Python: update test with implicit read example

Author: yoff

Diff for: python/ql/test/experimental/meta/inline-taint-test-demo/InlineTaintTest.expected

@@ -3,6 +3,10 @@ argumentToEnsureNotTaintedNotMarkedAsSpurious
 untaintedArgumentToEnsureTaintedNotMarkedAsMissing
 | taint_test.py:32:9:32:25 | taint_test.py:32 | ERROR, you should add `# $ MISSING: tainted` annotation | should_be_tainted |
 | taint_test.py:37:24:37:40 | taint_test.py:37 | ERROR, you should add `# $ MISSING: tainted` annotation | should_be_tainted |
+argumentToEnsureNotTaintedWithReadsNotMarkedAsSpurious
+untaintedArgumentToEnsureTaintedWithReadsNotMarkedAsMissing
+spuriousReadStepsPossible
+| taint_test.py:68:9:68:10 | ControlFlowNode for tt | taint_test.py:76:9:76:13 | ControlFlowNode for Subscript |
 testFailures
 | taint_test.py:41:20:41:21 | ts | Fixed missing result:tainted= |
 failures

Diff for: python/ql/test/experimental/meta/inline-taint-test-demo/taint_test.py

@@ -47,3 +47,32 @@ def bad_usage():
     ensure_not_tainted(
         should_not_be_tainted # $ tainted
     )
+
+
+def implicit_reads():
+    tt = (TAINTED_STRING,)
+
+    # Normal use
+    ensure_tainted(
+        tt[0], # $ tainted
+    )
+
+    # We have precise content, so the tuple itself is not tainted
+    ensure_not_tainted(
+        tt,
+        tt[1],
+    )
+
+    # We can see the tuple tainted at sinks due to implicit reads
+    ensure_tainted_with_reads(
+        tt, # $ tainted
+    )
+
+    # We should not see other elements of the tuple being tainted
+    # but the implicit reads of the previous test allows the taint
+    # to flow to the tuple and then to the subscript.
+    # We can see a warning about this in the expected output under
+    # `spuriousReadStepsPossible`.
+    ensure_not_tainted(
+        tt[1], # $ SPURIOUS:tainted
+    )