diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Beego/CleartextLogging.expected b/go/ql/test/library-tests/semmle/go/frameworks/Beego/CleartextLogging.expected index 591d990be47..30a38580f78 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Beego/CleartextLogging.expected +++ b/go/ql/test/library-tests/semmle/go/frameworks/Beego/CleartextLogging.expected @@ -1,3 +1,38 @@ +#select +| test.go:154:14:154:21 | password | test.go:153:17:153:24 | definition of password | test.go:154:14:154:21 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | +| test.go:155:17:155:24 | password | test.go:153:17:153:24 | definition of password | test.go:155:17:155:24 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | +| test.go:156:14:156:21 | password | test.go:153:17:153:24 | definition of password | test.go:156:14:156:21 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | +| test.go:157:18:157:25 | password | test.go:153:17:153:24 | definition of password | test.go:157:18:157:25 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | +| test.go:158:14:158:21 | password | test.go:153:17:153:24 | definition of password | test.go:158:14:158:21 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | +| test.go:159:13:159:20 | password | test.go:153:17:153:24 | definition of password | test.go:159:13:159:20 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | +| test.go:160:22:160:29 | password | test.go:153:17:153:24 | definition of password | test.go:160:22:160:29 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | +| test.go:161:15:161:22 | password | test.go:153:17:153:24 | definition of password | test.go:161:15:161:22 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | +| test.go:162:14:162:21 | password | test.go:153:17:153:24 | definition of password | test.go:162:14:162:21 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | +| test.go:163:13:163:20 | password | test.go:153:17:153:24 | definition of password | test.go:163:13:163:20 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | +| test.go:164:16:164:23 | password | test.go:153:17:153:24 | definition of password | test.go:164:16:164:23 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | +| test.go:165:13:165:20 | password | test.go:153:17:153:24 | definition of password | test.go:165:13:165:20 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | +| test.go:166:16:166:23 | password | test.go:153:17:153:24 | definition of password | test.go:166:16:166:23 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | +| test.go:167:13:167:20 | password | test.go:153:17:153:24 | definition of password | test.go:167:13:167:20 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | +| test.go:168:17:168:24 | password | test.go:153:17:153:24 | definition of password | test.go:168:17:168:24 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | +| test.go:169:13:169:20 | password | test.go:153:17:153:24 | definition of password | test.go:169:13:169:20 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | +| test.go:170:12:170:19 | password | test.go:153:17:153:24 | definition of password | test.go:170:12:170:19 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | +| test.go:171:21:171:28 | password | test.go:153:17:153:24 | definition of password | test.go:171:21:171:28 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | +| test.go:172:14:172:21 | password | test.go:153:17:153:24 | definition of password | test.go:172:14:172:21 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | +| test.go:173:13:173:20 | password | test.go:153:17:153:24 | definition of password | test.go:173:13:173:20 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | +| test.go:174:12:174:19 | password | test.go:153:17:153:24 | definition of password | test.go:174:12:174:19 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | +| test.go:175:15:175:22 | password | test.go:153:17:153:24 | definition of password | test.go:175:15:175:22 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | +| test.go:176:15:176:22 | password | test.go:153:17:153:24 | definition of password | test.go:176:15:176:22 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | +| test.go:177:18:177:25 | password | test.go:153:17:153:24 | definition of password | test.go:177:18:177:25 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | +| test.go:178:15:178:22 | password | test.go:153:17:153:24 | definition of password | test.go:178:15:178:22 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | +| test.go:179:19:179:26 | password | test.go:153:17:153:24 | definition of password | test.go:179:19:179:26 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | +| test.go:180:15:180:22 | password | test.go:153:17:153:24 | definition of password | test.go:180:15:180:22 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | +| test.go:181:14:181:21 | password | test.go:153:17:153:24 | definition of password | test.go:181:14:181:21 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | +| test.go:182:23:182:30 | password | test.go:153:17:153:24 | definition of password | test.go:182:23:182:30 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | +| test.go:183:16:183:23 | password | test.go:153:17:153:24 | definition of password | test.go:183:16:183:23 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | +| test.go:184:15:184:22 | password | test.go:153:17:153:24 | definition of password | test.go:184:15:184:22 