hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-29 14:23:03 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #591 from owen-mc/update-inline-expectations-test

Browse Source 
Update inline expectations test
This commit is contained in:
Chris Smowton
2021-10-21 12:41:57 +01:00
committed by GitHub
parent 32d71e8247 f4d9f2f2fa
commit efecc9ab80
43 changed files with 791 additions and 730 deletions
Download Patch File Download Diff File Expand all files Collapse all files

179
ql/test/TestUtilities/InlineExpectationsTest.qll
View File

@@ -1,6 +1,7 @@
/**
* Provides a library for writing QL tests whose success or failure is based on expected results
* embedded in the test source code as comments, rather than a `.expected` file.
* embedded in the test source code as comments, rather than the contents of an `.expected` file
* (in that the `.expected` file should always be empty).
*
* To add this framework to a new language:
* - Add a file `InlineExpectationsTestPrivate.qll` that defines a `ExpectationComment` class. This class
@@ -43,15 +44,15 @@
* There is no need to write a `select` clause or query predicate. All of the differences between
* expected results and actual results will be reported in the `failures()` query predicate.
*
* To annotate the test source code with an expected result, place a comment on the
* To annotate the test source code with an expected result, place a comment starting with a `$` on the
* same line as the expected result, with text of the following format as the body of the comment:
*
* `$tag=expected-value`
* `tag=expected-value`
*
* Where `tag` is the value of the `tag` parameter from `hasActualResult()`, and `expected-value` is
* the value of the `value` parameter from `hasActualResult()`. The `=expected-value` portion may be
* omitted, in which case `expected-value` is treated as the empty string. Multiple expectations may
* be placed in the same comment, as long as each is prefixed by a `$`. Any actual result that
* be placed in the same comment. Any actual result that
* appears on a line that does not contain a matching expected result comment will be reported with
* a message of the form "Unexpected result: tag=value". Any expected result comment for which there
* is no matching actual result will be reported with a message of the form
@@ -59,31 +60,34 @@
*
* Example:
* ```cpp
* int i = x + 5; // $const=5
* int j = y + (7 - 3) // $const=7 $const=3 $const=4 // The result of the subtraction is a constant.
* int i = x + 5; // $ const=5
* int j = y + (7 - 3) // $ const=7 const=3 const=4 // The result of the subtraction is a constant.
* ```
*
* For tests that contain known false positives and false negatives, it is possible to further
* annotate that a particular expected result is known to be a false positive, or that a particular
* missing result is known to be a false negative:
* For tests that contain known missing and spurious results, it is possible to further
* annotate that a particular expected result is known to be spurious, or that a particular
* missing result is known to be missing:
*
* `$f+:tag=expected-value` // False positive
* `$f-:tag=expected-value` // False negative
* `$ SPURIOUS: tag=expected-value` // Spurious result
* `$ MISSING: tag=expected-value` // Missing result
*
* A false positive expectation is treated as any other expected result, except that if there is no
* matching actual result, the message will be of the form "Fixed false positive: tag=value". A
* false negative expectation is treated as if there were no expected result, except that if a
* A spurious expectation is treated as any other expected result, except that if there is no
* matching actual result, the message will be of the form "Fixed spurious result: tag=value". A
* missing expectation is treated as if there were no expected result, except that if a
* matching expected result is found, the message will be of the form
* "Fixed false negative: tag=value".
* "Fixed missing result: tag=value".
*
* A single line can contain all the expected, spurious and missing results of that line. For instance:
* `$ tag1=value1 SPURIOUS: tag2=value2 MISSING: tag3=value3`.
*
* If the same result value is expected for two or more tags on the same line, there is a shorthand
* notation available:
*
* `$tag1,tag2=expected-value`
* `tag1,tag2=expected-value`
*
* is equivalent to:
*
* `$tag1=expected-value $tag2=expected-value`
* `tag1=expected-value tag2=expected-value`
*/
private import InlineExpectationsTestPrivate
