Test models of flow through fields

ql/test/library-tests/semmle/go/dataflow/ExternalFlow/completetest.ql

@@ -32,6 +32,8 @@ class SummaryModelTest extends SummaryModelCsv {
         "github.com/nonexistent/test;;false;GetElement;;;Element of Argument[0];ReturnValue;value",
         "github.com/nonexistent/test;;false;GetMapKey;;;MapKey of Argument[0];ReturnValue;value",
         "github.com/nonexistent/test;;false;SetElement;;;Argument[0];Element of ReturnValue;value",
+        "github.com/nonexistent/test;C;false;Get;;;Field[github.com/nonexistent/test.C.F] of Argument[-1];ReturnValue;value",
+        "github.com/nonexistent/test;C;false;Set;;;Argument[0];Field[github.com/nonexistent/test.C.F] of Argument[-1];value",
       ]
   }
 }

ql/test/library-tests/semmle/go/dataflow/ExternalFlow/test.go

@@ -123,7 +123,20 @@ func simpleflow() {
 	b.Sink1(slice[0]) // $ hasTaintFlow="index expression"
 
 	ch := make(chan string)
-	ch <- a.Src1()
+	ch <- a.Src1().(string)
 	taint16 := test.StepArgCollectionContentRes(ch)
 	b.Sink1(taint16) // $ MISSING: hasTaintFlow="taint16" // currently fails due to lack of post-update nodes after send statements
+
+	c1 := test.C{""}
+	c1.Set(a.Src1().(string))
+	b.Sink1(c1.F) // $ hasTaintFlow="selection of F"
+
+	c2 := test.C{a.Src1().(string)}
+	b.Sink1(c2.Get()) // $ hasTaintFlow="call to Get"
+
+	c3 := test.C{""}
+	c3.Set(a.Src1().(string))
+	b.Sink1(c3.Get()) // $ MISSING: hasTaintFlow="call to Get"
+	c4 := c3
+	b.Sink1(c4.Get()) // $ hasTaintFlow="call to Get"
 }

ql/test/library-tests/semmle/go/dataflow/ExternalFlow/vendor/github.com/nonexistent/test/stub.go

@@ -59,3 +59,10 @@ type B interface {
 	Sink1(arg interface{})
 	SinkMethod() interface{}
 }
+
+type C struct {
+	F string
+}
+
+func (c C) Set(f string) {}
+func (c C) Get() string  { return "" }