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | +| test.go:185:14:185:21 | password | test.go:153:17:153:24 | definition of password | test.go:185:14:185:21 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | +| test.go:186:17:186:24 | password | test.go:153:17:153:24 | definition of password | test.go:186:17:186:24 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | +| test.go:187:16:187:23 | password | test.go:153:17:153:24 | definition of password | test.go:187:16:187:23 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | edges | test.go:153:17:153:24 | definition of password | test.go:154:14:154:21 | password | provenance | | | test.go:153:17:153:24 | definition of password | test.go:155:17:155:24 | password | provenance | | @@ -10,29 +45,52 @@ edges | test.go:153:17:153:24 | definition of password | test.go:162:14:162:21 | password | provenance | | | test.go:153:17:153:24 | definition of password | test.go:163:13:163:20 | password | provenance | | | test.go:153:17:153:24 | definition of password | test.go:164:16:164:23 | password | provenance | | -| test.go:153:17:153:24 | definition of password | test.go:165:13:165:20 | password | provenance | Sink:MaD:380 | -| test.go:153:17:153:24 | definition of password | test.go:166:16:166:23 | password | provenance | Sink:MaD:381 | -| test.go:153:17:153:24 | definition of password | test.go:167:13:167:20 | password | provenance | Sink:MaD:382 | -| test.go:153:17:153:24 | definition of password | test.go:168:17:168:24 | password | provenance | Sink:MaD:383 | -| test.go:153:17:153:24 | definition of password | test.go:169:13:169:20 | password | provenance | Sink:MaD:384 | -| test.go:153:17:153:24 | definition of password | test.go:170:12:170:19 | password | provenance | Sink:MaD:385 | -| test.go:153:17:153:24 | definition of password | test.go:171:21:171:28 | password | provenance | Sink:MaD:386 | -| test.go:153:17:153:24 | definition of password | test.go:172:14:172:21 | password | provenance | Sink:MaD:387 | -| test.go:153:17:153:24 | definition of password | test.go:173:13:173:20 | password | provenance | Sink:MaD:388 | -| test.go:153:17:153:24 | definition of password | test.go:174:12:174:19 | password | provenance | Sink:MaD:389 | -| test.go:153:17:153:24 | definition of password | test.go:175:15:175:22 | password | provenance | Sink:MaD:390 | -| test.go:153:17:153:24 | definition of password | test.go:176:15:176:22 | password | provenance | Sink:MaD:391 | -| test.go:153:17:153:24 | definition of password | test.go:177:18:177:25 | password | provenance | Sink:MaD:392 | -| test.go:153:17:153:24 | definition of password | test.go:178:15:178:22 | password | provenance | Sink:MaD:393 | -| test.go:153:17:153:24 | definition of password | test.go:179:19:179:26 | password | provenance | Sink:MaD:394 | -| test.go:153:17:153:24 | definition of password | test.go:180:15:180:22 | password | provenance | Sink:MaD:395 | -| test.go:153:17:153:24 | definition of password | test.go:181:14:181:21 | password | provenance | Sink:MaD:396 | -| test.go:153:17:153:24 | definition of password | test.go:182:23:182:30 | password | provenance | Sink:MaD:397 | -| test.go:153:17:153:24 | definition of password | test.go:183:16:183:23 | password | provenance | Sink:MaD:398 | -| test.go:153:17:153:24 | definition of password | test.go:184:15:184:22 | password | provenance | Sink:MaD:399 | -| test.go:153:17:153:24 | definition of password | test.go:185:14:185:21 | password | provenance | Sink:MaD:400 | -| test.go:153:17:153:24 | definition of password | test.go:186:17:186:24 | password | provenance | Sink:MaD:401 | +| test.go:153:17:153:24 | definition of password | test.go:165:13:165:20 | password | provenance | Sink:MaD:1 | +| test.go:153:17:153:24 | definition of password | test.go:166:16:166:23 | password | provenance | Sink:MaD:2 | +| test.go:153:17:153:24 | definition of password | test.go:167:13:167:20 | password | provenance | Sink:MaD:3 | +| test.go:153:17:153:24 | definition of password | test.go:168:17:168:24 | password | provenance | Sink:MaD:4 | +| test.go:153:17:153:24 | definition of password | test.go:169:13:169:20 | password | provenance | Sink:MaD:5 | +| test.go:153:17:153:24 | definition of password | test.go:170:12:170:19 | password | provenance | Sink:MaD:6 | +| test.go:153:17:153:24 | definition of password | test.go:171:21:171:28 | password | provenance | Sink:MaD:7 | +| test.go:153:17:153:24 | definition of password | test.go:172:14:172:21 | password | provenance | Sink:MaD:8 | +| test.go:153:17:153:24 | definition of password | test.go:173:13:173:20 | password | provenance | Sink:MaD:9 | +| test.go:153:17:153:24 | definition of password | test.go:174:12:174:19 | password | provenance | Sink:MaD:10 | +| test.go:153:17:153:24 | definition of password | test.go:175:15:175:22 | password | provenance | Sink:MaD:11 | +| test.go:153:17:153:24 | definition of password | test.go:176:15:176:22 | password | provenance | Sink:MaD:12 | +| test.go:153:17:153:24 | definition of password | test.go:177:18:177:25 | password | provenance | Sink:MaD:13 | +| test.go:153:17:153:24 | definition of password | test.go:178:15:178:22 | password | provenance | Sink:MaD:14 | +| test.go:153:17:153:24 | definition of password | test.go:179:19:179:26 | password | provenance | Sink:MaD:15 | +| test.go:153:17:153:24 | definition of password | test.go:180:15:180:22 | password | provenance | Sink:MaD:16 | +| test.go:153:17:153:24 | definition of password | test.go:181:14:181:21 | password | provenance | Sink:MaD:17 | +| test.go:153:17:153:24 | definition of password | test.go:182:23:182:30 | password | provenance | Sink:MaD:18 | +| test.go:153:17:153:24 | definition of password | test.go:183:16:183:23 | password | provenance | Sink:MaD:19 | +| test.go:153:17:153:24 | definition of password | test.go:184:15:184:22 | password | provenance | Sink:MaD:20 | +| test.go:153:17:153:24 | definition of password | test.go:185:14:185:21 | password | provenance | Sink:MaD:21 | +| test.go:153:17:153:24 | definition of password | test.go:186:17:186:24 | password | provenance | Sink:MaD:22 | | test.go:153:17:153:24 | definition of password | test.go:187:16:187:23 | password | provenance | | +models +| 1 | Sink: group:beego-logs; ; false; Alert; ; ; Argument[0..1]; log-injection; manual | +| 2 | Sink: group:beego-logs; ; false; Critical; ; ; Argument[0..1]; log-injection; manual | +| 3 | Sink: group:beego-logs; ; false; Debug; ; ; Argument[0..1]; log-injection; manual | +| 4 | Sink: group:beego-logs; ; false; Emergency; ; ; Argument[0..1]; log-injection; manual | +| 5 | Sink: group:beego-logs; ; false; Error; ; ; Argument[0..1]; log-injection; manual | +| 6 | Sink: group:beego-logs; ; false; Info; ; ; Argument[0..1]; log-injection; manual | +| 7 | Sink: group:beego-logs; ; false; Informational; ; ; Argument[0..1]; log-injection; manual | +| 8 | Sink: group:beego-logs; ; false; Notice; ; ; Argument[0..1]; log-injection; manual | +| 9 | Sink: group:beego-logs; ; false; Trace; ; ; Argument[0..1]; log-injection; manual | +| 10 | Sink: group:beego-logs; ; false; Warn; ; ; Argument[0..1]; log-injection; manual | +| 11 | Sink: group:beego-logs; ; false; Warning; ; ; Argument[0..1]; log-injection; manual | +| 12 | Sink: group:beego-logs; BeeLogger; true; Alert; ; ; Argument[0..1]; log-injection; manual | +| 13 | Sink: group:beego-logs; BeeLogger; true; Critical; ; ; Argument[0..1]; log-injection; manual | +| 14 | Sink: group:beego-logs; BeeLogger; true; Debug; ; ; Argument[0..1]; log-injection; manual | +| 15 | Sink: group:beego-logs; BeeLogger; true; Emergency; ; ; Argument[0..1]; log-injection; manual | +| 16 | Sink: group:beego-logs; BeeLogger; true; Error; ; ; Argument[0..1]; log-injection; manual | +| 17 | Sink: group:beego-logs; BeeLogger; true; Info; ; ; Argument[0..1]; log-injection; manual | +| 18 | Sink: group:beego-logs; BeeLogger; true; Informational; ; ; Argument[0..1]; log-injection; manual | +| 19 | Sink: group:beego-logs; BeeLogger; true; Notice; ; ; Argument[0..1]; log-injection; manual | +| 20 | Sink: group:beego-logs; BeeLogger; true; Trace; ; ; Argument[0..1]; log-injection; manual | +| 21 | Sink: group:beego-logs; BeeLogger; true; Warn; ; ; Argument[0..1]; log-injection; manual | +| 22 | Sink: group:beego-logs; BeeLogger; true; Warning; ; ; Argument[0..1]; log-injection; manual | nodes | test.go:153:17:153:24 | definition of password | semmle.label | definition of password | | test.go:154:14:154:21 | password | semmle.label | password | @@ -70,38 +128,3 @@ nodes | test.go:186:17:186:24 | password | semmle.label | password | | test.go:187:16:187:23 | password | semmle.label | password | subpaths -#select -| test.go:154:14:154:21 | password | test.go:153:17:153:24 | definition of password | test.go:154:14:154:21 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | -| test.go:155:17:155:24 | password | test.go:153:17:153:24 | definition of password | test.go:155:17:155:24 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | -| test.go:156:14:156:21 | password | test.go:153:17:153:24 | definition of password | test.go:156:14:156:21 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | -| test.go:157:18:157:25 | password | test.go:153:17:153:24 | definition of password | test.go:157:18:157:25 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | -| test.go:158:14:158:21 | password | test.go:153:17:153:24 | definition of password | test.go:158:14:158:21 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | -| test.go:159:13:159:20 | password | test.go:153:17:153:24 | definition of password | test.go:159:13:159:20 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | -| test.go:160:22:160:29 | password | test.go:153:17:153:24 | definition of password | test.go:160:22:160:29 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | -| test.go:161:15:161:22 | password | test.go:153:17:153:24 | definition of password | test.go:161:15:161:22 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | -| test.go:162:14:162:21 | password | test.go:153:17:153:24 | definition of password | test.go:162:14:162:21 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | -| test.go:163:13:163:20 | password | test.go:153:17:153:24 | definition of password | test.go:163:13:163:20 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | -| test.go:164:16:164:23 | password | test.go:153:17:153:24 | definition of password | test.go:164:16:164:23 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | -| test.go:165:13:165:20 | password | test.go:153:17:153:24 | definition of password | test.go:165:13:165:20 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | -| test.go:166:16:166:23 | password | test.go:153:17:153:24 | definition of password | test.go:166:16:166:23 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | -| test.go:167:13:167:20 | password | test.go:153:17:153:24 | definition of password | test.go:167:13:167:20 