From 3075294cd8cb417f6e91cd38ff9c2699f08ad746 Mon Sep 17 00:00:00 2001 From: Slavomir Date: Tue, 1 Sep 2020 13:55:14 +0200 Subject: [PATCH] Move `strings` module to stdlib, and add more taint-tracking classes to it. --- ql/src/semmle/go/frameworks/Stdlib.qll | 64 --- .../semmle/go/frameworks/stdlib/Strings.qll | 198 +++++++ .../go/frameworks/StdlibTaintFlow/Strings.go | 527 ++++++++++++++++++ 3 files changed, 725 insertions(+), 64 deletions(-) create mode 100644 ql/src/semmle/go/frameworks/stdlib/Strings.qll create mode 100644 ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/Strings.go diff --git a/ql/src/semmle/go/frameworks/Stdlib.qll b/ql/src/semmle/go/frameworks/Stdlib.qll index 1ca8f1eccc1..b926c46c7c2 100644 --- a/ql/src/semmle/go/frameworks/Stdlib.qll +++ b/ql/src/semmle/go/frameworks/Stdlib.qll @@ -485,70 +485,6 @@ module IntegerParser { } } -/** Provides models of commonly used functions in the `strings` package. */ -module Strings { - /** The `Join` function. */ - class Join extends TaintTracking::FunctionModel { - Join() { hasQualifiedName("strings", "Join") } - - override predicate hasTaintFlow(FunctionInput inp, FunctionOutput outp) { - inp.isParameter([0 .. 1]) and outp.isResult() - } - } - - /** The `Repeat` function. */ - class Repeat extends TaintTracking::FunctionModel { - Repeat() { hasQualifiedName("strings", "Repeat") } - - override predicate hasTaintFlow(FunctionInput inp, FunctionOutput outp) { - inp.isParameter(0) and outp.isResult() - } - } - - /** The `Replace` or `ReplaceAll` function. */ - class Replacer extends TaintTracking::FunctionModel { - Replacer() { - hasQualifiedName("strings", "Replace") or hasQualifiedName("strings", "ReplaceAll") - } - - override predicate hasTaintFlow(FunctionInput inp, FunctionOutput outp) { - (inp.isParameter(0) or inp.isParameter(2)) and - outp.isResult() - } - } - - /** The `Split` function or one of its variants. */ - class Splitter extends TaintTracking::FunctionModel { - Splitter() { - exists(string split | split.matches("Split%") | hasQualifiedName("strings", split)) - } - - override predicate hasTaintFlow(FunctionInput inp, FunctionOutput outp) { - inp.isParameter(0) and outp.isResult() - } - } - - /** One of the case-converting functions in the `strings` package. */ - class CaseConverter extends TaintTracking::FunctionModel { - CaseConverter() { - exists(string conv | conv.matches("To%") | hasQualifiedName("strings", conv)) - } - - override predicate hasTaintFlow(FunctionInput inp, FunctionOutput outp) { - inp.isParameter(getNumParameter() - 1) and outp.isResult() - } - } - - /** The `Trim` function or one of its variants. */ - class Trimmer extends TaintTracking::FunctionModel { - Trimmer() { exists(string split | split.matches("Trim%") | hasQualifiedName("strings", split)) } - - override predicate hasTaintFlow(FunctionInput inp, FunctionOutput outp) { - inp.isParameter(0) and outp.isResult() - } - } -} - /** Provides models of commonly used functions in the `net/url` package. */ module URL { /** The `PathEscape` or `QueryEscape` function. */ diff --git a/ql/src/semmle/go/frameworks/stdlib/Strings.qll b/ql/src/semmle/go/frameworks/stdlib/Strings.qll new file mode 100644 index 00000000000..4e1b9221797 --- /dev/null +++ b/ql/src/semmle/go/frameworks/stdlib/Strings.qll @@ -0,0 +1,198 @@ +/** + * Provides classes modeling security-relevant aspects of the `strings` package. + */ + +import go + +/** Provides models of commonly used functions in the `strings` package. */ +module Strings { + private class FunctionModels extends TaintTracking::FunctionModel { + FunctionInput inp; + FunctionOutput outp; + + FunctionModels() { + // signature: func