hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-03 04:39:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add Argument.getACorrespondingSyntacticArgument

Browse Source
This commit is contained in:
Owen Mansel-Chan
2024-08-16 11:02:41 +01:00
parent 652dd88c36
commit ced000ae46
5 changed files with 24 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
go/ql/lib/semmle/go/Concepts.qll
View File

@@ -121,11 +121,7 @@ private class DefaultFileSystemAccess extends FileSystemAccess::Range, DataFlow:
}
override DataFlow::Node getAPathArgument() {
not pathArgument instanceof DataFlow::ImplicitVarargsSlice and
result = pathArgument
or
pathArgument instanceof DataFlow::ImplicitVarargsSlice and
result = this.getAnImplicitVarargsArgument()
result = pathArgument.getACorrespondingSyntacticArgument()
}
}
@@ -378,19 +374,15 @@ module LoggerCall {
}
private class DefaultLoggerCall extends LoggerCall::Range, DataFlow::CallNode {
DataFlow::ArgumentNode messageComponent;
DataFlow::ArgumentNode messageArgument;
DefaultLoggerCall() {
sinkNode(messageComponent, "log-injection") and
this = messageComponent.getCall()
sinkNode(messageArgument, "log-injection") and
this = messageArgument.getCall()
}
override DataFlow::Node getAMessageComponent() {
not messageComponent instanceof DataFlow::ImplicitVarargsSlice and
result = messageComponent
or
messageComponent instanceof DataFlow::ImplicitVarargsSlice and
result = this.getAnImplicitVarargsArgument()
result = messageArgument.getACorrespondingSyntacticArgument()
}
}

8
go/ql/lib/semmle/go/concepts/HTTP.qll
View File

@@ -332,13 +332,7 @@ module Http {
)
}
override DataFlow::Node getUrl() {
not url instanceof DataFlow::ImplicitVarargsSlice and
result = url
or
url instanceof DataFlow::ImplicitVarargsSlice and
result = this.getAnImplicitVarargsArgument()
}
override DataFlow::Node getUrl() { result = url.getACorrespondingSyntacticArgument() }
override Http::ResponseWriter getResponseWriter() {
rw = -1 and result.getANode() = this.getReceiver()

21
go/ql/lib/semmle/go/dataflow/internal/DataFlowNodes.qll
View File

@@ -841,11 +841,7 @@ module Public {
or
preupd = getAWrittenNode()
or
(
preupd instanceof ArgumentNode and not preupd instanceof ImplicitVarargsSlice
or
preupd = any(CallNode c).getAnImplicitVarargsArgument()
) and
preupd = any(ArgumentNode arg).getACorrespondingSyntacticArgument() and
mutableType(preupd.getType())
) and
(
@@ -889,6 +885,21 @@ module Public {
* Gets this argument's position.
*/
int getPosition() { result = i }
/**
* Gets a data-flow node for a syntactic argument corresponding this this
* argument. If this argument is not an implicit varargs slice then this
* will just be the argument itself. If this argument is an implicit
* varargs slice then this will be a data-flow node that for an argument
* that is stored in the implicit varargs slice.
*/
Node getACorrespondingSyntacticArgument() {
not this instanceof DataFlow::ImplicitVarargsSlice and
result = this
or
this instanceof DataFlow::ImplicitVarargsSlice and
result = c.getAnImplicitVarargsArgument()
}
}
/**

6
go/ql/lib/semmle/go/frameworks/SQL.qll
View File

@@ -70,11 +70,7 @@ module SQL {
private class DefaultQueryString extends Range {
DefaultQueryString() {
exists(DataFlow::ArgumentNode arg | sinkNode(arg, "sql-injection") |
not arg instanceof DataFlow::ImplicitVarargsSlice and
this = arg
or
arg instanceof DataFlow::ImplicitVarargsSlice and
this = arg.getCall().getAnImplicitVarargsArgument()
this = arg.getACorrespondingSyntacticArgument()
)
}
}

6
go/ql/lib/semmle/go/frameworks/SystemCommandExecutors.qll
View File

@@ -16,11 +16,7 @@ private class DefaultSystemCommandExecution extends SystemCommandExecution::Rang
}
override DataFlow::Node getCommandName() {
not commandName instanceof DataFlow::ImplicitVarargsSlice and
result = commandName
or
commandName instanceof DataFlow::ImplicitVarargsSlice and
result = this.getAnImplicitVarargsArgument()
result = commandName.getACorrespondingSyntacticArgument()
}
}