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | -| test.go:168:17:168:24 | password | test.go:153:17:153:24 | definition of password | test.go:168:17:168:24 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | -| test.go:169:13:169:20 | password | test.go:153:17:153:24 | definition of password | test.go:169:13:169:20 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | -| test.go:170:12:170:19 | password | test.go:153:17:153:24 | definition of password | test.go:170:12:170:19 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | -| test.go:171:21:171:28 | password | test.go:153:17:153:24 | definition of password | test.go:171:21:171:28 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | -| test.go:172:14:172:21 | password | test.go:153:17:153:24 | definition of password | test.go:172:14:172:21 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | -| test.go:173:13:173:20 | password | test.go:153:17:153:24 | definition of password | test.go:173:13:173:20 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | -| test.go:174:12:174:19 | password | test.go:153:17:153:24 | definition of password | test.go:174:12:174:19 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | -| test.go:175:15:175:22 | password | test.go:153:17:153:24 | definition of password | test.go:175:15:175:22 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | -| test.go:176:15:176:22 | password | test.go:153:17:153:24 | definition of password | test.go:176:15:176:22 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | -| test.go:177:18:177:25 | password | test.go:153:17:153:24 | definition of password | test.go:177:18:177:25 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | -| test.go:178:15:178:22 | password | test.go:153:17:153:24 | definition of password | test.go:178:15:178:22 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | -| test.go:179:19:179:26 | password | test.go:153:17:153:24 | definition of password | test.go:179:19:179:26 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | -| test.go:180:15:180:22 | password | test.go:153:17:153:24 | definition of password | test.go:180:15:180:22 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | -| test.go:181:14:181:21 | password | test.go:153:17:153:24 | definition of password | test.go:181:14:181:21 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | -| test.go:182:23:182:30 | password | test.go:153:17:153:24 | definition of password | test.go:182:23:182:30 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | -| test.go:183:16:183:23 | password | test.go:153:17:153:24 | definition of password | test.go:183:16:183:23 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | -| test.go:184:15:184:22 | password | test.go:153:17:153:24 | definition of password | test.go:184:15:184:22 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | -| test.go:185:14:185:21 | password | test.go:153:17:153:24 | definition of password | test.go:185:14:185:21 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | -| test.go:186:17:186:24 | password | test.go:153:17:153:24 | definition of password | test.go:186:17:186:24 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | -| test.go:187:16:187:23 | password | test.go:153:17:153:24 | definition of password | test.go:187:16:187:23 | password | $@ flows to a logging call. | test.go:153:17:153:24 | definition of password | Sensitive data returned by an access to password | diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Beego/CleartextLogging.qlref b/go/ql/test/library-tests/semmle/go/frameworks/Beego/CleartextLogging.qlref index 21eebbd09be..693299c33a2 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Beego/CleartextLogging.qlref +++ b/go/ql/test/library-tests/semmle/go/frameworks/Beego/CleartextLogging.qlref @@ -1 +1,4 @@ -Security/CWE-312/CleartextLogging.ql +query: Security/CWE-312/CleartextLogging.ql +postprocess: + - utils/test/PrettyPrintModels.ql + - utils/test/InlineExpectationsTestQuery.ql diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Beego/OpenRedirect.expected b/go/ql/test/library-tests/semmle/go/frameworks/Beego/OpenRedirect.expected index c624f05d450..4dca9d050d7 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Beego/OpenRedirect.expected +++ b/go/ql/test/library-tests/semmle/go/frameworks/Beego/OpenRedirect.expected @@ -1,3 +1,6 @@ +#select +| test.go:253:13:253:34 | call to GetString | test.go:253:13:253:34 | call to GetString | test.go:253:13:253:34 | call to GetString | This path to an untrusted URL redirection depends on a $@. | test.go:253:13:253:34 | call to GetString | user-provided value | +| test.go:254:20:254:41 | call to GetString | test.go:254:20:254:41 | call to GetString | test.go:254:20:254:41 | call to GetString | This path to an untrusted URL redirection depends on a $@. | test.go:254:20:254:41 | call to GetString | user-provided value | edges nodes | test.go:253:13:253:34 | call to GetString | semmle.label | call to GetString | @@ -5,6 +8,3 @@ nodes | test.go:317:13:317:27 | call to URI | semmle.label | call to URI | | test.go:318:20:318:34 | call to URL | semmle.label | call to URL | subpaths -#select -| test.go:253:13:253:34 | call to GetString | test.go:253:13:253:34 | call to GetString | test.go:253:13:253:34 | call to GetString | This path to an untrusted URL redirection depends on a $@. | test.go:253:13:253:34 | call to GetString | user-provided value | -| test.go:254:20:254:41 | call to GetString | test.go:254:20:254:41 | call to