@@ -119,6 +123,11 @@ abstract class InlineExpectationsTest extends string {
*/
abstract predicate hasActualResult(string file, int line, string element, string tag, string value);
predicate hasActualResult(Location location, string element, string tag, string value) {
this.hasActualResult(location.getFile().getAbsolutePath(), location.getStartLine(), element,
tag, value)
}
final predicate hasFailureMessage(FailureLocatable element, string message) {
exists(ActualResult actualResult |
actualResult.getTest() = this and
@@ -126,7 +135,7 @@ abstract class InlineExpectationsTest extends string {
(
exists(FalseNegativeExpectation falseNegative |
falseNegative.matchesActualResult(actualResult) and
message = "Fixed false negative:" + falseNegative.getExpectationText()
message = "Fixed missing result:" + falseNegative.getExpectationText()
)
or
not exists(ValidExpectation expectation | expectation.matchesActualResult(actualResult)) and
@@ -143,7 +152,7 @@ abstract class InlineExpectationsTest extends string {
message = "Missing result:" + expectation.getExpectationText()
or
expectation instanceof FalsePositiveExpectation and
message = "Fixed false positive:" + expectation.getExpectationText()
message = "Fixed spurious result:" + expectation.getExpectationText()
)
)
or
@@ -160,54 +169,105 @@ abstract class InlineExpectationsTest extends string {
* is treated as part of the expected results, except that the comment may contain a `//` sequence
* to treat the remainder of the line as a regular (non-interpreted) comment.
*/
private string expectationCommentPattern() { result = "\\s*(\\$(?:[^/]|/[^/])*)(?://.*)?" }
private string expectationCommentPattern() { result = "\\s*\\$((?:[^/]|/[^/])*)(?://.*)?" }
/**
* RegEx pattern to match a single expected result, not including the leading `$`. It starts with an
* optional `f+:` or `f-:`, followed by one or more comma-separated tags containing only letters,
* `-`, and `_`, optionally followed by `=` and the expected value.
* The possible columns in an expectation comment. The `TDefaultColumn` branch represents the first
* column in a comment. This column is not precedeeded by a name. `TNamedColumn(name)` represents a
* column containing expected results preceeded by the string `name:`.
*/
private string expectationPattern() {
result = "(?:(f(?:\\+|-)):)?((?:[A-Za-z-_]+)(?:\\s*,\\s*[A-Za-z-_]+)*)(?:=(.*))?"
private newtype TColumn =
TDefaultColumn() or
TNamedColumn(string name) { name = ["MISSING", "SPURIOUS"] }
bindingset[start, content]
private int getEndOfColumnPosition(int start, string content) {
result =
min(string name, int cand |
exists(TNamedColumn(name)) and
cand = content.indexOf(name + ":") and
cand >= start
|
cand
)
or
not exists(string name |
exists(TNamedColumn(name)) and
content.indexOf(name + ":") >= start
) and
result = content.length()
}
private string getAnExpectation(ExpectationComment comment) {
result = comment.getContents().regexpCapture(expectationCommentPattern(), 1).splitAt("$").trim() and
result != ""
private predicate getAnExpectation(
ExpectationComment comment, TColumn column, string expectation, string tags, string value
) {
exists(string content |
content = comment.getContents().regexpCapture(expectationCommentPattern(), 1) and
(
column = TDefaultColumn() and
exists(int end |
end = getEndOfColumnPosition(0, content) and
expectation = content.prefix(end).regexpFind(expectationPattern(), _, _).trim()
)
or
exists(string name, int start, int end |
column = TNamedColumn(name) and
start = content.indexOf(name + ":") + name.length() + 1 and
end = getEndOfColumnPosition(start, content) and
expectation = content.substring(start, end).regexpFind(expectationPattern(), _, _).trim()
)
)
) and
tags = expectation.regexpCapture(expectationPattern(), 1) and
if exists(expectation.regexpCapture(expectationPattern(), 2))
then value = expectation.regexpCapture(expectationPattern(), 2)
else value = ""
}
private string getColumnString(TColumn column) {
column = TDefaultColumn() and result = ""
or
column = TNamedColumn(result)
}
/**
* RegEx pattern to match a single expected result, not including the leading `$`. It consists of one or
* more comma-separated tags containing only letters, digits, `-` and `_` (note that the first character
* must not be a digit), optionally followed by `=` and the expected value.
*/
private string expectationPattern() {
exists(string tag, string tags, string value |
tag = "[A-Za-z-_][A-Za-z-_0-9]*" and
tags = "((?:" + tag + ")(?:\\s*,\\s*" + tag + ")*)" and
