hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-28 02:05:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

thesame

Browse Source
This commit is contained in:
Kevin Stubbings
2023-11-06 14:35:26 -08:00
parent 28288e0d23
commit 9958ad904c
1 changed files with 56 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

85
go/ql/lib/semmle/go/frameworks/RsCors.qll
View File

@@ -12,7 +12,7 @@
string packagePath() { result = package("github.com/rs/cors", "") }
/**
* A new function create a new Handler that passed to handler chain as middleware
* A new function create a new gin Handler that passed to gin as middleware
*/
class New extends Function {
New() { exists(Function f | f.hasQualifiedName(packagePath(), "New") | this = f) }
@@ -22,75 +22,102 @@
* A write to the value of Access-Control-Allow-Credentials header
*/
class AllowCredentialsWrite extends DataFlow::ExprNode {
RsOptions rs;
DataFlow::Node base;
AllowCredentialsWrite() {
exists(Field f, Write w, DataFlow::Node base |
exists(Field f, Write w |
f.hasQualifiedName(packagePath(), "Options", "AllowCredentials") and
w.writesField(base, f, this) and
this.getType() instanceof BoolType and
(
rs.getV().getBaseVariable().getDefinition().(SsaExplicitDefinition).getRhs() =
base.asInstruction() or
rs.getV().getAUse() = base
)
this.getType() instanceof BoolType
)
}
/**
* Get config struct holding header values
*/
DataFlow::Node getBase() { result = base }
/**
* Get config variable holding header values
*/
RsOptions getConfig() { result = rs }
RsOptions getConfig() {
exists(RsOptions gc |
(
gc.getV().getBaseVariable().getDefinition().(SsaExplicitDefinition).getRhs() =
base.asInstruction() or
gc.getV().getAUse() = base
) and
result = gc
)
}
}
/**
* A write to the value of Access-Control-Allow-Origins header
*/
class AllowOriginsWrite extends DataFlow::ExprNode {
RsOptions rs;
DataFlow::Node base;
AllowOriginsWrite() {
exists(Field f, Write w, DataFlow::Node base |
exists(Field f, Write w |
f.hasQualifiedName(packagePath(), "Options", "AllowedOrigins") and
w.writesField(base, f, this) and
this.asExpr() instanceof SliceLit and
(
rs.getV().getBaseVariable().getDefinition().(SsaExplicitDefinition).getRhs() =
base.asInstruction() or
rs.getV().getAUse() = base
)
this.asExpr() instanceof SliceLit
)
}
/**
* Get config struct holding header values
*/
DataFlow::Node getBase() { result = base }
/**
* Get config variable holding header values
*/
RsOptions getConfig() { result = rs }
RsOptions getConfig() {
exists(RsOptions gc |
(
gc.getV().getBaseVariable().getDefinition().(SsaExplicitDefinition).getRhs() =
base.asInstruction() or
gc.getV().getAUse() = base
) and
result = gc
)
}
}
/**
* A write to the value of Access-Control-Allow-Origins of value "*", overriding AllowOrigins
*/
class AllowAllOriginsWrite extends DataFlow::ExprNode {
RsOptions rs;
DataFlow::Node base;
AllowAllOriginsWrite() {
exists(Field f, Write w, DataFlow::Node base |
exists(Field f, Write w |
f.hasQualifiedName(packagePath(), "Options", "AllowAllOrigins") and
w.writesField(base, f, this) and
this.getType() instanceof BoolType and
(
rs.getV().getBaseVariable().getDefinition().(SsaExplicitDefinition).getRhs() =
base.asInstruction() or
rs.getV().getAUse() = base
)
this.getType() instanceof BoolType
)
}
/**
* Get config struct holding header values
*/
DataFlow::Node getBase() { result = base }
/**
* Get config variable holding header values
*/
RsOptions getConfig() { result = rs }
RsOptions getConfig() {
exists(RsOptions gc |
(
gc.getV().getBaseVariable().getDefinition().(SsaExplicitDefinition).getRhs() =
base.asInstruction() or
gc.getV().getAUse() = base
) and
result = gc
)
}
}
/**
@@ -105,7 +132,7 @@
}
/**
* Get variable declaration of RsOptions
* Get variable declaration of GinConfig
*/
SsaWithFields getV() { result = v }
}