From 8fd055bc60f1aacfa0157c7cb538e69726033ab4 Mon Sep 17 00:00:00 2001 From: Owen Mansel-Chan Date: Wed, 9 Dec 2020 07:28:00 +0000 Subject: [PATCH] Model SecretInterface from k8s.io/client-go/kubernetes/typed/core/v1 --- ql/src/go.qll | 1 + ql/src/semmle/go/frameworks/K8sIoClientGo.qll | 29 +++++++++++++++++++ 2 files changed, 30 insertions(+) create mode 100644 ql/src/semmle/go/frameworks/K8sIoClientGo.qll diff --git a/ql/src/go.qll b/ql/src/go.qll index 47126d338c5..d4cd5b7e31f 100644 --- a/ql/src/go.qll +++ b/ql/src/go.qll @@ -38,6 +38,7 @@ import semmle.go.frameworks.Gin import semmle.go.frameworks.Glog import semmle.go.frameworks.GoRestfulHttp import semmle.go.frameworks.K8sIoApimachineryPkgRuntime +import semmle.go.frameworks.K8sIoClientGo import semmle.go.frameworks.Logrus import semmle.go.frameworks.Macaron import semmle.go.frameworks.Mux diff --git a/ql/src/semmle/go/frameworks/K8sIoClientGo.qll b/ql/src/semmle/go/frameworks/K8sIoClientGo.qll new file mode 100644 index 00000000000..38048aed95c --- /dev/null +++ b/ql/src/semmle/go/frameworks/K8sIoClientGo.qll @@ -0,0 +1,29 @@ +/** Provides models of commonly used functions in the `k8s.io/client-go/kubernetes/typed/core/v1` package. */ + +import go + +/** + * Provides models of commonly used functions in the `k8s.io/client-go/kubernetes/typed/core/v1` + * package. + */ +module K8sIoClientGo { + /** Gets the package name. */ + bindingset[result] + string packagePath() { result = package("k8s.io/client-go", "kubernetes/typed/core/v1") } + + /** + * A model of `SecretInterface` methods that are sources of secret data. + */ + private class SecretInterfaceSourceMethod extends Method { + SecretInterfaceSourceMethod() { + this.implements(packagePath(), "SecretInterface", ["Get", "List", "Patch"]) + } + } + + /** + * A model of `SecretInterface` as a source of secret data. + */ + class SecretInterfaceSource extends DataFlow::Node { + SecretInterfaceSource() { this = any(SecretInterfaceSourceMethod g).getACall().getResult(0) } + } +}