From 26ef33212de6699a2f559cf3de87aac7a2f9e1f5 Mon Sep 17 00:00:00 2001 From: Owen Mansel-Chan Date: Wed, 21 Jan 2026 12:07:59 +0000 Subject: [PATCH] Test builtins like standard library --- .../go/frameworks/StdlibTaintFlow/Builtin.go | 104 ++++++++++++++++++ 1 file changed, 104 insertions(+) create mode 100644 go/ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/Builtin.go diff --git a/go/ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/Builtin.go b/go/ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/Builtin.go new file mode 100644 index 00000000000..ca1ea9c932e --- /dev/null +++ b/go/ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/Builtin.go @@ -0,0 +1,104 @@ +package main + +// Also tested in go/ql/test/library-tests/semmle/go/dataflow/ExternalValueFlow +// and go/ql/test/library-tests/semmle/go/dataflow/ExternalTaintFlow. + +func TaintStepTest_Append1(sourceCQL interface{}) interface{} { + from := sourceCQL.([]byte) + var intoInterface interface{} + intoInterface = append(from, "a string"...) + return intoInterface +} + +func TaintStepTest_Append2(sourceCQL interface{}) interface{} { + from := sourceCQL.(int) + slice := []int{from} + var intoInterface []int + intoInterface = append(slice, 0) + return intoInterface[0] +} + +func TaintStepTest_Append3(sourceCQL interface{}) interface{} { + from := sourceCQL.(string) + var intoInterface interface{} + intoInterface = append([]byte{}, from...) + return intoInterface +} + +func TaintStepTest_Append4(sourceCQL interface{}) interface{} { + from := sourceCQL.(int) + var intoInterface []int + intoInterface = append([]int{}, 0, from, 1) + return intoInterface[0] +} + +func TaintStepTest_Copy1(sourceCQL interface{}) interface{} { + from := sourceCQL.(string) + var intoInterface []byte + copy(intoInterface, from) + return intoInterface +} + +func TaintStepTest_Copy2(sourceCQL interface{}) interface{} { + from := []int{sourceCQL.(int)} + var intoInterface []int + copy(intoInterface, from) + return intoInterface[0] +} + +func TaintStepTest_Max(sourceCQL interface{}) interface{} { + from := sourceCQL.(int) + var intoInterface int + intoInterface = max(0, 1, from, 2, 3) + return intoInterface +} + +func TaintStepTest_Min(sourceCQL interface{}) interface{} { + from := sourceCQL.(int) + var intoInterface int + intoInterface = min(0, 1, from, 2, 3) + return intoInterface +} + +func RunAllTaints_Builtin() { + { + source := newSource(0) + out := TaintStepTest_Append1(source) + sink(0, out) + } + { + source := newSource(1) + out := TaintStepTest_Append2(source) + sink(1, out) + } + { + source := newSource(2) + out := TaintStepTest_Append3(source) + sink(2, out) + } + { + source := newSource(3) + out := TaintStepTest_Append4(source) + sink(3, out) + } + { + source := newSource(4) + out := TaintStepTest_Copy1(source) + sink(4, out) + } + { + source := newSource(5) + out := TaintStepTest_Copy2(source) + sink(5, out) + } + { + source := newSource(3) + out := TaintStepTest_Max(source) + sink(3, out) + } + { + source := newSource(4) + out := TaintStepTest_Min(source) + sink(4, out) + } +}