diff --git a/ql/src/semmle/go/frameworks/stdlib/EncodingHex.qll b/ql/src/semmle/go/frameworks/stdlib/EncodingHex.qll index 17b9dc858b6..c76c414a5a6 100644 --- a/ql/src/semmle/go/frameworks/stdlib/EncodingHex.qll +++ b/ql/src/semmle/go/frameworks/stdlib/EncodingHex.qll @@ -19,29 +19,9 @@ module EncodingHex { hasQualifiedName("encoding/hex", "DecodeString") and (inp.isParameter(0) and outp.isResult(0)) or - // signature: func Dump(data []byte) string - hasQualifiedName("encoding/hex", "Dump") and - (inp.isParameter(0) and outp.isResult()) - or - // signature: func Dumper(w io.Writer) io.WriteCloser - hasQualifiedName("encoding/hex", "Dumper") and - (inp.isResult() and outp.isParameter(0)) - or - // signature: func Encode(dst []byte, src []byte) int - hasQualifiedName("encoding/hex", "Encode") and - (inp.isParameter(1) and outp.isParameter(0)) - or - // signature: func EncodeToString(src []byte) string - hasQualifiedName("encoding/hex", "EncodeToString") and - (inp.isParameter(0) and outp.isResult()) - or // signature: func NewDecoder(r io.Reader) io.Reader hasQualifiedName("encoding/hex", "NewDecoder") and (inp.isParameter(0) and outp.isResult()) - or - // signature: func NewEncoder(w io.Writer) io.Writer - hasQualifiedName("encoding/hex", "NewEncoder") and - (inp.isResult() and outp.isParameter(0)) } override predicate hasTaintFlow(FunctionInput input, FunctionOutput output) { diff --git a/ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/EncodingHex.go b/ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/EncodingHex.go index 38c67ddacf4..ef022b2061b 100644 --- a/ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/EncodingHex.go +++ b/ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/EncodingHex.go @@ -20,45 +20,10 @@ func TaintStepTest_EncodingHexDecodeString_B0I0O0(sourceCQL interface{}) interfa return intoByte650 } -func TaintStepTest_EncodingHexDump_B0I0O0(sourceCQL interface{}) interface{} { - fromByte784 := sourceCQL.([]byte) - intoString957 := hex.Dump(fromByte784) - return intoString957 -} - -func TaintStepTest_EncodingHexDumper_B0I0O0(sourceCQL interface{}) interface{} { - fromWriteCloser520 := sourceCQL.(io.WriteCloser) - var intoWriter443 io.Writer - intermediateCQL := hex.Dumper(intoWriter443) - link(fromWriteCloser520, intermediateCQL) - return intoWriter443 -} - -func TaintStepTest_EncodingHexEncode_B0I0O0(sourceCQL interface{}) interface{} { - fromByte127 := sourceCQL.([]byte) - var intoByte483 []byte - hex.Encode(intoByte483, fromByte127) - return intoByte483 -} - -func TaintStepTest_EncodingHexEncodeToString_B0I0O0(sourceCQL interface{}) interface{} { - fromByte989 := sourceCQL.([]byte) - intoString982 := hex.EncodeToString(fromByte989) - return intoString982 -} - func TaintStepTest_EncodingHexNewDecoder_B0I0O0(sourceCQL interface{}) interface{} { - fromReader417 := sourceCQL.(io.Reader) - intoReader584 := hex.NewDecoder(fromReader417) - return intoReader584 -} - -func TaintStepTest_EncodingHexNewEncoder_B0I0O0(sourceCQL interface{}) interface{} { - fromWriter991 := sourceCQL.(io.Writer) - var intoWriter881 io.Writer - intermediateCQL := hex.NewEncoder(intoWriter881) - link(fromWriter991, intermediateCQL) - return intoWriter881 + fromReader784 := sourceCQL.(io.Reader) + intoReader957 := hex.NewDecoder(fromReader784) + return intoReader957 } func RunAllTaints_EncodingHex() { @@ -74,32 +39,7 @@ func RunAllTaints_EncodingHex() { } { source := newSource(2) - out := TaintStepTest_EncodingHexDump_B0I0O0(source) + out := TaintStepTest_EncodingHexNewDecoder_B0I0O0(source) sink(2, out) } - { - source := newSource(3) - out := TaintStepTest_EncodingHexDumper_B0I0O0(source) - sink(3, out) - } - { - source := newSource(4) - out := TaintStepTest_EncodingHexEncode_B0I0O0(source) - sink(4, out) - } - { - source := newSource(5) - out := TaintStepTest_EncodingHexEncodeToString_B0I0O0(source) - sink(5, out) - } - { - source := newSource(6) - out := TaintStepTest_EncodingHexNewDecoder_B0I0O0(source) - sink(6, out) - } - { - source := newSource(7) - out := TaintStepTest_EncodingHexNewEncoder_B0I0O0(source) - sink(7, out) - } }