From 0b50ee7755ce6a65eb98d27d4cc4cab4ebc65912 Mon Sep 17 00:00:00 2001 From: Owen Mansel-Chan Date: Tue, 8 Dec 2020 16:11:46 +0000 Subject: [PATCH] Change to Inline Expectations Test --- .../EvanphxJsonPatch/TaintFlows.expected | 11 ------ .../frameworks/EvanphxJsonPatch/TaintFlows.ql | 37 +++++++++++-------- .../go/frameworks/EvanphxJsonPatch/main.go | 22 +++++------ 3 files changed, 33 insertions(+), 37 deletions(-) diff --git a/ql/test/library-tests/semmle/go/frameworks/EvanphxJsonPatch/TaintFlows.expected b/ql/test/library-tests/semmle/go/frameworks/EvanphxJsonPatch/TaintFlows.expected index c46759e3e5c..e69de29bb2d 100644 --- a/ql/test/library-tests/semmle/go/frameworks/EvanphxJsonPatch/TaintFlows.expected +++ b/ql/test/library-tests/semmle/go/frameworks/EvanphxJsonPatch/TaintFlows.expected @@ -1,11 +0,0 @@ -| main.go:27:35:27:55 | call to getTaintedByteArray : slice type | main.go:28:16:28:17 | b1 | 27 | -| main.go:30:55:30:75 | call to getTaintedByteArray : slice type | main.go:31:16:31:17 | b2 | 30 | -| main.go:34:28:34:48 | call to getTaintedByteArray : slice type | main.go:35:16:35:17 | b3 | 34 | -| main.go:37:48:37:68 | call to getTaintedByteArray : slice type | main.go:38:16:38:17 | b4 | 37 | -| main.go:41:34:41:54 | call to getTaintedByteArray : slice type | main.go:42:16:42:17 | b5 | 41 | -| main.go:44:54:44:74 | call to getTaintedByteArray : slice type | main.go:45:16:45:17 | b6 | 44 | -| main.go:48:29:48:49 | call to getTaintedByteArray : slice type | main.go:49:12:49:13 | p7 | 48 | -| main.go:52:32:52:52 | call to getTaintedByteArray : slice type | main.go:53:16:53:17 | b8 | 52 | -| main.go:55:11:55:27 | call to getTaintedPatch : Patch | main.go:56:16:56:17 | b9 | 55 | -| main.go:59:39:59:59 | call to getTaintedByteArray : slice type | main.go:60:16:60:18 | b10 | 59 | -| main.go:62:12:62:28 | call to getTaintedPatch : Patch | main.go:63:16:63:18 | b11 | 62 | diff --git a/ql/test/library-tests/semmle/go/frameworks/EvanphxJsonPatch/TaintFlows.ql b/ql/test/library-tests/semmle/go/frameworks/EvanphxJsonPatch/TaintFlows.ql index f3a2c5b1111..dba2e0fb05c 100644 --- a/ql/test/library-tests/semmle/go/frameworks/EvanphxJsonPatch/TaintFlows.ql +++ b/ql/test/library-tests/semmle/go/frameworks/EvanphxJsonPatch/TaintFlows.ql @@ -1,25 +1,32 @@ import go +import TestUtilities.InlineExpectationsTest -class SourceFunction extends Function { - SourceFunction() { this.getName() = ["getTaintedByteArray", "getTaintedPatch"] } -} - -class SinkFunction extends Function { - SinkFunction() { this.getName() = ["sinkByteArray", "sinkPatch"] } -} - -class TestConfig extends TaintTracking::Configuration { - TestConfig() { this = "testconfig" } +class Configuration extends TaintTracking::Configuration { + Configuration() { this = "test-configuration" } override predicate isSource(DataFlow::Node source) { - source = any(SourceFunction f).getACall().getAResult() + source = + any(DataFlow::CallNode c | c.getCalleeName() in ["getTaintedByteArray", "getTaintedPatch"]) + .getResult(0) } override predicate isSink(DataFlow::Node sink) { - sink = any(SinkFunction f).getACall().getAnArgument() + sink = + any(DataFlow::CallNode c | c.getCalleeName() in ["sinkByteArray", "sinkPatch"]).getArgument(0) } } -from TestConfig config, DataFlow::PathNode source, DataFlow::PathNode sink, int i -where config.hasFlowPath(source, sink) and source.hasLocationInfo(_, i, _, _, _) -select source, sink, i order by i +class TaintFlowTest extends InlineExpectationsTest { + TaintFlowTest() { this = "TaintFlowTest" } + + override string getARelevantTag() { result = "taintflow" } + + override predicate hasActualResult(string file, int line, string element, string tag, string value) { + tag = "taintflow" and + exists(DataFlow::Node sink | any(Configuration c).hasFlow(_, sink) | + element = sink.toString() and + value = "" and + sink.hasLocationInfo(file, line, _, _, _) + ) + } +} diff --git a/ql/test/library-tests/semmle/go/frameworks/EvanphxJsonPatch/main.go b/ql/test/library-tests/semmle/go/frameworks/EvanphxJsonPatch/main.go index add7b67794e..10e8c9a5139 100644 --- a/ql/test/library-tests/semmle/go/frameworks/EvanphxJsonPatch/main.go +++ b/ql/test/library-tests/semmle/go/frameworks/EvanphxJsonPatch/main.go @@ -25,40 +25,40 @@ func main() { // func MergeMergePatches(patch1Data, patch2Data []byte) ([]byte, error) b1, _ := patch.MergeMergePatches(getTaintedByteArray(), untaintedByteArray) - sinkByteArray(b1) + sinkByteArray(b1) // $taintflow b2, _ := patch.MergeMergePatches(untaintedByteArray, getTaintedByteArray()) - sinkByteArray(b2) + sinkByteArray(b2) // $taintflow // func MergePatch(docData, patchData []byte) ([]byte, error) b3, _ := patch.MergePatch(getTaintedByteArray(), untaintedByteArray) - sinkByteArray(b3) + sinkByteArray(b3) // $taintflow b4, _ := patch.MergePatch(untaintedByteArray, getTaintedByteArray()) - sinkByteArray(b4) + sinkByteArray(b4) // $taintflow // func CreateMergePatch(originalJSON, modifiedJSON []byte) ([]byte, error) b5, _ := patch.CreateMergePatch(getTaintedByteArray(), untaintedByteArray) - sinkByteArray(b5) + sinkByteArray(b5) // $taintflow b6, _ := patch.CreateMergePatch(untaintedByteArray, getTaintedByteArray()) - sinkByteArray(b6) + sinkByteArray(b6) // $taintflow // func DecodePatch(buf []byte) (Patch, error) p7, _ := patch.DecodePatch(getTaintedByteArray()) - sinkPatch(p7) + sinkPatch(p7) // $taintflow // func (p Patch) Apply(doc []byte) ([]byte, error) b8, _ := untaintedPatch.Apply(getTaintedByteArray()) - sinkByteArray(b8) + sinkByteArray(b8) // $taintflow b9, _ := getTaintedPatch().Apply(untaintedByteArray) - sinkByteArray(b9) + sinkByteArray(b9) // $taintflow // func (p Patch) ApplyIndent(doc []byte, indent string) ([]byte, error) b10, _ := untaintedPatch.ApplyIndent(getTaintedByteArray(), " ") - sinkByteArray(b10) + sinkByteArray(b10) // $taintflow b11, _ := getTaintedPatch().ApplyIndent(untaintedByteArray, " ") - sinkByteArray(b11) + sinkByteArray(b11) // $taintflow }