hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-28 02:05:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add missing tests for RevelHeader mutators

Browse Source
This commit is contained in:
Chris Smowton
2023-03-24 12:41:28 +00:00
parent 2024747827
commit 12f35bc6ac
1 changed files with 24 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
go/ql/test/library-tests/semmle/go/frameworks/Revel/Revel.go
View File

@@ -128,3 +128,27 @@ func accessingHeaders(c *revel.Controller) {
tainted2 := c.Request.Header.GetAll("somekey")
sink(tainted2[0])
}
func headerMutators(c *revel.Controller) {
tainted := c.Request.UserAgent()
var cleanHeaders revel.RevelHeader
cleanHeaders.Set(tainted, "clean")
sink(cleanHeaders.Get("clean"))
var cleanHeaders2 revel.RevelHeader
cleanHeaders2.Set("clean", tainted)
sink(cleanHeaders2.Get("clean"))
var cleanHeaders3 revel.RevelHeader
cleanHeaders3.Add(tainted, "clean")
sink(cleanHeaders3.Get("clean"))
var cleanHeaders4 revel.RevelHeader
cleanHeaders4.Add("clean", tainted)
sink(cleanHeaders4.Get("clean"))
var cleanHeaders5 revel.RevelHeader
cleanHeaders5.SetCookie(tainted)
sink(cleanHeaders5.Get("clean"))
}