GetString | test.go:254:20:254:41 | call to GetString | This path to an untrusted URL redirection depends on a $@. | test.go:254:20:254:41 | call to GetString | user-provided value | diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Beego/OpenRedirect.qlref b/go/ql/test/library-tests/semmle/go/frameworks/Beego/OpenRedirect.qlref index 0f1a7477825..13add930f51 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Beego/OpenRedirect.qlref +++ b/go/ql/test/library-tests/semmle/go/frameworks/Beego/OpenRedirect.qlref @@ -1 +1,4 @@ -Security/CWE-601/OpenUrlRedirect.ql +query: Security/CWE-601/OpenUrlRedirect.ql +postprocess: + - utils/test/PrettyPrintModels.ql + - utils/test/InlineExpectationsTestQuery.ql diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Beego/ReflectedXss.qlref b/go/ql/test/library-tests/semmle/go/frameworks/Beego/ReflectedXss.qlref index 754513d72bb..e6b791f39fc 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Beego/ReflectedXss.qlref +++ b/go/ql/test/library-tests/semmle/go/frameworks/Beego/ReflectedXss.qlref @@ -1,2 +1,4 @@ query: Security/CWE-079/ReflectedXss.ql -postprocess: utils/test/PrettyPrintModels.ql +postprocess: + - utils/test/PrettyPrintModels.ql + - utils/test/InlineExpectationsTestQuery.ql diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Beego/TaintedPath.qlref b/go/ql/test/library-tests/semmle/go/frameworks/Beego/TaintedPath.qlref index 78ce25b1921..6eb2e94892f 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Beego/TaintedPath.qlref +++ b/go/ql/test/library-tests/semmle/go/frameworks/Beego/TaintedPath.qlref @@ -1,2 +1,4 @@ query: Security/CWE-022/TaintedPath.ql -postprocess: utils/test/PrettyPrintModels.ql +postprocess: + - utils/test/PrettyPrintModels.ql + - utils/test/InlineExpectationsTestQuery.ql diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Beego/test.go b/go/ql/test/library-tests/semmle/go/frameworks/Beego/test.go index d702f4a5445..38cb06691f8 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Beego/test.go +++ b/go/ql/test/library-tests/semmle/go/frameworks/Beego/test.go @@ -31,75 +31,75 @@ type bindMe struct { // BAD: echoing untrusted data to an `http.ResponseWriter` func xssFromBind(input *context.BeegoInput, sink http.ResponseWriter) { var bound bindMe - input.Bind(bound, "someKey") - sink.Write([]byte(bound.a[0])) - sink.Write([]byte(bound.b)) - sink.Write([]byte(bound.c.z)) + input.Bind(bound, "someKey") // $ Source[go/reflected-xss] + sink.Write([]byte(bound.a[0])) // $ Alert[go/reflected-xss] + sink.Write([]byte(bound.b)) // $ Alert[go/reflected-xss] + sink.Write([]byte(bound.c.z)) // $ Alert[go/reflected-xss] } // BAD: echoing untrusted data to an `http.ResponseWriter` func xssFromCookie(input *context.BeegoInput, sink http.ResponseWriter) { - sink.Write([]byte(input.Cookie("someKey"))) + sink.Write([]byte(input.Cookie("someKey"))) // $ Alert[go/reflected-xss] } // BAD: echoing untrusted data to an `http.ResponseWriter` func xssFromData(input *context.BeegoInput, sink http.ResponseWriter) { - sink.Write([]byte(input.Data()["someKey"].(string))) + sink.Write([]byte(input.Data()["someKey"].(string))) // $ Alert[go/reflected-xss] } // BAD: echoing untrusted data to an `http.ResponseWriter` func xssFromGetData(input *context.BeegoInput, sink http.ResponseWriter) { - sink.Write([]byte(input.GetData("someKey").(string))) + sink.Write([]byte(input.GetData("someKey").(string))) // $ Alert[go/reflected-xss] } // BAD: echoing untrusted data to an `http.ResponseWriter` func xssFromHeader(input *context.BeegoInput, sink http.ResponseWriter) { - sink.Write([]byte(input.Header("someKey"))) + sink.Write([]byte(input.Header("someKey"))) // $ Alert[go/reflected-xss] } // BAD: echoing untrusted data to an `http.ResponseWriter` func xssFromParam(input *context.BeegoInput, sink http.ResponseWriter) { - sink.Write([]byte(input.Param("someKey"))) + sink.Write([]byte(input.Param("someKey"))) // $ Alert[go/reflected-xss] } // BAD: echoing untrusted data to an `http.ResponseWriter` func xssFromParams(input *context.BeegoInput, sink http.ResponseWriter) { - sink.Write([]byte(input.Params()["someKey"])) + sink.Write([]byte(input.Params()["someKey"])) // $ Alert[go/reflected-xss] } // BAD: echoing untrusted data to an `http.ResponseWriter` func xssFromQuery(input *context.BeegoInput, sink http.ResponseWriter) { - sink.Write([]byte(input.Query("someKey"))) + sink.Write([]byte(input.Query("someKey"))) // $ Alert[go/reflected-xss] } // BAD: echoing untrusted data to an `http.ResponseWriter` func xssFromRefer(input *context.BeegoInput, sink http.ResponseWriter) { - sink.Write([]byte(input.Refer())) + sink.Write([]byte(input.Refer())) // $ Alert[go/reflected-xss] } // BAD: echoing untrusted data to an `http.ResponseWriter` func xssFromReferer(input *context.BeegoInput, sink http.ResponseWriter) { - sink.Write([]byte(input.Referer())) + sink.Write([]byte(input.Referer())) // $ Alert[go/reflected-xss] } // BAD: echoing untrusted data to an `http.ResponseWriter` func xssFromURI(input *context.BeegoInput, sink http.ResponseWriter) { - sink.Write([]byte(input.URI())) + sink.Write([]byte(input.URI())) // $ Alert[go/reflected-xss] } // BAD: echoing untrusted data to an `http.ResponseWriter` func xssFromURL(input *context.BeegoInput, sink http.ResponseWriter) { - sink.Write([]byte(input.URL())) + sink.Write([]byte(input.URL())) // $ Alert[go/reflected-xss] } // BAD: echoing untrusted data to an `http.ResponseWriter` func xssFromUserAgent(input *context.BeegoInput, sink http.ResponseWriter) { - sink.Write([]byte(input.UserAgent())) + sink.Write([]byte(input.UserAgent())) // $ Alert[go/reflected-xss] } // BAD: with no obvious ContentType call we assume this could be text/html. func echoToBodyNoContentType(input *context.BeegoInput, output *context.BeegoOutput) { - output.Body(input.Data()["someKey"].