hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity

Convert Fasthttp::URI::RemoteFlowSource to MaD

Browse Source
This commit is contained in:
Owen Mansel-Chan
2024-06-23 14:06:47 +01:00
parent f33927457f
commit 5a00b5ec96
2 changed files with 18 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
go/ql/lib/ext/github.com.valyala.fasthttp.model.yml
View File

@@ -8,3 +8,14 @@ extensions:
- ["github.com/valyala/fasthttp", "URI", False, "Update", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] - ["github.com/valyala/fasthttp", "URI", False, "Update", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"]
- ["github.com/valyala/fasthttp", "URI", False, "UpdateBytes", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"] - ["github.com/valyala/fasthttp", "URI", False, "UpdateBytes", "", "", "Argument[0]", "Argument[receiver]", "taint", "manual"]
- ["github.com/valyala/fasthttp", "URI", False, "Parse", "", "", "Argument[0..1]", "Argument[receiver]", "taint", "manual"] - ["github.com/valyala/fasthttp", "URI", False, "Parse", "", "", "Argument[0..1]", "Argument[receiver]", "taint", "manual"]
- addsTo:
pack: codeql/go-all
extensible: sourceModel
data:
- ["github.com/valyala/fasthttp", "URI", True, "FullURI", "", "", "ReturnValue[0]", "remote", "manual"]
- ["github.com/valyala/fasthttp", "URI", True, "LastPathSegment", "", "", "ReturnValue[0]", "remote", "manual"]
- ["github.com/valyala/fasthttp", "URI", True, "Path", "", "", "ReturnValue[0]", "remote", "manual"]
- ["github.com/valyala/fasthttp", "URI", True, "PathOriginal", "", "", "ReturnValue[0]", "remote", "manual"]
- ["github.com/valyala/fasthttp", "URI", True, "QueryString", "", "", "ReturnValue[0]", "remote", "manual"]
- ["github.com/valyala/fasthttp", "URI", True, "String", "", "", "ReturnValue[0]", "remote", "manual"]

10
go/ql/lib/semmle/go/frameworks/Fasthttp.qll
View File

@@ -252,18 +252,22 @@ module Fasthttp {
} }
/** /**
* DEPRECATED
*
* Provide modeling for fasthttp.URI Type. * Provide modeling for fasthttp.URI Type.
*/ */
module URI { deprecated module URI {
/** /**
* DEPRECATED: Use `RemoteFlowSource` instead. * DEPRECATED: Use `RemoteFlowSource::Range` instead.
*/ */
deprecated class UntrustedFlowSource = RemoteFlowSource; deprecated class UntrustedFlowSource = RemoteFlowSource;
/** /**
* DEPRECATED: Use `RemoteFlowSource::Range` instead.
*
* The methods as Remote user controllable source which are part of the incoming URL. * The methods as Remote user controllable source which are part of the incoming URL.
*/ */
class RemoteFlowSource extends RemoteFlowSource::Range instanceof DataFlow::Node { deprecated class RemoteFlowSource extends RemoteFlowSource::Range instanceof DataFlow::Node {
RemoteFlowSource() { RemoteFlowSource() {
exists(Method m | exists(Method m |
m.hasQualifiedName(packagePath(), "URI", m.hasQualifiedName(packagePath(), "URI",