Fields(s string) []string + hasQualifiedName("strings", "Fields") and + (inp.isParameter(0) and outp.isResult()) + or + // signature: func FieldsFunc(s string, f func(rune) bool) []string + hasQualifiedName("strings", "FieldsFunc") and + (inp.isParameter(0) and outp.isResult()) + or + // signature: func Join(elems []string, sep string) string + hasQualifiedName("strings", "Join") and + (inp.isParameter(_) and outp.isResult()) + or + // signature: func Map(mapping func(rune) rune, s string) string + hasQualifiedName("strings", "Map") and + (inp.isParameter(1) and outp.isResult()) + or + // signature: func NewReader(s string) *Reader + hasQualifiedName("strings", "NewReader") and + (inp.isParameter(0) and outp.isResult()) + or + // signature: func NewReplacer(oldnew ...string) *Replacer + hasQualifiedName("strings", "NewReplacer") and + (inp.isParameter(_) and outp.isResult()) + or + // signature: func Repeat(s string, count int) string + hasQualifiedName("strings", "Repeat") and + (inp.isParameter(0) and outp.isResult()) + or + // signature: func Replace(s string, old string, new string, n int) string + hasQualifiedName("strings", "Replace") and + (inp.isParameter([0, 2]) and outp.isResult()) + or + // signature: func ReplaceAll(s string, old string, new string) string + hasQualifiedName("strings", "ReplaceAll") and + (inp.isParameter([0, 2]) and outp.isResult()) + or + // signature: func Split(s string, sep string) []string + hasQualifiedName("strings", "Split") and + (inp.isParameter(0) and outp.isResult()) + or + // signature: func SplitAfter(s string, sep string) []string + hasQualifiedName("strings", "SplitAfter") and + (inp.isParameter(0) and outp.isResult()) + or + // signature: func SplitAfterN(s string, sep string, n int) []string + hasQualifiedName("strings", "SplitAfterN") and + (inp.isParameter(0) and outp.isResult()) + or + // signature: func SplitN(s string, sep string, n int) []string + hasQualifiedName("strings", "SplitN") and + (inp.isParameter(0) and outp.isResult()) + or + // signature: func Title(s string) string + hasQualifiedName("strings", "Title") and + (inp.isParameter(0) and outp.isResult()) + or + // signature: func ToLower(s string) string + hasQualifiedName("strings", "ToLower") and + (inp.isParameter(0) and outp.isResult()) + or + // signature: func ToLowerSpecial(c unicode.SpecialCase, s string) string + hasQualifiedName("strings", "ToLowerSpecial") and + (inp.isParameter(1) and outp.isResult()) + or + // signature: func ToTitle(s string) string + hasQualifiedName("strings", "ToTitle") and + (inp.isParameter(0) and outp.isResult()) + or + // signature: func ToTitleSpecial(c unicode.SpecialCase, s string) string + hasQualifiedName("strings", "ToTitleSpecial") and + (inp.isParameter(1) and outp.isResult()) + or + // signature: func ToUpper(s string) string + hasQualifiedName("strings", "ToUpper") and + (inp.isParameter(0) and outp.isResult()) + or + // signature: func ToUpperSpecial(c unicode.SpecialCase, s string) string + hasQualifiedName("strings", "ToUpperSpecial") and + (inp.isParameter(1) and outp.isResult()) + or + // signature: func ToValidUTF8(s string, replacement string) string + hasQualifiedName("strings", "ToValidUTF8") and + (inp.isParameter(_) and outp.isResult()) + or + // signature: func Trim(s string, cutset string) string + hasQualifiedName("strings", "Trim") and + (inp.isParameter(0) and outp.isResult()) + or + // signature: func TrimFunc(s string, f func(rune) bool) string + hasQualifiedName("strings", "TrimFunc") and + (inp.isParameter(0) and outp.isResult()) + or + // signature: func TrimLeft(s string, cutset string) string + hasQualifiedName("strings", "TrimLeft") and + (inp.isParameter(0) and outp.isResult()) + or + // signature: func TrimLeftFunc(s string, f func(rune) bool) string + hasQualifiedName("strings", "TrimLeftFunc") and + (inp.isParameter(0) and outp.isResult()) + or + // signature: func TrimPrefix(s string, prefix string) string + hasQualifiedName("strings", "TrimPrefix") and + (inp.isParameter(0) and outp.isResult()) + or + // signature: func TrimRight(s string, cutset string) string + hasQualifiedName("strings", "TrimRight") and + (inp.isParameter(0) and outp.isResult()) + or + // signature: func TrimRightFunc(s string, f func(rune) bool) string + hasQualifiedName("strings", "TrimRightFunc") and + (inp.isParameter(0) and outp.isResult()) + or + // signature: func TrimSpace(s string) string + hasQualifiedName("strings", "TrimSpace") and + (inp.isParameter(0) and outp.isResult()) + or + // signature: func TrimSuffix(s string, suffix string) string + hasQualifiedName("strings", "TrimSuffix") and + (inp.isParameter(0) and outp.isResult()) + } + + override predicate hasTaintFlow(FunctionInput input, FunctionOutput output) { + input = inp and output = outp + } + } + + private class MethodModels extends TaintTracking::FunctionModel, Method { + FunctionInput inp; + FunctionOutput outp; + + MethodModels() { + // signature: func (*Builder).String() string + this.hasQualifiedName("strings", "Builder", "String") and + (inp.isReceiver() and outp.isResult()) + or + // signature: func (*Builder).Write(p []byte) (int, error) + this.hasQualifiedName("strings", "Builder", "Write") and + (inp.isParameter(0) and outp.isReceiver()) + or + // signature: func (*Builder).WriteByte(c byte) error + this.hasQualifiedName("strings", "Builder", "WriteByte") and + (inp.isParameter(0) and outp.isReceiver()) + or + // signature: func (*Builder).WriteString(s string) (int, error) + this.hasQualifiedName("strings", "Builder", "WriteString") and + (inp.isParameter(0) and outp.isReceiver()) + or + // signature: func (*Reader).Read(b []byte) (n int, err error) + this.hasQualifiedName("strings", "Reader", "Read") and + (inp.isReceiver() and outp.isParameter(0)) + or + // signature: func (*Reader).ReadAt(b []byte, off int64) (n int, err error) + this.hasQualifiedName("strings", "Reader", "ReadAt") and + (inp.isReceiver() and outp.isParameter(0)) + or + // signature: func (*Reader).ReadByte() (byte, error) + this.hasQualifiedName("strings", "Reader", "ReadByte") and + (inp.isReceiver() and outp.isResult(0)) + or + // signature: func (*Reader).ReadRune() (ch rune, size int, err error) + this.hasQualifiedName("strings", "Reader", "ReadRune") and + (inp.isReceiver() and outp.isResult(0)) + or + // signature: func (*Reader).Reset(s string) + this.hasQualifiedName("strings", "Reader", "Reset") and + (inp.isParameter(0) and outp.isReceiver()) + or + // signature: func (*Reader).WriteTo(w io.Writer) (n int64, err error) + this.hasQualifiedName("strings", "Reader", "WriteTo") and + (inp.isReceiver() and outp.isParameter(0)) + or + // signature: func (*Replacer).Replace(s string) string + this.hasQualifiedName("strings", "Replacer", "Replace") and + (inp.isParameter(0) and outp.isResult()) + or + // signature: func (*Replacer).WriteString(w io.Writer, s string) (n int, err error) + this.hasQualifiedName("strings", "Replacer", "WriteString") and + (inp.isParameter(1) and outp.isParameter(0)) + } + + override predicate hasTaintFlow(FunctionInput input, FunctionOutput output) { + input = inp and output = outp + } + } +} diff --git a/ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/Strings.go b/ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/Strings.go new file mode 100644 index 00000000000..431b0eb77ae --- /dev/null +++ b/ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/Strings.go @@ -0,0 +1,527 @@ +// Code generated by https://github.com/gagliardetto/codebox. DO NOT EDIT. + +package main + +import ( + "io" + "strings" +) + +func TaintStepTest_StringsFields_B0I0O0(sourceCQL interface{}) interface{} { + fromString656 := sourceCQL.