// In Python, we allow both `"` and `'` for strings, as well as the prefixes `bru`.
// For example, `b"foo"`.
value = "((?:[bru]*\"[^\"]*\"|[bru]*'[^']*'|\\S+)*)" and
result = tags + "(?:=" + value + ")?"
)
}
private newtype TFailureLocatable =
TActualResult(
InlineExpectationsTest test, string file, int line, string element, string tag, string value
InlineExpectationsTest test, Location location, string element, string tag, string value
) {
test.hasActualResult(file, line, element, tag, value)
test.hasActualResult(location, element, tag, value)
} or
TValidExpectation(ExpectationComment comment, string tag, string value, string knownFailure) {
exists(string expectation |
expectation = getAnExpectation(comment) and
expectation.regexpMatch(expectationPattern()) and
tag = expectation.regexpCapture(expectationPattern(), 2).splitAt(",").trim() and
(
if exists(expectation.regexpCapture(expectationPattern(), 3))
then value = expectation.regexpCapture(expectationPattern(), 3)
else value = ""
) and
(
if exists(expectation.regexpCapture(expectationPattern(), 1))
then knownFailure = expectation.regexpCapture(expectationPattern(), 1)
else knownFailure = ""
)
exists(TColumn column, string tags |
getAnExpectation(comment, column, _, tags, value) and
tag = tags.splitAt(",") and
knownFailure = getColumnString(column)
)
} or
TInvalidExpectation(ExpectationComment comment, string expectation) {
expectation = getAnExpectation(comment) and
getAnExpectation(comment, _, expectation, _, _) and
not expectation.regexpMatch(expectationPattern())
}
class FailureLocatable extends TFailureLocatable {
string toString() { none() }
predicate hasLocation(string file, int line) { none() }
Location getLocation() { none() }
final string getExpectationText() { result = this.getTag() + "=" + this.getValue() }
@@ -218,17 +278,16 @@ class FailureLocatable extends TFailureLocatable {
class ActualResult extends FailureLocatable, TActualResult {
InlineExpectationsTest test;
string file;
int line;
Location location;
string element;
string tag;
string value;
ActualResult() { this = TActualResult(test, file, line, element, tag, value) }
ActualResult() { this = TActualResult(test, location, element, tag, value) }
override string toString() { result = element }
override predicate hasLocation(string f, int l) { f = file and l = line }
override Location getLocation() { result = location }
InlineExpectationsTest getTest() { result = test }
@@ -242,9 +301,7 @@ abstract private class Expectation extends FailureLocatable {
override string toString() { result = comment.toString() }
override predicate hasLocation(string file, int line) {
comment.hasLocationInfo(file, line, _, _, _)
}
override Location getLocation() { result = comment.getLocation() }
}
private class ValidExpectation extends Expectation, TValidExpectation {
@@ -261,24 +318,24 @@ private class ValidExpectation extends Expectation, TValidExpectation {
string getKnownFailure() { result = knownFailure }
predicate matchesActualResult(ActualResult actualResult) {
exists(string file, int line | actualResult.hasLocation(file, line) |
this.hasLocation(file, line)
) and
this.getLocation().getStartLine() = actualResult.getLocation().getStartLine() and
this.getLocation().getFile() = actualResult.getLocation().getFile() and
this.getTag() = actualResult.getTag() and
this.getValue() = actualResult.getValue()
}
}
/* Note: These next three classes correspond to all the possible values of type `TColumn`. */
class GoodExpectation extends ValidExpectation {
GoodExpectation() { this.getKnownFailure() = "" }
}
class FalsePositiveExpectation extends ValidExpectation {
FalsePositiveExpectation() { this.getKnownFailure() = "f+" }
FalsePositiveExpectation() { this.getKnownFailure() = "SPURIOUS" }
}
class FalseNegativeExpectation extends ValidExpectation {
FalseNegativeExpectation() { this.getKnownFailure() = "f-" }
FalseNegativeExpectation() { this.getKnownFailure() = "MISSING" }
}
class InvalidExpectation extends Expectation, TInvalidExpectation {
@@ -289,8 +346,6 @@ class InvalidExpectation extends Expectation, TInvalidExpectation {
string getExpectation() { result = expectation }
}
query predicate failures(string file, int line, FailureLocatable element, string message) {
exists(InlineExpectationsTest test | test.hasFailureMessage(element, message) |
element.hasLocation(file, line)
)
query predicate failures(FailureLocatable element, string message) {
exists(InlineExpectationsTest test | test.hasFailureMessage(element, message))
}

