sio = socketio.Server()
+
+@sio.on("connect")
+def connect(sid, environ, auth): # $ requestHandler routedParameter=environ routedParameter=auth
+    print("connect", sid, environ, auth)
+
+@sio.on("event1")
+def handle(sid, data): # $ requestHandler routedParameter=data
+    print("e1", sid, data)
+
+@sio.event
+def event2(sid, data): # $ requestHandler routedParameter=data
+    print("e2", sid, data)
+
+def event3(sid, data): # $ requestHandler routedParameter=data
+    print("e3", sid, data)
+
+sio.on("event3", handler=event3)
+
+sio.on("event4", lambda sid,data: print("e4", sid, data)) # $ requestHandler routedParameter=data
+
+
+
+if __name__ == "__main__":
+    app = socketio.WSGIApp(sio)
+    import eventlet 
+    eventlet.wsgi.server(eventlet.listen(('', 8000)), app)

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+import python`
	`2`	`+import experimental.meta.ConceptsTest`