(string) + intoString414 := strings.Fields(fromString656) + return intoString414 +} + +func TaintStepTest_StringsFieldsFunc_B0I0O0(sourceCQL interface{}) interface{} { + fromString518 := sourceCQL.(string) + intoString650 := strings.FieldsFunc(fromString518, nil) + return intoString650 +} + +func TaintStepTest_StringsJoin_B0I0O0(sourceCQL interface{}) interface{} { + fromString784 := sourceCQL.([]string) + intoString957 := strings.Join(fromString784, "") + return intoString957 +} + +func TaintStepTest_StringsJoin_B0I1O0(sourceCQL interface{}) interface{} { + fromString520 := sourceCQL.(string) + intoString443 := strings.Join(nil, fromString520) + return intoString443 +} + +func TaintStepTest_StringsMap_B0I0O0(sourceCQL interface{}) interface{} { + fromString127 := sourceCQL.(string) + intoString483 := strings.Map(nil, fromString127) + return intoString483 +} + +func TaintStepTest_StringsNewReader_B0I0O0(sourceCQL interface{}) interface{} { + fromString989 := sourceCQL.(string) + intoReader982 := strings.NewReader(fromString989) + return intoReader982 +} + +func TaintStepTest_StringsNewReplacer_B0I0O0(sourceCQL interface{}) interface{} { + fromString417 := sourceCQL.(string) + intoReplacer584 := strings.NewReplacer(fromString417) + return intoReplacer584 +} + +func TaintStepTest_StringsRepeat_B0I0O0(sourceCQL interface{}) interface{} { + fromString991 := sourceCQL.(string) + intoString881 := strings.Repeat(fromString991, 0) + return intoString881 +} + +func TaintStepTest_StringsReplace_B0I0O0(sourceCQL interface{}) interface{} { + fromString186 := sourceCQL.(string) + intoString284 := strings.Replace(fromString186, "", "", 0) + return intoString284 +} + +func TaintStepTest_StringsReplace_B0I1O0(sourceCQL interface{}) interface{} { + fromString908 := sourceCQL.(string) + intoString137 := strings.Replace("", "", fromString908, 0) + return intoString137 +} + +func TaintStepTest_StringsReplaceAll_B0I0O0(sourceCQL interface{}) interface{} { + fromString494 := sourceCQL.(string) + intoString873 := strings.ReplaceAll(fromString494, "", "") + return intoString873 +} + +func TaintStepTest_StringsReplaceAll_B0I1O0(sourceCQL interface{}) interface{} { + fromString599 := sourceCQL.(string) + intoString409 := strings.ReplaceAll("", "", fromString599) + return intoString409 +} + +func TaintStepTest_StringsSplit_B0I0O0(sourceCQL interface{}) interface{} { + fromString246 := sourceCQL.(string) + intoString898 := strings.Split(fromString246, "") + return intoString898 +} + +func TaintStepTest_StringsSplitAfter_B0I0O0(sourceCQL interface{}) interface{} { + fromString598 := sourceCQL.(string) + intoString631 := strings.SplitAfter(fromString598, "") + return intoString631 +} + +func TaintStepTest_StringsSplitAfterN_B0I0O0(sourceCQL interface{}) interface{} { + fromString165 := sourceCQL.(string) + intoString150 := strings.SplitAfterN(fromString165, "", 0) + return intoString150 +} + +func TaintStepTest_StringsSplitN_B0I0O0(sourceCQL interface{}) interface{} { + fromString340 := sourceCQL.(string) + intoString471 := strings.SplitN(fromString340, "", 0) + return intoString471 +} + +func TaintStepTest_StringsTitle_B0I0O0(sourceCQL interface{}) interface{} { + fromString290 := sourceCQL.(string) + intoString758 := strings.Title(fromString290) + return intoString758 +} + +func TaintStepTest_StringsToLower_B0I0O0(sourceCQL interface{}) interface{} { + fromString396 := sourceCQL.