mirror of
https://github.com/github/codeql.git
synced 2026-04-30 11:15:13 +02:00
Add failing tests for newly added functions
This commit is contained in:
Owen Mansel-Chan
@@ -1,2 +1,4 @@
|
||||
invalidModelRow
|
||||
testFailures
|
||||
| test.go:204:21:204:51 | comment | Missing result: hasTaintFlow="call to new" |
|
||||
| test.go:205:21:205:55 | comment | Missing result: hasTaintFlow="star expression" |
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
module semmle.go.Packages
|
||||
|
||||
go 1.13
|
||||
go 1.26
|
||||
|
||||
require github.com/nonexistent/test v0.0.0-20200203000000-0000000000000
|
||||
|
||||
@@ -44,4 +44,6 @@ invalidModelRow
|
||||
| test.go:199:23:199:26 | arg2 | qltest |
|
||||
| test.go:199:29:199:32 | arg3 | qltest |
|
||||
| test.go:202:22:202:25 | temp | qltest |
|
||||
| test.go:206:10:206:12 | src | qltest |
|
||||
| test.go:204:10:204:17 | call to new | qltest |
|
||||
| test.go:205:10:205:18 | star expression | qltest |
|
||||
| test.go:209:10:209:12 | src | qltest |
|
||||
|
||||
@@ -22,4 +22,4 @@ invalidModelRow
|
||||
| test.go:187:24:187:31 | call to Src1 | qltest |
|
||||
| test.go:191:24:191:31 | call to Src1 | qltest |
|
||||
| test.go:201:10:201:28 | selection of SourceVariable | qltest |
|
||||
| test.go:205:15:205:17 | definition of src | qltest |
|
||||
| test.go:208:15:208:17 | definition of src | qltest |
|
||||
|
||||
@@ -200,6 +200,9 @@ func simpleflow() {
|
||||
|
||||
temp := test.SourceVariable
|
||||
test.SinkVariable = temp // $ hasTaintFlow="temp"
|
||||
|
||||
b.Sink1(new(src)) // $ hasTaintFlow="call to new"
|
||||
b.Sink1(*new(src)) // $ hasTaintFlow="star expression"
|
||||
}
|
||||
|
||||
func srcParam(src string, b test.B) {
|
||||
|
||||
@@ -1,2 +1,3 @@
|
||||
invalidModelRow
|
||||
testFailures
|
||||
| test.go:213:21:213:55 | comment | Missing result: hasValueFlow="star expression" |
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
module semmle.go.Packages
|
||||
|
||||
go 1.21
|
||||
go 1.26
|
||||
|
||||
require github.com/nonexistent/test v0.0.0-20200203000000-0000000000000
|
||||
|
||||
@@ -50,4 +50,6 @@ invalidModelRow
|
||||
| test.go:206:10:206:26 | call to min | qltest |
|
||||
| test.go:207:10:207:26 | call to min | qltest |
|
||||
| test.go:210:22:210:25 | temp | qltest |
|
||||
| test.go:214:10:214:12 | src | qltest |
|
||||
| test.go:212:10:212:17 | call to new | qltest |
|
||||
| test.go:213:10:213:18 | star expression | qltest |
|
||||
| test.go:217:10:217:12 | src | qltest |
|
||||
|
||||
@@ -22,4 +22,4 @@ invalidModelRow
|
||||
| test.go:187:24:187:31 | call to Src1 | qltest |
|
||||
| test.go:191:24:191:31 | call to Src1 | qltest |
|
||||
| test.go:209:10:209:28 | selection of SourceVariable | qltest |
|
||||
| test.go:213:15:213:17 | definition of src | qltest |
|
||||
| test.go:216:15:216:17 | definition of src | qltest |
|
||||
|
||||
@@ -208,6 +208,9 @@ func simpleflow() {
|
||||
|
||||
temp := test.SourceVariable
|
||||
test.SinkVariable = temp // $ hasValueFlow="temp"
|
||||
|
||||
b.Sink1(new(src))
|
||||
b.Sink1(*new(src)) // $ hasValueFlow="star expression"
|
||||
}
|
||||
|
||||
func srcParam(src string, b test.B) {
|
||||
|
||||
@@ -60,6 +60,13 @@ func TaintStepTest_Min(sourceCQL interface{}) interface{} {
|
||||
return intoInterface
|
||||
}
|
||||
|
||||
func TaintStepTest_New(sourceCQL interface{}) interface{} {
|
||||
from := sourceCQL.(int)
|
||||
var intoInterface *int
|
||||
intoInterface = new(from)
|
||||
return *intoInterface
|
||||
}
|
||||
|
||||
func RunAllTaints_Builtin() {
|
||||
{
|
||||
source := newSource(0)
|
||||
@@ -101,4 +108,9 @@ func RunAllTaints_Builtin() {
|
||||
out := TaintStepTest_Min(source)
|
||||
sink(4, out)
|
||||
}
|
||||
{
|
||||
source := newSource(5)
|
||||
out := TaintStepTest_New(source)
|
||||
sink(5, out)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -349,6 +349,12 @@ func TaintStepTest_CutSuffix(sourceCQL interface{}) interface{} {
|
||||
return result
|
||||
}
|
||||
|
||||
func TaintStepTest_BytesBufferPeek(sourceCQL interface{}) interface{} {
|
||||
fromBuffer := sourceCQL.(bytes.Buffer)
|
||||
intoByte, _ := fromBuffer.Peek(128)
|
||||
return intoByte
|
||||
}
|
||||
|
||||
func RunAllTaints_Bytes() {
|
||||
{
|
||||
source := newSource(0)
|
||||
@@ -625,4 +631,9 @@ func RunAllTaints_Bytes() {
|
||||
out := TaintStepTest_Clone(source)
|
||||
sink(54, out)
|
||||
}
|
||||
{
|
||||
source := newSource(55)
|
||||
out := TaintStepTest_BytesBufferPeek(source)
|
||||
sink(55, out)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -35,6 +35,13 @@ func TaintStepTest_ErrorsJoin2(sourceCQL interface{}) interface{} {
|
||||
return intoError957
|
||||
}
|
||||
|
||||
func TaintStepTest_ErrorsAsType(sourceCQL interface{}) interface{} {
|
||||
fromError := sourceCQL.(error)
|
||||
var intoInterface interface{}
|
||||
intoInterface, _ = errors.AsType[error](fromError)
|
||||
return intoInterface
|
||||
}
|
||||
|
||||
func RunAllTaints_Errors() {
|
||||
{
|
||||
source := newSource(0)
|
||||
@@ -61,4 +68,9 @@ func RunAllTaints_Errors() {
|
||||
out := TaintStepTest_ErrorsJoin2(source)
|
||||
sink(4, out)
|
||||
}
|
||||
{
|
||||
source := newSource(5)
|
||||
out := TaintStepTest_ErrorsAsType(source)
|
||||
sink(5, out)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -0,0 +1,3 @@
|
||||
| Builtin.go:112:13:112:24 | call to newSource | No flow to its sink |
|
||||
| Bytes.go:635:13:635:25 | call to newSource | No flow to its sink |
|
||||
| Errors.go:72:13:72:24 | call to newSource | No flow to its sink |
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
module example.com/m
|
||||
|
||||
go 1.24
|
||||
go 1.26
|
||||
|
||||
require (
|
||||
golang.org/x/net v0.0.0-20201010224723-4f7140c49acb
|
||||
|
||||
Reference in New Issue
Block a user