12
ql/test/experimental/frameworks/CleverGo/HeaderWrite.go
View File

@@ -15,7 +15,7 @@ func HeaderWrite_ClevergoTechClevergoV052() {
keyString506 := source().(string)
valString213 := source().(string)
var rece clevergo.Context
rece.SetHeader(keyString506, valString213) // $headerKeyNode=keyString506 $headerValNode=valString213
rece.SetHeader(keyString506, valString213) // $ headerKeyNode=keyString506 headerValNode=valString213
}
}
}
@@ -27,7 +27,7 @@ func HeaderWrite_ClevergoTechClevergoV052() {
{
valString468 := source().(string)
var rece clevergo.Context
rece.SetContentType(valString468) // $headerKey=content-type $headerValNode=valString468
rece.SetContentType(valString468) // $ headerKey=content-type headerValNode=valString468
}
}
}
@@ -38,22 +38,22 @@ func HeaderWrite_ClevergoTechClevergoV052() {
// func (*Context).SetContentTypeHTML()
{
var rece clevergo.Context
rece.SetContentTypeHTML() // $headerKey=content-type $headerVal=text/html
rece.SetContentTypeHTML() // $ headerKey=content-type headerVal=text/html
}
// func (*Context).SetContentTypeJSON()
{
var rece clevergo.Context
rece.SetContentTypeJSON() // $headerKey=content-type $headerVal=application/json
rece.SetContentTypeJSON() // $ headerKey=content-type headerVal=application/json
}
// func (*Context).SetContentTypeText()
{
var rece clevergo.Context
rece.SetContentTypeText() // $headerKey=content-type $headerVal=text/plain
rece.SetContentTypeText() // $ headerKey=content-type headerVal=text/plain
}
// func (*Context).SetContentTypeXML()
{
var rece clevergo.Context
rece.SetContentTypeXML() // $headerKey=content-type $headerVal=text/xml
rece.SetContentTypeXML() // $ headerKey=content-type headerVal=text/xml
}
}
}

2
ql/test/experimental/frameworks/CleverGo/HttpRedirect.go
View File

@@ -14,7 +14,7 @@ func HttpRedirect_ClevergoTechClevergoV052() {
{
urlString316 := source().(string)
var rece clevergo.Context
rece.Redirect(0, urlString316) // $redirectUrl=urlString316
rece.Redirect(0, urlString316) // $ redirectUrl=urlString316
}
}
}

