hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-26 09:15:12 +02:00
Code Issues Packages Projects Releases Wiki Activity

database source tests

Browse Source
This commit is contained in:
Ed Minnix
2025-01-03 21:52:26 -05:00
parent 80ad349a48
commit e9fdc8a34c
7 changed files with 56 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
go/ql/test/library-tests/semmle/go/dataflow/flowsources/local/database/sink.go Normal file
View File

@@ -0,0 +1,5 @@
package test
func sink(x ...any) {}
func ignore(...any) {}

2
go/ql/test/library-tests/semmle/go/dataflow/flowsources/local/database/source.expected Normal file
View File

@@ -0,0 +1,2 @@
testFailures
invalidModelRow

6
go/ql/test/library-tests/semmle/go/dataflow/flowsources/local/database/source.ext.yml Normal file
View File

@@ -0,0 +1,6 @@
extensions:
- addsTo:
pack: codeql/threat-models
extensible: threatModelConfiguration
data:
- ["database", true, 0]

19
go/ql/test/library-tests/semmle/go/dataflow/flowsources/local/database/source.ql Normal file
View File

@@ -0,0 +1,19 @@
import go
import ModelValidation
import utils.test.InlineExpectationsTest
module SourceTest implements TestSig {
string getARelevantTag() { result = "source" }
predicate hasActualResult(Location location, string element, string tag, string value) {
exists(ActiveThreatModelSource s |
s.hasLocationInfo(location.getFile().getAbsolutePath(), location.getStartLine(),
location.getStartColumn(), location.getEndLine(), location.getEndColumn()) and
element = s.toString() and
value = "" and
tag = "source"
)
}
}
import MakeTest<SourceTest>

2
go/ql/test/library-tests/semmle/go/dataflow/flowsources/local/database/test.expected Normal file
View File

@@ -0,0 +1,2 @@
testFailures
invalidModelRow

7
go/ql/test/library-tests/semmle/go/dataflow/flowsources/local/database/test.ext.yml Normal file
View File

@@ -0,0 +1,7 @@
extensions:
- addsTo:
pack: codeql/threat-models
extensible: threatModelConfiguration
data:
- ["database", true, 0]

15
go/ql/test/library-tests/semmle/go/dataflow/flowsources/local/database/test.ql Normal file
View File

@@ -0,0 +1,15 @@
import go
import semmle.go.dataflow.ExternalFlow
import ModelValidation
import experimental.frameworks.CleverGo
import utils.test.InlineFlowTest
module Config implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node source) { source instanceof ActiveThreatModelSource }
predicate isSink(DataFlow::Node sink) {
sink.asExpr() = any(CallExpr c | c.getTarget().getName() = "sink").getAnArgument()
}
}
import TaintFlowTest<Config>