From 6e2af3ead1ba41438385bb5e7c9a9313fb96dfae Mon Sep 17 00:00:00 2001
From: Slavomir <gagliardetto@users.noreply.github.com>
Date: Wed, 5 Aug 2020 18:29:12 +0200
Subject: [PATCH] Add compress/bzip2 taint tracking

---
 ql/src/semmle/go/frameworks/Stdlib.qll        |  1 +
 .../go/frameworks/stdlib/CompressBzip2.qll    | 23 +++++++++++++++++++
 .../StdlibTaintFlow/CompressBzip2.go          | 22 ++++++++++++++++++
 3 files changed, 46 insertions(+)
 create mode 100644 ql/src/semmle/go/frameworks/stdlib/CompressBzip2.qll
 create mode 100644 ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/CompressBzip2.go

diff --git a/ql/src/semmle/go/frameworks/Stdlib.qll b/ql/src/semmle/go/frameworks/Stdlib.qll
index c42844e2a38..dcf78109156 100644
--- a/ql/src/semmle/go/frameworks/Stdlib.qll
+++ b/ql/src/semmle/go/frameworks/Stdlib.qll
@@ -7,6 +7,7 @@ import semmle.go.frameworks.stdlib.ArchiveTar
 import semmle.go.frameworks.stdlib.ArchiveZip
 import semmle.go.frameworks.stdlib.Bufio
 import semmle.go.frameworks.stdlib.Bytes
+import semmle.go.frameworks.stdlib.CompressBzip2
 
 /** A `String()` method. */
 class StringMethod extends TaintTracking::FunctionModel, Method {
diff --git a/ql/src/semmle/go/frameworks/stdlib/CompressBzip2.qll b/ql/src/semmle/go/frameworks/stdlib/CompressBzip2.qll
new file mode 100644
index 00000000000..ff2818434fc
--- /dev/null
+++ b/ql/src/semmle/go/frameworks/stdlib/CompressBzip2.qll
@@ -0,0 +1,23 @@
+/**
+ * Provides classes modeling security-relevant aspects of the `compress/bzip2` package.
+ */
+
+import go
+
+/** Provides models of commonly used functions in the `compress/bzip2` package. */
+module CompressBzip2 {
+  private class FunctionModels extends TaintTracking::FunctionModel {
+    FunctionInput inp;
+    FunctionOutput outp;
+
+    FunctionModels() {
+      // signature: func NewReader(r io.Reader) io.Reader
+      hasQualifiedName("compress/bzip2", "NewReader") and
+      (inp.isParameter(0) and outp.isResult())
+    }
+
+    override predicate hasTaintFlow(FunctionInput input, FunctionOutput output) {
+      input = inp and output = outp
+    }
+  }
+}
diff --git a/ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/CompressBzip2.go b/ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/CompressBzip2.go
new file mode 100644
index 00000000000..2ca7bd8c924
--- /dev/null
+++ b/ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/CompressBzip2.go
@@ -0,0 +1,22 @@
+// Code generated by https://github.com/gagliardetto/codebox. DO NOT EDIT.
+
+package main
+
+import (
+	"compress/bzip2"
+	"io"
+)
+
+func TaintStepTest_CompressBzip2NewReader_B0I0O0(sourceCQL interface{}) interface{} {
+	fromReader656 := sourceCQL.(io.Reader)
+	intoReader414 := bzip2.NewReader(fromReader656)
+	return intoReader414
+}
+
+func RunAllTaints_CompressBzip2() {
+	{
+		source := newSource(0)
+		out := TaintStepTest_CompressBzip2NewReader_B0I0O0(source)
+		sink(0, out)
+	}
+}