From e142818fe5f6c03a166b743bed8d8dc7835cd337 Mon Sep 17 00:00:00 2001 From: Edward Minnix III Date: Tue, 20 Aug 2024 17:08:50 -0400 Subject: [PATCH] Remove `Select` example. Go does not currently have any equivalent with regards to lambda flow --- .../customizing-library-models-for-go.rst | 59 ------------------- 1 file changed, 59 deletions(-) diff --git a/docs/codeql/codeql-language-guides/customizing-library-models-for-go.rst b/docs/codeql/codeql-language-guides/customizing-library-models-for-go.rst index 2ed3ab3e659..d11eda01e2d 100644 --- a/docs/codeql/codeql-language-guides/customizing-library-models-for-go.rst +++ b/docs/codeql/codeql-language-guides/customizing-library-models-for-go.rst @@ -250,65 +250,6 @@ The remaining values are used to define the ``access path``, the ``kind``, and t - The ninth value ``taint`` is the kind of the flow. ``taint`` means that taint is propagated through the call. - The tenth value ``manual`` is the provenance of the summary, which is used to identify the origin of the summary. -Example: Add flow through the ``Select`` method -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -This example shows how the C# query pack models a more complex flow through a method. -Here we model flow through higher order methods and collection types, as well as how to handle extension methods and generics. - -.. code-block:: csharp - - public static void TaintFlow(IEnumerable stream) { - IEnumerable lines = stream.Select(item => item + "\n"); - ... - } - -We need to add tuples to the ``summaryModel``\(namespace, type, subtypes, name, signature, ext, input, output, kind, provenance) extensible predicate by updating a data extension file: - -.. code-block:: yaml - - extensions: - - addsTo: - pack: codeql/csharp-all - extensible: summaryModel - data: - - ["System.Linq", "Enumerable", False, "Select", "(System.Collections.Generic.IEnumerable,System.Func)", "", "Argument[0].Element", "Argument[1].Parameter[0]", "value", "manual"] - - ["System.Linq", "Enumerable", False, "Select", "(System.Collections.Generic.IEnumerable,System.Func)", "", "Argument[1].ReturnValue", "ReturnValue.Element", "value", "manual"] - - -Since we are adding flow through a method, we need to add tuples to the ``summaryModel`` extensible predicate. -Each tuple defines part of the flow that comprises the total flow through the ``Select`` method. -The first five values identify the callable (in this case a method) to be modeled as a summary. -These are the same for both of the rows above as we are adding two summaries for the same method. - -- The first value ``System.Linq`` is the namespace name. -- The second value ``Enumerable`` is the class (type) name. -- The third value ``False`` is a flag that indicates whether or not the summary also applies to all overrides of the method. -- The fourth value ``Select`` is the method name, along with the type parameters for the method. The names of the generic type parameters provided in the model must match the names of the generic type parameters in the method signature in the source code. -- The fifth value ``(System.Collections.Generic.IEnumerable,System.Func)`` is the method input type signature. The generics in the signature must match the generics in the method signature in the source code. - -The sixth value should be left empty and is out of scope for this documentation. -The remaining values are used to define the ``access path``, the ``kind``, and the ``provenance`` (origin) of the summary definition. - -- The seventh value is the access path to the ``input`` (where data flows from). -- The eighth value is the access path to the ``output`` (where data flows to). - -For the first row: - -- The seventh value is ``Argument[0].Element``, which is the access path to the elements of the qualifier (the elements of the enumerable ``stream`` in the example). -- The eight value is ``Argument[1].Parameter[0]``, which is the access path to the first parameter of the ``System.Func`` argument of ``Select`` (the lambda parameter ``item`` in the example). - -For the second row: - -- The seventh value is ``Argument[1].ReturnValue``, which is the access path to the return value of the ``System.Func`` argument of ``Select`` (the return value of the lambda in the example). -- The eighth value is ``ReturnValue.Element``, which is the access path to the elements of the return value of ``Select`` (the elements of the enumerable ``lines`` in the example). - -For the remaining values for both rows: - -- The ninth value ``value`` is the kind of the flow. ``value`` means that the value is preserved. -- The tenth value ``manual`` is the provenance of the summary, which is used to identify the origin of the summary. - -That is, the first row specifies that values can flow from the elements of the qualifier enumerable into the first argument of the function provided to ``Select``. The second row specifies that values can flow from the return value of the function to the elements of the enumerable returned from ``Select``. - Example: Accessing the ``Body`` field of an HTTP request ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ This example shows how we can model a field read as a source of tainted data.