From 3e57ea0e75a8f9f49fa61b21d83fbb52d3ab6a32 Mon Sep 17 00:00:00 2001 From: Owen Mansel-Chan Date: Fri, 26 Mar 2021 10:48:30 +0000 Subject: [PATCH] Fix Revel template test We want the controller, which is the type which embeds *Revel.Controller. We have to skip the implicit field reads to get to the base of the selector expression. --- ql/src/semmle/go/frameworks/Revel.qll | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/ql/src/semmle/go/frameworks/Revel.qll b/ql/src/semmle/go/frameworks/Revel.qll index 23cc4edd109..7a3733c2da3 100644 --- a/ql/src/semmle/go/frameworks/Revel.qll +++ b/ql/src/semmle/go/frameworks/Revel.qll @@ -279,6 +279,11 @@ module Revel { override DataFlow::Node getADataArgument() { result = this.getArgumentVariable().getAUse() } } + private IR::EvalInstruction skipImplicitFieldReads(IR::Instruction insn) { + result = insn or + result = skipImplicitFieldReads(insn.(IR::ImplicitFieldReadInstruction).getBase()) + } + /** A call to `Controller.Render`. */ private class ControllerRender extends TemplateRender, DataFlow::MethodCallNode { ControllerRender() { this.getTarget().hasQualifiedName(packagePath(), "Controller", "Render") } @@ -286,8 +291,9 @@ module Revel { override DataFlow::Node getTemplateArgument() { none() } override File getRenderedFile() { - exists(string controllerRe, string handlerRe, string pathRe | - controllerRe = "\\Q" + this.getReceiver().getType().getName() + "\\E" and + exists(Type controllerType, string controllerRe, string handlerRe, string pathRe | + controllerType = skipImplicitFieldReads(this.getReceiver().asInstruction()).getResultType() and + controllerRe = "\\Q" + controllerType.getName() + "\\E" and handlerRe = "\\Q" + this.getEnclosingCallable().getName() + "\\E" and // find a file named '/views//(.