36
ql/test/experimental/frameworks/CleverGo/HttpResponseBody.go
View File

@@ -14,86 +14,86 @@ func HttpResponseBody_ClevergoTechClevergoV052() {
{
bodyString145 := source().(string)
var rece clevergo.Context
rece.Error(0, bodyString145) // $contentType=text/plain $responseBody=bodyString145
rece.Error(0, bodyString145) // $ contentType=text/plain responseBody=bodyString145
}
// func (*Context).HTML(code int, html string) error
{
bodyString817 := source().(string)
var rece clevergo.Context
rece.HTML(0, bodyString817) // $contentType=text/html $responseBody=bodyString817
rece.HTML(0, bodyString817) // $ contentType=text/html responseBody=bodyString817
}
// func (*Context).HTMLBlob(code int, bs []byte) error
{
bodyByte474 := source().([]byte)
var rece clevergo.Context
rece.HTMLBlob(0, bodyByte474) // $contentType=text/html $responseBody=bodyByte474
rece.HTMLBlob(0, bodyByte474) // $ contentType=text/html responseBody=bodyByte474
}
// func (*Context).JSON(code int, data interface{}) error
{
bodyInterface832 := source().(interface{})
var rece clevergo.Context
rece.JSON(0, bodyInterface832) // $contentType=application/json $responseBody=bodyInterface832
rece.JSON(0, bodyInterface832) // $ contentType=application/json responseBody=bodyInterface832
}
// func (*Context).JSONBlob(code int, bs []byte) error
{
bodyByte378 := source().([]byte)
var rece clevergo.Context
rece.JSONBlob(0, bodyByte378) // $contentType=application/json $responseBody=bodyByte378
rece.JSONBlob(0, bodyByte378) // $ contentType=application/json responseBody=bodyByte378
}
// func (*Context).JSONP(code int, data interface{}) error
{
bodyInterface541 := source().(interface{})
var rece clevergo.Context
rece.JSONP(0, bodyInterface541) // $contentType=application/javascript $responseBody=bodyInterface541
rece.JSONP(0, bodyInterface541) // $ contentType=application/javascript responseBody=bodyInterface541
}
// func (*Context).JSONPBlob(code int, bs []byte) error
{
bodyByte139 := source().([]byte)
var rece clevergo.Context
rece.JSONPBlob(0, bodyByte139) // $contentType=application/javascript $responseBody=bodyByte139
rece.JSONPBlob(0, bodyByte139) // $ contentType=application/javascript responseBody=bodyByte139
}
// func (*Context).JSONPCallback(code int, callback string, data interface{}) error
{
bodyInterface814 := source().(interface{})
var rece clevergo.Context
rece.JSONPCallback(0, "", bodyInterface814) // $contentType=application/javascript $responseBody=bodyInterface814
rece.JSONPCallback(0, "", bodyInterface814) // $ contentType=application/javascript responseBody=bodyInterface814
}
// func (*Context).JSONPCallbackBlob(code int, callback string, bs []byte) (err error)
{
bodyByte768 := source().([]byte)
var rece clevergo.Context
rece.JSONPCallbackBlob(0, "", bodyByte768) // $contentType=application/javascript $responseBody=bodyByte768
rece.JSONPCallbackBlob(0, "", bodyByte768) // $ contentType=application/javascript responseBody=bodyByte768
}
// func (*Context).String(code int, s string) error
{
bodyString468 := source().(string)
var rece clevergo.Context
rece.String(0, bodyString468) // $contentType=text/plain $responseBody=bodyString468
rece.String(0, bodyString468) // $ contentType=text/plain responseBody=bodyString468
}
// func (*Context).StringBlob(code int, bs []byte) error
{
bodyByte736 := source().([]byte)
var rece clevergo.Context
rece.StringBlob(0, bodyByte736) // $contentType=text/plain $responseBody=bodyByte736
rece.StringBlob(0, bodyByte736) // $ contentType=text/plain responseBody=bodyByte736
}
// func (*Context).Stringf(code int, format string, a ...interface{}) error
{
bodyString516 := source().(string)
bodyInterface246 := source().(interface{})
var rece clevergo.Context
rece.Stringf(0, bodyString516, bodyInterface246) // $contentType=text/plain $responseBody=bodyString516 $responseBody=bodyInterface246
rece.Stringf(0, bodyString516, bodyInterface246) // $ contentType=text/plain responseBody=bodyString516 responseBody=bodyInterface246
}
// func (*Context).XML(code int, data interface{}) error
{
bodyInterface679 := source().(interface{})
var rece clevergo.Context
rece.XML(0, bodyInterface679) // $contentType=text/xml $responseBody=bodyInterface679
rece.XML(0, bodyInterface679) // $ contentType=text/xml responseBody=bodyInterface679
}
// func (*Context).XMLBlob(code int, bs []byte) error
{
bodyByte736 := source().([]byte)
var rece clevergo.Context
rece.XMLBlob(0, bodyByte736) // $contentType=text/xml $responseBody=bodyByte736
rece.XMLBlob(0, bodyByte736) // $ contentType=text/xml responseBody=bodyByte736
}
}
}
@@ -105,13 +105,13 @@ func HttpResponseBody_ClevergoTechClevergoV052() {
{
bodyByte839 := source().([]byte)
var rece clevergo.Context
rece.Blob(0, "application/json", bodyByte839) // $contentType=application/json $responseBody=bodyByte839
rece.Blob(0, "application/json", bodyByte839) // $ contentType=application/json responseBody=bodyByte839
}
// func (*Context).Emit(code int, contentType string, body string) (err error)
{
bodyString273 := source().(string)
var rece clevergo.Context
rece.Emit(0, "application/json", bodyString273) // $contentType=application/json $responseBody=bodyString273
rece.Emit(0, "application/json", bodyString273) // $ contentType=application/json responseBody=bodyString273
}
}
}
@@ -123,13 +123,13 @@ func HttpResponseBody_ClevergoTechClevergoV052() {
{
bodyByte982 := source().([]byte)
var rece clevergo.Context
rece.Write(bodyByte982) // $responseBody=bodyByte982
rece.Write(bodyByte982) // $ responseBody=bodyByte982
}
// func (*Context).WriteString(data string) (int, error)
{
bodyString458 := source().(string)
var rece clevergo.Context
rece.WriteString(bodyString458) // $responseBody=bodyString458
rece.WriteString(bodyString458) // $ responseBody=bodyString458
}
}
}