([]byte)) + output.Body(input.Data()["someKey"].([]byte)) // $ Alert[go/reflected-xss] } // OK: JSON can't (by itself) cause XSS @@ -111,7 +111,7 @@ func echoToBodyContentTypeJson(input *context.BeegoInput, output *context.BeegoO // BAD: echoing untrusted data with an HTML content type func echoToBodyContentTypeHtml(input *context.BeegoInput, output *context.BeegoOutput) { output.ContentType("text/html") - output.Body(input.Data()["someKey"].([]byte)) + output.Body(input.Data()["someKey"].([]byte)) // $ Alert[go/reflected-xss] } // OK: JSON can't (by itself) cause XSS @@ -123,7 +123,7 @@ func echoToBodyContentTypeJsonUsingHeader(input *context.BeegoInput, output *con // BAD: echoing untrusted data with an HTML content type func echoToBodyContentTypeHtmlUsingHeader(input *context.BeegoInput, output *context.BeegoOutput) { output.Header("content-type", "text/html") - output.Body(input.Data()["someKey"].([]byte)) + output.Body(input.Data()["someKey"].([]byte)) // $ Alert[go/reflected-xss] } // OK: JSON and other non-HTML formats can't (by themselves) cause XSS @@ -140,7 +140,7 @@ func echoToFixedContentTypeRoutines(input *context.BeegoInput, output *context.B func echoToBodyContentTypeHtmlUsingHandler() { beego.Post("", func(context *context.Context) { context.Output.Header("content-type", "text/html") - context.Output.Body(context.Input.Data()["someKey"].([]byte)) + context.Output.Body(context.Input.Data()["someKey"].([]byte)) // $ Alert[go/reflected-xss] }) } @@ -150,41 +150,41 @@ func echoToBodySanitized(input *context.BeegoInput, output *context.BeegoOutput) } // BAD: logging something named "password". -func loggerTest(password string, logger *logs.BeeLogger) { - beego.Alert(password) - beego.Critical(password) - beego.Debug(password) - beego.Emergency(password) - beego.Error(password) - beego.Info(password) - beego.Informational(password) - beego.Notice(password) - beego.Trace(password) - beego.Warn(password) - beego.Warning(password) - logs.Alert(password) - logs.Critical(password) - logs.Debug(password) - logs.Emergency(password) - logs.Error(password) - logs.Info(password) - logs.Informational(password) - logs.Notice(password) - logs.Trace(password) - logs.Warn(password) - logs.Warning(password) - logger.Alert(password) - logger.Critical(password) - logger.Debug(password) - logger.Emergency(password) - logger.Error(password) - logger.Info(password) - logger.Informational(password) - logger.Notice(password) - logger.Trace(password) - logger.Warn(password) - logger.Warning(password) - utils.Display(password) +func loggerTest(password string, logger *logs.BeeLogger) { // $ Source[go/clear-text-logging] + beego.Alert(password) // $ Alert[go/clear-text-logging] + beego.Critical(password) // $ Alert[go/clear-text-logging] + beego.Debug(password) // $ Alert[go/clear-text-logging] + beego.Emergency(password) // $ Alert[go/clear-text-logging] + beego.Error(password) // $ Alert[go/clear-text-logging] + beego.Info(password) // $ Alert[go/clear-text-logging] + beego.Informational(password) // $ Alert[go/clear-text-logging] + beego.Notice(password) // $ Alert[go/clear-text-logging] + beego.Trace(password) // $ Alert[go/clear-text-logging] + beego.Warn(password) // $ Alert[go/clear-text-logging] + beego.Warning(password) // $ Alert[go/clear-text-logging] + logs.Alert(password) // $ Alert[go/clear-text-logging] + logs.Critical(password) // $ Alert[go/clear-text-logging] + logs.Debug(password) // $ Alert[go/clear-text-logging] + logs.Emergency(password) // $ Alert[go/clear-text-logging] + logs.Error(password) // $ Alert[go/clear-text-logging] + logs.Info(password) // $ Alert[go/clear-text-logging] + logs.Informational(password) // $ Alert[go/clear-text-logging] + logs.Notice(password) // $ Alert[go/clear-text-logging] + logs.Trace(password) // $ Alert[go/clear-text-logging] + logs.Warn(password) // $ Alert[go/clear-text-logging] + logs.Warning(password) // $ Alert[go/clear-text-logging] + logger.Alert(password) // $ Alert[go/clear-text-logging] + logger.Critical(password) // $ Alert[go/clear-text-logging] + logger.Debug(password) // $ Alert[go/clear-text-logging] + logger.Emergency(password) // $ Alert[go/clear-text-logging] + logger.Error(password) // $ Alert[go/clear-text-logging] + logger.Info(password) // $ Alert[go/clear-text-logging] + logger.Informational(password) // $ Alert[go/clear-text-logging] + logger.Notice(password) // $ Alert[go/clear-text-logging] + logger.Trace(password) // $ Alert[go/clear-text-logging] + logger.Warn(password) // $ Alert[go/clear-text-logging] + logger.Warning(password) // $ Alert[go/clear-text-logging] + utils.Display(password) // $ Alert[go/clear-text-logging] } type myStruct struct { @@ -196,83 +196,83 @@ func sanitizersTest(ctx *context.Context) { input := ctx.Input output := ctx.Output - untrusted := input.Data()["someKey"] - output.Body([]byte(beego.HTML2str(untrusted.(string)))) - output.Body([]byte(beego.Htmlunquote(untrusted.(string)))) + untrusted := input.Data()["someKey"] // $ Source[go/reflected-xss] + output.Body([]byte(beego.HTML2str(untrusted.