Convert test to inline expectations

Author: owen-mc

go/ql/test/query-tests/Security/CWE-327/Crypto.go

@@ -13,19 +13,21 @@ func crypto() {
 	public := []byte("hello")
 
 	password := []byte("123456")
-	buf := password // testing dataflow by passing into different variable
+
+	// testing dataflow by passing into different variable
+	buf := password // $ Source
 
 	// BAD, des is a weak crypto algorithm and password is sensitive data
-	des.NewTripleDESCipher(buf)
+	des.NewTripleDESCipher(buf) // $ Alert
 
 	// BAD, md5 is a weak crypto algorithm and password is sensitive data
-	md5.Sum(buf)
+	md5.Sum(buf) // $ Alert
 
 	// BAD, rc4 is a weak crypto algorithm and password is sensitive data
-	rc4.NewCipher(buf)
+	rc4.NewCipher(buf) // $ Alert
 
 	// BAD, sha1 is a weak crypto algorithm and password is sensitive data
-	sha1.Sum(buf)
+	sha1.Sum(buf) // $ Alert
 
 	// GOOD, password is sensitive data but aes is a strong crypto algorithm
 	aes.NewCipher(buf)

go/ql/test/query-tests/Security/CWE-327/WeakCryptoAlgorithm.expected

@@ -1,17 +1,17 @@
+#select
+| Crypto.go:21:25:21:27 | buf | Crypto.go:18:9:18:16 | password | Crypto.go:21:25:21:27 | buf | $@ is used in a weak cryptographic algorithm. | Crypto.go:18:9:18:16 | password | Sensitive data |
+| Crypto.go:24:10:24:12 | buf | Crypto.go:18:9:18:16 | password | Crypto.go:24:10:24:12 | buf | $@ is used in a weak cryptographic algorithm. | Crypto.go:18:9:18:16 | password | Sensitive data |
+| Crypto.go:27:16:27:18 | buf | Crypto.go:18:9:18:16 | password | Crypto.go:27:16:27:18 | buf | $@ is used in a weak cryptographic algorithm. | Crypto.go:18:9:18:16 | password | Sensitive data |
+| Crypto.go:30:11:30:13 | buf | Crypto.go:18:9:18:16 | password | Crypto.go:30:11:30:13 | buf | $@ is used in a weak cryptographic algorithm. | Crypto.go:18:9:18:16 | password | Sensitive data |
 edges
-| Crypto.go:16:9:16:16 | password | Crypto.go:19:25:19:27 | buf | provenance |  |
-| Crypto.go:16:9:16:16 | password | Crypto.go:22:10:22:12 | buf | provenance |  |
-| Crypto.go:16:9:16:16 | password | Crypto.go:25:16:25:18 | buf | provenance |  |
-| Crypto.go:16:9:16:16 | password | Crypto.go:28:11:28:13 | buf | provenance |  |
+| Crypto.go:18:9:18:16 | password | Crypto.go:21:25:21:27 | buf | provenance |  |
+| Crypto.go:18:9:18:16 | password | Crypto.go:24:10:24:12 | buf | provenance |  |
+| Crypto.go:18:9:18:16 | password | Crypto.go:27:16:27:18 | buf | provenance |  |
+| Crypto.go:18:9:18:16 | password | Crypto.go:30:11:30:13 | buf | provenance |  |
 nodes
-| Crypto.go:16:9:16:16 | password | semmle.label | password |
-| Crypto.go:19:25:19:27 | buf | semmle.label | buf |
-| Crypto.go:22:10:22:12 | buf | semmle.label | buf |
-| Crypto.go:25:16:25:18 | buf | semmle.label | buf |
-| Crypto.go:28:11:28:13 | buf | semmle.label | buf |
+| Crypto.go:18:9:18:16 | password | semmle.label | password |
+| Crypto.go:21:25:21:27 | buf | semmle.label | buf |
+| Crypto.go:24:10:24:12 | buf | semmle.label | buf |
+| Crypto.go:27:16:27:18 | buf | semmle.label | buf |
+| Crypto.go:30:11:30:13 | buf | semmle.label | buf |
 subpaths
-#select
-| Crypto.go:19:25:19:27 | buf | Crypto.go:16:9:16:16 | password | Crypto.go:19:25:19:27 | buf | $@ is used in a weak cryptographic algorithm. | Crypto.go:16:9:16:16 | password | Sensitive data |
-| Crypto.go:22:10:22:12 | buf | Crypto.go:16:9:16:16 | password | Crypto.go:22:10:22:12 | buf | $@ is used in a weak cryptographic algorithm. | Crypto.go:16:9:16:16 | password | Sensitive data |
-| Crypto.go:25:16:25:18 | buf | Crypto.go:16:9:16:16 | password | Crypto.go:25:16:25:18 | buf | $@ is used in a weak cryptographic algorithm. | Crypto.go:16:9:16:16 | password | Sensitive data |
-| Crypto.go:28:11:28:13 | buf | Crypto.go:16:9:16:16 | password | Crypto.go:28:11:28:13 | buf | $@ is used in a weak cryptographic algorithm. | Crypto.go:16:9:16:16 | password | Sensitive data |

go/ql/test/query-tests/Security/CWE-327/WeakCryptoAlgorithm.qlref

@@ -1 +1,4 @@
-experimental/CWE-327/WeakCryptoAlgorithm.ql
+query: Security/CWE-327/WeakCryptoAlgorithm.ql
+postprocess:
+  - utils/test/PrettyPrintModels.ql
+  - utils/test/InlineExpectationsTestQuery.ql