14
ql/test/experimental/frameworks/CleverGo/TaintTracking.go
View File

@@ -17,7 +17,7 @@ func TaintTracking_ClevergoTechClevergoV052() {
{
fromString598 := source().(string)
intoString631 := clevergo.CleanPath(fromString598)
sink(intoString631) // $taintSink
sink(intoString631) // $ taintSink
}
}
// Taint-tracking through method calls.
@@ -30,13 +30,13 @@ func TaintTracking_ClevergoTechClevergoV052() {
fromString165 := source().(string)
var mediumObjCQL clevergo.Application
intoURL150, _ := mediumObjCQL.RouteURL(fromString165, "")
sink(intoURL150) // $taintSink
sink(intoURL150) // $ taintSink
}
{
fromString340 := source().(string)
var mediumObjCQL clevergo.Application
intoURL471, _ := mediumObjCQL.RouteURL("", fromString340)
sink(intoURL471) // $taintSink
sink(intoURL471) // $ taintSink
}
}
}
@@ -46,7 +46,7 @@ func TaintTracking_ClevergoTechClevergoV052() {
{
fromContext290 := source().(clevergo.Context)
intoContext758 := fromContext290.Context()
sink(intoContext758) // $taintSink
sink(intoContext758) // $ taintSink
}
}
// Taint-tracking through method calls on clevergo.tech/clevergo.Params.
@@ -55,7 +55,7 @@ func TaintTracking_ClevergoTechClevergoV052() {
{
fromParams396 := source().(clevergo.Params)
intoString707 := fromParams396.String("")
sink(intoString707) // $taintSink $untrustedFlowSource
sink(intoString707) // $ taintSink untrustedFlowSource
}
}
}
@@ -69,7 +69,7 @@ func TaintTracking_ClevergoTechClevergoV052() {
var intoInterface718 interface{}
var mediumObjCQL clevergo.Decoder
mediumObjCQL.Decode(fromRequest912, intoInterface718)
sink(intoInterface718) // $taintSink $untrustedFlowSource
sink(intoInterface718) // $ taintSink untrustedFlowSource
}
}
// Taint-tracking through method calls on clevergo.tech/clevergo.Renderer interface.
@@ -80,7 +80,7 @@ func TaintTracking_ClevergoTechClevergoV052() {
var intoWriter633 io.Writer
var mediumObjCQL clevergo.Renderer
mediumObjCQL.Render(intoWriter633, "", fromInterface972, nil)
sink(intoWriter633) // $taintSink
sink(intoWriter633) // $ taintSink
}
}
}