(string)))) // $ Alert[go/reflected-xss] + output.Body([]byte(beego.Htmlunquote(untrusted.(string)))) // $ Alert[go/reflected-xss] mapVal, _ := beego.MapGet(untrusted.(map[string][]byte), "somekey") - output.Body(mapVal.([]byte)) - output.Body([]byte(beego.Str2html(untrusted.(string)))) - output.Body([]byte(beego.Substr(untrusted.(string), 1, 2))) + output.Body(mapVal.([]byte)) // $ Alert[go/reflected-xss] + output.Body([]byte(beego.Str2html(untrusted.(string)))) // $ Alert[go/reflected-xss] + output.Body([]byte(beego.Substr(untrusted.(string), 1, 2))) // $ Alert[go/reflected-xss] var s myStruct - beego.ParseForm(ctx.Request.Form, s) - output.Body([]byte(s.field)) + beego.ParseForm(ctx.Request.Form, s) // $ Source[go/reflected-xss] + output.Body([]byte(s.field)) // $ Alert[go/reflected-xss] } // BAD: using user-provided data as paths in file-system operations func fsOpsTest(ctx *context.Context, c *beego.Controller, fs beego.FileSystem) { input := ctx.Input - untrusted := input.Data()["someKey"].(string) - beego.Walk(nil, untrusted, func(path string, info os.FileInfo, err error) error { return nil }) - fs.Open(untrusted) - c.SaveToFile("someReceviedFile", untrusted) + untrusted := input.Data()["someKey"].(string) // $ Source[go/path-injection] + beego.Walk(nil, untrusted, func(path string, info os.FileInfo, err error) error { return nil }) // $ Alert[go/path-injection] + fs.Open(untrusted) // $ Alert[go/path-injection] + c.SaveToFile("someReceviedFile", untrusted) // $ Alert[go/path-injection] } // BAD: echoing untrusted data, using various Controller sources func controllerSourceTest(c *beego.Controller, output *context.BeegoOutput) { - f, fh, _ := c.GetFile("somename") - output.Body([]byte(fh.Filename)) + f, fh, _ := c.GetFile("somename") // $ Source[go/reflected-xss] + output.Body([]byte(fh.Filename)) // $ Alert[go/reflected-xss] content, _ := ioutil.ReadAll(f) - output.Body(content) + output.Body(content) // $ Alert[go/reflected-xss] - files, _ := c.GetFiles("someothername") - output.Body([]byte(files[0].Filename)) + files, _ := c.GetFiles("someothername") // $ Source[go/reflected-xss] + output.Body([]byte(files[0].Filename)) // $ Alert[go/reflected-xss] - s := c.GetString("somekey") - output.Body([]byte(s)) + s := c.GetString("somekey") // $ Source[go/reflected-xss] + output.Body([]byte(s)) // $ Alert[go/reflected-xss] - ss := c.GetStrings("someotherkey") - output.Body([]byte(ss[0])) + ss := c.GetStrings("someotherkey") // $ Source[go/reflected-xss] + output.Body([]byte(ss[0])) // $ Alert[go/reflected-xss] - val := c.Input()["thirdkey"] - output.Body([]byte(val[0])) + val := c.Input()["thirdkey"] // $ Source[go/reflected-xss] + output.Body([]byte(val[0])) // $ Alert[go/reflected-xss] var str myStruct - c.ParseForm(str) - output.Body([]byte(str.field)) + c.ParseForm(str) // $ Source[go/reflected-xss] + output.Body([]byte(str.field)) // $ Alert[go/reflected-xss] } func controllerSinkTest(c *beego.Controller) { - untrusted := c.GetString("somekey") - c.SetData(untrusted) // GOOD: SetData always uses a non-html content-type, so no XSS risk + untrusted := c.GetString("somekey") // $ Source[go/reflected-xss] + c.SetData(untrusted) // GOOD: SetData always uses a non-html content-type, so no XSS risk - c.CustomAbort(500, untrusted) // BAD: CustomAbort doesn't set a content-type, so there is an XSS risk + c.CustomAbort(500, untrusted) // $ Alert[go/reflected-xss] // BAD: CustomAbort doesn't set a content-type, so there is an XSS risk } func redirectTest(c *beego.Controller, ctx *context.Context) { - c.Redirect(c.GetString("somekey"), 304) // BAD: User-controlled redirect - ctx.Redirect(304, c.GetString("somekey")) // BAD: User-controlled redirect + c.Redirect(c.GetString("somekey"), 304) // $ Alert[go/unvalidated-url-redirection] + ctx.Redirect(304, c.GetString("somekey")) // $ Alert[go/unvalidated-url-redirection] } // BAD: echoing untrusted data, using Context source func contextSourceTest(c *context.Context) { - c.Output.Body([]byte(c.GetCookie("somekey"))) + c.Output.Body([]byte(c.GetCookie("somekey"))) // $ Alert[go/reflected-xss] } // BAD: echoing untrusted data, using Context sinks func contextSinkTest(c *context.Context) { - c.WriteString(c.GetCookie("somekey")) - c.Abort(500, c.GetCookie("someOtherKey")) + c.WriteString(c.GetCookie("somekey")) // $ Alert[go/reflected-xss] + c.Abort(500, c.GetCookie("someOtherKey")) // $ Alert[go/reflected-xss] } // BAD: echoing untrusted data, using context.WriteBody as a propagator func contextWriteBodyTest(c *context.Context) { - context.WriteBody("some/encoding", c.ResponseWriter, []byte(c.GetCookie("someKey"))) + context.WriteBody("some/encoding", c.ResponseWriter, []byte(c.GetCookie("someKey"))) // $ Alert[go/reflected-xss] } // BAD unless otherwise noted: echoing untrusted data, using various utils methods as propagators func testUtilsPropagators(c *beego.Controller) { - files, _ := c.GetFiles("someothername") + files, _ := c.GetFiles("someothername") // $ Source[go/reflected-xss] genericFiles := make([]interface{}, len(files), len(files)) for i := range files { genericFiles[i] = files[i] @@ -280,36 +280,36 @@ func testUtilsPropagators(c *beego.Controller) { untainted := make([]interface{}, 1, 1) - c.CustomAbort(500, utils.GetDisplayString(files[0].Filename)) - c.CustomAbort(500, utils.SliceChunk(genericFiles, 1)[0][0].(*multipart.FileHeader).Filename) - c.CustomAbort(500, utils.SliceDiff(genericFiles, untainted)[0].