(string) + intoString707 := strings.ToLower(fromString396) + return intoString707 +} + +func TaintStepTest_StringsToLowerSpecial_B0I0O0(sourceCQL interface{}) interface{} { + fromString912 := sourceCQL.(string) + intoString718 := strings.ToLowerSpecial(nil, fromString912) + return intoString718 +} + +func TaintStepTest_StringsToTitle_B0I0O0(sourceCQL interface{}) interface{} { + fromString972 := sourceCQL.(string) + intoString633 := strings.ToTitle(fromString972) + return intoString633 +} + +func TaintStepTest_StringsToTitleSpecial_B0I0O0(sourceCQL interface{}) interface{} { + fromString316 := sourceCQL.(string) + intoString145 := strings.ToTitleSpecial(nil, fromString316) + return intoString145 +} + +func TaintStepTest_StringsToUpper_B0I0O0(sourceCQL interface{}) interface{} { + fromString817 := sourceCQL.(string) + intoString474 := strings.ToUpper(fromString817) + return intoString474 +} + +func TaintStepTest_StringsToUpperSpecial_B0I0O0(sourceCQL interface{}) interface{} { + fromString832 := sourceCQL.(string) + intoString378 := strings.ToUpperSpecial(nil, fromString832) + return intoString378 +} + +func TaintStepTest_StringsToValidUTF8_B0I0O0(sourceCQL interface{}) interface{} { + fromString541 := sourceCQL.(string) + intoString139 := strings.ToValidUTF8(fromString541, "") + return intoString139 +} + +func TaintStepTest_StringsToValidUTF8_B0I1O0(sourceCQL interface{}) interface{} { + fromString814 := sourceCQL.(string) + intoString768 := strings.ToValidUTF8("", fromString814) + return intoString768 +} + +func TaintStepTest_StringsTrim_B0I0O0(sourceCQL interface{}) interface{} { + fromString468 := sourceCQL.(string) + intoString736 := strings.Trim(fromString468, "") + return intoString736 +} + +func TaintStepTest_StringsTrimFunc_B0I0O0(sourceCQL interface{}) interface{} { + fromString516 := sourceCQL.(string) + intoString246 := strings.TrimFunc(fromString516, nil) + return intoString246 +} + +func TaintStepTest_StringsTrimLeft_B0I0O0(sourceCQL interface{}) interface{} { + fromString679 := sourceCQL.(string) + intoString736 := strings.TrimLeft(fromString679, "") + return intoString736 +} + +func TaintStepTest_StringsTrimLeftFunc_B0I0O0(sourceCQL interface{}) interface{} { + fromString839 := sourceCQL.(string) + intoString273 := strings.TrimLeftFunc(fromString839, nil) + return intoString273 +} + +func TaintStepTest_StringsTrimPrefix_B0I0O0(sourceCQL interface{}) interface{} { + fromString982 := sourceCQL.(string) + intoString458 := strings.TrimPrefix(fromString982, "") + return intoString458 +} + +func TaintStepTest_StringsTrimRight_B0I0O0(sourceCQL interface{}) interface{} { + fromString506 := sourceCQL.(string) + intoString213 := strings.TrimRight(fromString506, "") + return intoString213 +} + +func TaintStepTest_StringsTrimRightFunc_B0I0O0(sourceCQL interface{}) interface{} { + fromString468 := sourceCQL.(string) + intoString219 := strings.TrimRightFunc(fromString468, nil) + return intoString219 +} + +func TaintStepTest_StringsTrimSpace_B0I0O0(sourceCQL interface{}) interface{} { + fromString265 := sourceCQL.(string) + intoString971 := strings.TrimSpace(fromString265) + return intoString971 +} + +func TaintStepTest_StringsTrimSuffix_B0I0O0(sourceCQL interface{}) interface{} { + fromString320 := sourceCQL.(string) + intoString545 := strings.TrimSuffix(fromString320, "") + return intoString545 +} + +func TaintStepTest_StringsBuilderString_B0I0O0(sourceCQL interface{}) interface{} { + fromBuilder566 := sourceCQL.(strings.Builder) + intoString497 := fromBuilder566.String() + return intoString497 +} + +func TaintStepTest_StringsBuilderWrite_B0I0O0(sourceCQL interface{}) interface{} { + fromByte274 := sourceCQL.