From a357121e89b972ed0ae275a2efb7253af1745d87 Mon Sep 17 00:00:00 2001 From: Slavomir Date: Wed, 29 Apr 2020 19:17:24 +0300 Subject: [PATCH] Fix test by removing a unix-only func; add windows-only funcs --- ql/src/semmle/go/frameworks/SystemCommandExecutors.qll | 8 +++++++- .../SystemCommandExecutors.expected | 9 ++++----- .../SystemCommandExecutors/SystemCommandExecutors.go | 1 - 3 files changed, 11 insertions(+), 7 deletions(-) diff --git a/ql/src/semmle/go/frameworks/SystemCommandExecutors.qll b/ql/src/semmle/go/frameworks/SystemCommandExecutors.qll index 8ef7ce042c2..654fa9eb6dc 100644 --- a/ql/src/semmle/go/frameworks/SystemCommandExecutors.qll +++ b/ql/src/semmle/go/frameworks/SystemCommandExecutors.qll @@ -30,9 +30,15 @@ private class SystemCommandExecutors extends SystemCommandExecution::Range, Data or pkg = "os/exec" and name = "CommandContext" and cmdArg = 1 or + // NOTE: syscall.ForkExec exists only on unix. + // NOTE: syscall.CreateProcess and syscall.CreateProcessAsUser exist only on windows. pkg = "syscall" and - (name = "Exec" or name = "ForkExec" or name = "StartProcess") and + (name = "Exec" or name = "ForkExec" or name = "StartProcess" or name = "CreateProcess") and cmdArg = 0 + or + pkg = "syscall" and + name = "CreateProcessAsUser" and + cmdArg = 1 ) } diff --git a/ql/test/library-tests/semmle/go/frameworks/SystemCommandExecutors/SystemCommandExecutors.expected b/ql/test/library-tests/semmle/go/frameworks/SystemCommandExecutors/SystemCommandExecutors.expected index 0544bdd9dcc..619b92eebb8 100644 --- a/ql/test/library-tests/semmle/go/frameworks/SystemCommandExecutors/SystemCommandExecutors.expected +++ b/ql/test/library-tests/semmle/go/frameworks/SystemCommandExecutors/SystemCommandExecutors.expected @@ -54,8 +54,7 @@ | SystemCommandExecutors.go:96:3:96:104 | call to Command | SystemCommandExecutors.go:96:35:96:39 | shell | | SystemCommandExecutors.go:96:3:96:104 | call to Command | SystemCommandExecutors.go:96:42:96:100 | call to toInterfaceArray | | SystemCommandExecutors.go:100:3:100:60 | call to Exec | SystemCommandExecutors.go:100:16:100:21 | source | -| SystemCommandExecutors.go:101:3:101:73 | call to ForkExec | SystemCommandExecutors.go:101:20:101:25 | source | -| SystemCommandExecutors.go:102:3:102:77 | call to StartProcess | SystemCommandExecutors.go:102:24:102:29 | source | -| SystemCommandExecutors.go:104:3:104:76 | call to StartProcess | SystemCommandExecutors.go:104:24:104:28 | shell | -| SystemCommandExecutors.go:104:3:104:76 | call to StartProcess | SystemCommandExecutors.go:104:31:104:54 | composite literal | -| SystemCommandExecutors.go:104:3:104:76 | call to StartProcess | SystemCommandExecutors.go:104:57:104:75 | &... | +| SystemCommandExecutors.go:101:3:101:77 | call to StartProcess | SystemCommandExecutors.go:101:24:101:29 | source | +| SystemCommandExecutors.go:103:3:103:76 | call to StartProcess | SystemCommandExecutors.go:103:24:103:28 | shell | +| SystemCommandExecutors.go:103:3:103:76 | call to StartProcess | SystemCommandExecutors.go:103:31:103:54 | composite literal | +| SystemCommandExecutors.go:103:3:103:76 | call to StartProcess | SystemCommandExecutors.go:103:57:103:75 | &... | diff --git a/ql/test/library-tests/semmle/go/frameworks/SystemCommandExecutors/SystemCommandExecutors.go b/ql/test/library-tests/semmle/go/frameworks/SystemCommandExecutors/SystemCommandExecutors.go index e66a076249c..2c184f3b00f 100644 --- a/ql/test/library-tests/semmle/go/frameworks/SystemCommandExecutors/SystemCommandExecutors.go +++ b/ql/test/library-tests/semmle/go/frameworks/SystemCommandExecutors/SystemCommandExecutors.go @@ -98,7 +98,6 @@ func handler(w http.ResponseWriter, req *http.Request) { // syscall { syscall.Exec(source, []string{"arg1", "arg2"}, []string{}) - syscall.ForkExec(source, []string{"arg1", "arg2"}, &syscall.ProcAttr{}) syscall.StartProcess(source, []string{"arg1", "arg2"}, &syscall.ProcAttr{}) syscall.StartProcess(shell, []string{source, "arg2"}, &syscall.ProcAttr{})