(*multipart.FileHeader).Filename) + c.CustomAbort(500, utils.GetDisplayString(files[0].Filename)) // $ Alert[go/reflected-xss] + c.CustomAbort(500, utils.SliceChunk(genericFiles, 1)[0][0].(*multipart.FileHeader).Filename) // $ Alert[go/reflected-xss] + c.CustomAbort(500, utils.SliceDiff(genericFiles, untainted)[0].(*multipart.FileHeader).Filename) // $ Alert[go/reflected-xss] // GOOD: the tainted values are subtracted, so taint is not propagated c.CustomAbort(500, utils.SliceDiff(untainted, genericFiles)[0].(*multipart.FileHeader).Filename) c.CustomAbort( 500, utils.SliceFilter( genericFiles, - func([]interface{}) bool { return true })[0].(*multipart.FileHeader).Filename) - c.CustomAbort(500, utils.SliceIntersect(genericFiles, untainted)[0].(*multipart.FileHeader).Filename) - c.CustomAbort(500, utils.SliceIntersect(untainted, genericFiles)[0].(*multipart.FileHeader).Filename) - c.CustomAbort(500, utils.SliceMerge(genericFiles, untainted)[0].(*multipart.FileHeader).Filename) - c.CustomAbort(500, utils.SliceMerge(untainted, genericFiles)[0].(*multipart.FileHeader).Filename) - c.CustomAbort(500, utils.SlicePad(untainted, 10, genericFiles[0])[0].(*multipart.FileHeader).Filename) - c.CustomAbort(500, utils.SlicePad(genericFiles, 10, untainted[0])[0].(*multipart.FileHeader).Filename) - c.CustomAbort(500, utils.SliceRand(genericFiles).(*multipart.FileHeader).Filename) + func([]interface{}) bool { return true })[0].(*multipart.FileHeader).Filename) // $ Alert[go/reflected-xss] + c.CustomAbort(500, utils.SliceIntersect(genericFiles, untainted)[0].(*multipart.FileHeader).Filename) // $ Alert[go/reflected-xss] + c.CustomAbort(500, utils.SliceIntersect(untainted, genericFiles)[0].(*multipart.FileHeader).Filename) // $ Alert[go/reflected-xss] + c.CustomAbort(500, utils.SliceMerge(genericFiles, untainted)[0].(*multipart.FileHeader).Filename) // $ Alert[go/reflected-xss] + c.CustomAbort(500, utils.SliceMerge(untainted, genericFiles)[0].(*multipart.FileHeader).Filename) // $ Alert[go/reflected-xss] + c.CustomAbort(500, utils.SlicePad(untainted, 10, genericFiles[0])[0].(*multipart.FileHeader).Filename) // $ Alert[go/reflected-xss] + c.CustomAbort(500, utils.SlicePad(genericFiles, 10, untainted[0])[0].(*multipart.FileHeader).Filename) // $ Alert[go/reflected-xss] + c.CustomAbort(500, utils.SliceRand(genericFiles).(*multipart.FileHeader).Filename) // $ Alert[go/reflected-xss] // Note this is misnamed -- it's a map operation, not a reduce - c.CustomAbort(500, utils.SliceReduce(genericFiles, func(x interface{}) interface{} { return x })[0].(*multipart.FileHeader).Filename) - c.CustomAbort(500, utils.SliceShuffle(genericFiles)[0].(*multipart.FileHeader).Filename) - c.CustomAbort(500, utils.SliceUnique(genericFiles)[0].(*multipart.FileHeader).Filename) + c.CustomAbort(500, utils.SliceReduce(genericFiles, func(x interface{}) interface{} { return x })[0].(*multipart.FileHeader).Filename) // $ Alert[go/reflected-xss] + c.CustomAbort(500, utils.SliceShuffle(genericFiles)[0].(*multipart.FileHeader).Filename) // $ Alert[go/reflected-xss] + c.CustomAbort(500, utils.SliceUnique(genericFiles)[0].(*multipart.FileHeader).Filename) // $ Alert[go/reflected-xss] } // BAD: echoing untrusted data, using BeeMap as an intermediary func testBeeMap(c *beego.Controller) { bMap := utils.NewBeeMap() - untrusted := c.GetString("someKey") + untrusted := c.GetString("someKey") // $ Source[go/reflected-xss] bMap.Set("someKey", untrusted) - c.CustomAbort(500, bMap.Get("someKey").(string)) - c.CustomAbort(500, bMap.Items()["someKey"].(string)) + c.CustomAbort(500, bMap.Get("someKey").(string)) // $ Alert[go/reflected-xss] + c.CustomAbort(500, bMap.Items()["someKey"].(string)) // $ Alert[go/reflected-xss] } // GOOD: using the input URL for a redirect operation @@ -321,25 +321,25 @@ func testSafeRedirects(c *beego.Controller, ctx *context.Context) { // BAD: using RequestBody data as path in a file-system operation func requestBodySourceTest(ctx *context.Context, c *beego.Controller) { var dat map[string]interface{} - json.Unmarshal(ctx.Input.RequestBody, &dat) + json.Unmarshal(ctx.Input.RequestBody, &dat) // $ Source[go/path-injection] untrusted := dat["filepath"].(string) - c.SaveToFile("someReceviedFile", untrusted) + c.SaveToFile("someReceviedFile", untrusted) // $ Alert[go/path-injection] } // BAD: using user-provided data as paths in file-system operations func fsOpsTest2(ctx *context.Context, c *beego.Controller, fs beego.FileSystem) { input := ctx.Input - untrusted := input.Data()["someKey"].(string) + untrusted := input.Data()["someKey"].(string) // $ Source[go/path-injection] beegoOutput := context.BeegoOutput{} - beegoOutput.Download(untrusted, "license.txt") + beegoOutput.Download(untrusted, "license.txt") // $ Alert[go/path-injection] } // BAD: using user-provided data as paths in file-system operations func fsOpsV2Test(ctx *Beegov2Context.Context, c *beegov2.Controller) { input := ctx.Input - untrusted := input.Data()["someKey"].(string) + untrusted := input.Data()["someKey"].(string) // $ Source[go/path-injection] buffer := make([]byte, 10) - _ = c.SaveToFileWithBuffer("filenameExistsInForm", untrusted, buffer) + _ = c.SaveToFileWithBuffer("filenameExistsInForm", untrusted, buffer) // $ Alert[go/path-injection] beegoOutput := Beegov2Context.BeegoOutput{} - beegoOutput.Download(untrusted, "license.txt") + beegoOutput.Download(untrusted, "license.txt") // $ Alert[go/path-injection] }