([]byte) + var intoBuilder783 strings.Builder + intoBuilder783.Write(fromByte274) + return intoBuilder783 +} + +func TaintStepTest_StringsBuilderWriteByte_B0I0O0(sourceCQL interface{}) interface{} { + fromByte905 := sourceCQL.(byte) + var intoBuilder389 strings.Builder + intoBuilder389.WriteByte(fromByte905) + return intoBuilder389 +} + +func TaintStepTest_StringsBuilderWriteString_B0I0O0(sourceCQL interface{}) interface{} { + fromString198 := sourceCQL.(string) + var intoBuilder477 strings.Builder + intoBuilder477.WriteString(fromString198) + return intoBuilder477 +} + +func TaintStepTest_StringsReaderRead_B0I0O0(sourceCQL interface{}) interface{} { + fromReader544 := sourceCQL.(strings.Reader) + var intoByte382 []byte + fromReader544.Read(intoByte382) + return intoByte382 +} + +func TaintStepTest_StringsReaderReadAt_B0I0O0(sourceCQL interface{}) interface{} { + fromReader715 := sourceCQL.(strings.Reader) + var intoByte179 []byte + fromReader715.ReadAt(intoByte179, 0) + return intoByte179 +} + +func TaintStepTest_StringsReaderReadByte_B0I0O0(sourceCQL interface{}) interface{} { + fromReader366 := sourceCQL.(strings.Reader) + intoByte648, _ := fromReader366.ReadByte() + return intoByte648 +} + +func TaintStepTest_StringsReaderReadRune_B0I0O0(sourceCQL interface{}) interface{} { + fromReader544 := sourceCQL.(strings.Reader) + intoRune484, _, _ := fromReader544.ReadRune() + return intoRune484 +} + +func TaintStepTest_StringsReaderReset_B0I0O0(sourceCQL interface{}) interface{} { + fromString824 := sourceCQL.(string) + var intoReader754 strings.Reader + intoReader754.Reset(fromString824) + return intoReader754 +} + +func TaintStepTest_StringsReaderWriteTo_B0I0O0(sourceCQL interface{}) interface{} { + fromReader680 := sourceCQL.(strings.Reader) + var intoWriter722 io.Writer + fromReader680.WriteTo(intoWriter722) + return intoWriter722 +} + +func TaintStepTest_StringsReplacerReplace_B0I0O0(sourceCQL interface{}) interface{} { + fromString506 := sourceCQL.(string) + var mediumObjCQL strings.Replacer + intoString121 := mediumObjCQL.Replace(fromString506) + return intoString121 +} + +func TaintStepTest_StringsReplacerWriteString_B0I0O0(sourceCQL interface{}) interface{} { + fromString293 := sourceCQL.(string) + var intoWriter151 io.Writer + var mediumObjCQL strings.Replacer + mediumObjCQL.WriteString(intoWriter151, fromString293) + return intoWriter151 +} + +func RunAllTaints_Strings() { + { + source := newSource(0) + out := TaintStepTest_StringsFields_B0I0O0(source) + sink(0, out) + } + { + source := newSource(1) + out := TaintStepTest_StringsFieldsFunc_B0I0O0(source) + sink(1, out) + } + { + source := newSource(2) + out := TaintStepTest_StringsJoin_B0I0O0(source) + sink(2, out) + } + { + source := newSource(3) + out := TaintStepTest_StringsJoin_B0I1O0(source) + sink(3, out) + } + { + source := newSource(4) + out := TaintStepTest_StringsMap_B0I0O0(source) + sink(4, out) + } + { + source := newSource(5) + out := TaintStepTest_StringsNewReader_B0I0O0(source) + sink(5, out) + } + { + source := newSource(6) + out := TaintStepTest_StringsNewReplacer_B0I0O0(source) + sink(6, out) + } + { + source := newSource(7) + out := TaintStepTest_StringsRepeat_B0I0O0(source) + sink(7, out) + } + { + source := newSource(8) + out := TaintStepTest_StringsReplace_B0I0O0(source) + sink(8, out) + } + { + source := newSource(9) + out := TaintStepTest_StringsReplace_B0I1O0(source) + sink(9, out) + } + { + source := newSource(10) + out := TaintStepTest_StringsReplaceAll_B0I0O0(source) + sink(10, out) + } + { + source := newSource(11) + out := TaintStepTest_StringsReplaceAll_B0I1O0(source) + sink(11, out) + } + { + source := newSource(12) + out := TaintStepTest_StringsSplit_B0I0O0(source) + sink(12, out) + } + { + source := newSource(13) + out := TaintStepTest_StringsSplitAfter_B0I0O0(source) + sink(13, out) + } + { + source := newSource(14) + out := TaintStepTest_StringsSplitAfterN_B0I0O0(source) + sink(14, out) + } + { + source := newSource(15) + out := TaintStepTest_StringsSplitN_B0I0O0(source) + sink(15, out) + } + { + source := newSource(16) + out := TaintStepTest_StringsTitle_B0I0O0(source) + sink(16, out) + } + { + source := newSource(17) + out := TaintStepTest_StringsToLower_B0I0O0(source) + sink(17, out) + } + { + source := newSource(18) + out := TaintStepTest_StringsToLowerSpecial_B0I0O0(source) + sink(18, out) + } + { + source := newSource(19) + out := TaintStepTest_StringsToTitle_B0I0O0(source) + sink(19, out) + } + { + source := newSource(20) + out := TaintStepTest_StringsToTitleSpecial_B0I0O0(source) + sink(20, out) + } + { + source := newSource(21) + out := TaintStepTest_StringsToUpper_B0I0O0(source) + sink(21, out) + } + { + source := newSource(22) + out := TaintStepTest_StringsToUpperSpecial_B0I0O0(source) + sink(22, out) + } + { + source := newSource(23) + out := TaintStepTest_StringsToValidUTF8_B0I0O0(source) + sink(23, out) + } + { + source := newSource(24) + out := TaintStepTest_StringsToValidUTF8_B0I1O0(source) + sink(24, out) + } + { + source := newSource(25) + out := TaintStepTest_StringsTrim_B0I0O0(source) + sink(25, out) + } + { + source := newSource(26) + out := TaintStepTest_StringsTrimFunc_B0I0O0(source) + sink(26, out) + } + { + source := newSource(27) + out := TaintStepTest_StringsTrimLeft_B0I0O0(source) + sink(27, out) + } + { + source := newSource(28) + out := TaintStepTest_StringsTrimLeftFunc_B0I0O0(source) + sink(28, out) + } + { + source := newSource(29) + out := TaintStepTest_StringsTrimPrefix_B0I0O0(source) + sink(29, out) + } + { + source := newSource(30) + out := TaintStepTest_StringsTrimRight_B0I0O0(source) + sink(30, out) + } + { + source := newSource(31) + out := TaintStepTest_StringsTrimRightFunc_B0I0O0(source) + sink(31, out) + } + { + source := newSource(32) + out := TaintStepTest_StringsTrimSpace_B0I0O0(source) + sink(32, out) + } + { + source := newSource(33) + out := TaintStepTest_StringsTrimSuffix_B0I0O0(source) + sink(33, out) + } + { + source := newSource(34) + out := TaintStepTest_StringsBuilderString_B0I0O0(source) + sink(34, out) + } + { + source := newSource(35) + out := TaintStepTest_StringsBuilderWrite_B0I0O0(source) + sink(35, out) + } + { + source := newSource(36) + out := TaintStepTest_StringsBuilderWriteByte_B0I0O0(source) + sink(36, out) + } + { + source := newSource(37) + out := TaintStepTest_StringsBuilderWriteString_B0I0O0(source) + sink(37, out) + } + { + source := newSource(38) + out := TaintStepTest_StringsReaderRead_B0I0O0(source) + sink(38, out) + } + { + source := newSource(39) + out := TaintStepTest_StringsReaderReadAt_B0I0O0(source) + sink(39, out) + } + { + source := newSource(40) + out := TaintStepTest_StringsReaderReadByte_B0I0O0(source) + sink(40, out) + } + { + source := newSource(41) + out := TaintStepTest_StringsReaderReadRune_B0I0O0(source) + sink(41, out) + } + { + source := newSource(42) + out := TaintStepTest_StringsReaderReset_B0I0O0(source) + sink(42, out) + } + { + source := newSource(43) + out := TaintStepTest_StringsReaderWriteTo_B0I0O0(source) + sink(43, out) + } + { + source := newSource(44) + out := TaintStepTest_StringsReplacerReplace_B0I0O0(source) + sink(44, out) + } + { + source := newSource(45) + out := TaintStepTest_StringsReplacerWriteString_B0I0O0(source) + sink(45, out) + } +}