diff --git a/ql/src/semmle/go/frameworks/Stdlib.qll b/ql/src/semmle/go/frameworks/Stdlib.qll index 864928d7e01..03822765950 100644 --- a/ql/src/semmle/go/frameworks/Stdlib.qll +++ b/ql/src/semmle/go/frameworks/Stdlib.qll @@ -14,6 +14,7 @@ import semmle.go.frameworks.stdlib.CompressLzw import semmle.go.frameworks.stdlib.CompressZlib import semmle.go.frameworks.stdlib.ContainerHeap import semmle.go.frameworks.stdlib.ContainerList +import semmle.go.frameworks.stdlib.ContainerRing import semmle.go.frameworks.stdlib.Mime import semmle.go.frameworks.stdlib.MimeMultipart import semmle.go.frameworks.stdlib.MimeQuotedprintable diff --git a/ql/src/semmle/go/frameworks/stdlib/ContainerRing.qll b/ql/src/semmle/go/frameworks/stdlib/ContainerRing.qll new file mode 100644 index 00000000000..47ff577582f --- /dev/null +++ b/ql/src/semmle/go/frameworks/stdlib/ContainerRing.qll @@ -0,0 +1,39 @@ +/** + * Provides classes modeling security-relevant aspects of the `container/ring` package. + */ + +import go + +/** Provides models of commonly used functions in the `container/ring` package. */ +module ContainerRing { + private class MethodModels extends TaintTracking::FunctionModel, Method { + FunctionInput inp; + FunctionOutput outp; + + MethodModels() { + // signature: func (*Ring).Link(s *Ring) *Ring + this.hasQualifiedName("container/ring", "Ring", "Link") and + (inp.isParameter(0) and outp.isResult()) + or + // signature: func (*Ring).Move(n int) *Ring + this.hasQualifiedName("container/ring", "Ring", "Move") and + (inp.isReceiver() and outp.isResult()) + or + // signature: func (*Ring).Next() *Ring + this.hasQualifiedName("container/ring", "Ring", "Next") and + (inp.isReceiver() and outp.isResult()) + or + // signature: func (*Ring).Prev() *Ring + this.hasQualifiedName("container/ring", "Ring", "Prev") and + (inp.isReceiver() and outp.isResult()) + or + // signature: func (*Ring).Unlink(n int) *Ring + this.hasQualifiedName("container/ring", "Ring", "Unlink") and + (inp.isReceiver() and outp.isResult()) + } + + override predicate hasTaintFlow(FunctionInput input, FunctionOutput output) { + input = inp and output = outp + } + } +} diff --git a/ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/ContainerRing.go b/ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/ContainerRing.go new file mode 100644 index 00000000000..6b086a14177 --- /dev/null +++ b/ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/ContainerRing.go @@ -0,0 +1,64 @@ +// Code generated by https://github.com/gagliardetto/codebox. DO NOT EDIT. + +package main + +import "container/ring" + +func TaintStepTest_ContainerRingRingLink_B0I0O0(sourceCQL interface{}) interface{} { + fromRing656 := sourceCQL.(*ring.Ring) + var mediumObjCQL ring.Ring + intoRing414 := mediumObjCQL.Link(fromRing656) + return intoRing414 +} + +func TaintStepTest_ContainerRingRingMove_B0I0O0(sourceCQL interface{}) interface{} { + fromRing518 := sourceCQL.(ring.Ring) + intoRing650 := fromRing518.Move(0) + return intoRing650 +} + +func TaintStepTest_ContainerRingRingNext_B0I0O0(sourceCQL interface{}) interface{} { + fromRing784 := sourceCQL.(ring.Ring) + intoRing957 := fromRing784.Next() + return intoRing957 +} + +func TaintStepTest_ContainerRingRingPrev_B0I0O0(sourceCQL interface{}) interface{} { + fromRing520 := sourceCQL.(ring.Ring) + intoRing443 := fromRing520.Prev() + return intoRing443 +} + +func TaintStepTest_ContainerRingRingUnlink_B0I0O0(sourceCQL interface{}) interface{} { + fromRing127 := sourceCQL.(ring.Ring) + intoRing483 := fromRing127.Unlink(0) + return intoRing483 +} + +func RunAllTaints_ContainerRing() { + { + source := newSource(0) + out := TaintStepTest_ContainerRingRingLink_B0I0O0(source) + sink(0, out) + } + { + source := newSource(1) + out := TaintStepTest_ContainerRingRingMove_B0I0O0(source) + sink(1, out) + } + { + source := newSource(2) + out := TaintStepTest_ContainerRingRingNext_B0I0O0(source) + sink(2, out) + } + { + source := newSource(3) + out := TaintStepTest_ContainerRingRingPrev_B0I0O0(source) + sink(3, out) + } + { + source := newSource(4) + out := TaintStepTest_ContainerRingRingUnlink_B0I0O0(source) + sink(4, out) + } +}