From 56a6ca2028b6b9ac6d7a455fcb62e9fd0a5f58ad Mon Sep 17 00:00:00 2001
From: Alberto Vara <alberto.vara@datadoghq.com>
Date: Tue, 4 Feb 2025 09:53:02 +0100
Subject: [PATCH] chore(iast): test code injection performance in ci (#12195)

## Checklist
- [x] PR author has checked that all the criteria below are met
- The PR description includes an overview of the change
- The PR description articulates the motivation for the change
- The change includes tests OR the PR description describes a testing
strategy
- The PR description notes risks associated with the change, if any
- Newly-added code is easy to change
- The change follows the [library release note
guidelines](https://ddtrace.readthedocs.io/en/stable/releasenotes.html)
- The change includes or references documentation updates if necessary
- Backport labels are set (if
[applicable](https://ddtrace.readthedocs.io/en/latest/contributing.html#backporting))

## Reviewer Checklist
- [x] Reviewer has checked that all the criteria below are met
- Title is accurate
- All changes are related to the pull request's stated goal
- Avoids breaking
[API](https://ddtrace.readthedocs.io/en/stable/versioning.html#interfaces)
changes
- Testing strategy adequately addresses listed risks
- Newly-added code is easy to change
- Release note makes sense to a user of the library
- If necessary, author has acknowledged and discussed the performance
implications of this PR as reported in the benchmarks PR comment
- Backport labels are set in a manner that is consistent with the
[release branch maintenance
policy](https://ddtrace.readthedocs.io/en/latest/contributing.html#backporting)

---------

Co-authored-by: William Conti <58711692+wconti27@users.noreply.github.com>
Co-authored-by: Laplie Anderson <randomanderson@users.noreply.github.com>
Co-authored-by: Brett Langdon <brett.langdon@datadoghq.com>
---
 hatch.toml                         | 3 ++-
 scripts/iast/mod_leak_functions.py | 1 +
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/hatch.toml b/hatch.toml
index 6dcd32e6794..337ace3ca26 100644
--- a/hatch.toml
+++ b/hatch.toml
@@ -466,7 +466,8 @@ _DD_IAST_PATCH_MODULES = "scripts.iast"
 test = [
     "uname -a",
     "pip freeze",
-    "python -m pytest tests/appsec/iast_aggregated_memcheck/test_aggregated_memleaks.py",
+    # We use --no-cov due to a pytest-cov problem with eval https://github.com/pytest-dev/pytest-cov/issues/676
+    "python -m pytest --no-cov tests/appsec/iast_aggregated_memcheck/test_aggregated_memleaks.py",
 ]
 
 [[envs.iast_aggregated_leak_testing.matrix]]
diff --git a/scripts/iast/mod_leak_functions.py b/scripts/iast/mod_leak_functions.py
index bf96d93c497..f53e7aa2e94 100644
--- a/scripts/iast/mod_leak_functions.py
+++ b/scripts/iast/mod_leak_functions.py
@@ -258,6 +258,7 @@ def sink_points(string_tainted):
     except Exception:
         pass
 
+    _ = eval(f"'a' + '{string_tainted}'")
     # Weak Randomness vulnerability
     _ = random.randint(1, 10)