32
ql/test/experimental/frameworks/CleverGo/UntrustedSources.go
View File

@@ -15,8 +15,8 @@ func UntrustedSources_ClevergoTechClevergoV052() {
var receiverContext656 clevergo.Context
resultUsername414, resultPassword518, _ := receiverContext656.BasicAuth()
sink(
resultUsername414, // $untrustedFlowSource
resultPassword518, // $untrustedFlowSource
resultUsername414, // $ untrustedFlowSource
resultPassword518, // $ untrustedFlowSource
)
}
// func (*Context).Decode(v interface{}) (err error)
@@ -24,49 +24,49 @@ func UntrustedSources_ClevergoTechClevergoV052() {
var receiverContext650 clevergo.Context
var paramV784 interface{}
receiverContext650.Decode(paramV784)
sink(paramV784) // $untrustedFlowSource
sink(paramV784) // $ untrustedFlowSource
}
// func (*Context).DefaultQuery(key string, defaultVlue string) string
{
var receiverContext957 clevergo.Context
result520 := receiverContext957.DefaultQuery("", "")
sink(result520) // $untrustedFlowSource
sink(result520) // $ untrustedFlowSource
}
// func (*Context).FormValue(key string) string
{
var receiverContext443 clevergo.Context
result127 := receiverContext443.FormValue("")
sink(result127) // $untrustedFlowSource
sink(result127) // $ untrustedFlowSource
}
// func (*Context).GetHeader(name string) string
{
var receiverContext483 clevergo.Context
result989 := receiverContext483.GetHeader("")
sink(result989) // $untrustedFlowSource
sink(result989) // $ untrustedFlowSource
}
// func (*Context).PostFormValue(key string) string
{
var receiverContext982 clevergo.Context
result417 := receiverContext982.PostFormValue("")
sink(result417) // $untrustedFlowSource
sink(result417) // $ untrustedFlowSource
}
// func (*Context).QueryParam(key string) string
{
var receiverContext584 clevergo.Context
result991 := receiverContext584.QueryParam("")
sink(result991) // $untrustedFlowSource
sink(result991) // $ untrustedFlowSource
}
// func (*Context).QueryParams() net/url.Values
{
var receiverContext881 clevergo.Context
result186 := receiverContext881.QueryParams()
sink(result186) // $untrustedFlowSource
sink(result186) // $ untrustedFlowSource
}
// func (*Context).QueryString() string
{
var receiverContext284 clevergo.Context
result908 := receiverContext284.QueryString()
sink(result908) // $untrustedFlowSource
sink(result908) // $ untrustedFlowSource
}
}
// Untrusted flow sources from method calls on clevergo.tech/clevergo.Params.
@@ -75,7 +75,7 @@ func UntrustedSources_ClevergoTechClevergoV052() {
{
var receiverParams137 clevergo.Params
result494 := receiverParams137.String("")
sink(result494) // $untrustedFlowSource
sink(result494) // $ untrustedFlowSource
}
}
}
@@ -88,7 +88,7 @@ func UntrustedSources_ClevergoTechClevergoV052() {
var receiverDecoder873 clevergo.Decoder
var paramV599 interface{}
receiverDecoder873.Decode(nil, paramV599)
sink(paramV599) // $untrustedFlowSource
sink(paramV599) // $ untrustedFlowSource
}
}
}
@@ -97,14 +97,14 @@ func UntrustedSources_ClevergoTechClevergoV052() {
// Untrusted flow sources from clevergo.tech/clevergo.Context struct fields.
{
structContext409 := new(clevergo.Context)
sink(structContext409.Params) // $untrustedFlowSource
sink(structContext409.Params) // $ untrustedFlowSource
}
// Untrusted flow sources from clevergo.tech/clevergo.Param struct fields.
{
structParam246 := new(clevergo.Param)
sink(
structParam246.Key, // $untrustedFlowSource
structParam246.Value, // $untrustedFlowSource
structParam246.Key, // $ untrustedFlowSource
structParam246.Value, // $ untrustedFlowSource
)
}
}
@@ -112,7 +112,7 @@ func UntrustedSources_ClevergoTechClevergoV052() {
{
{
var typeParams898 clevergo.Params
sink(typeParams898) // $untrustedFlowSource
sink(typeParams898) // $ untrustedFlowSource
}
}
}

4
ql/test/experimental/frameworks/Fiber/HeaderWrite.go
View File

@@ -15,14 +15,14 @@ func HeaderWrite_GithubComGofiberFiberV1146() {
keyString378 := source().(string)
valString541 := source().(string)
var rece fiber.Ctx
rece.Append(keyString378, valString541) // $headerKeyNode=keyString378 $headerValNode=valString541
rece.Append(keyString378, valString541) // $ headerKeyNode=keyString378 headerValNode=valString541
}
// func (*Ctx).Set(key string, val string)
{
keyString139 := source().(string)
valString814 := source().(string)
var rece fiber.Ctx
rece.Set(keyString139, valString814) // $headerKeyNode=keyString139 $headerValNode=valString814
rece.Set(keyString139, valString814) // $ headerKeyNode=keyString139 headerValNode=valString814
}
}
}

2
ql/test/experimental/frameworks/Fiber/Redirect.go
View File

@@ -14,7 +14,7 @@ func Redirect_GithubComGofiberFiberV1146() {
{
urlString832 := source().(string)
var rece fiber.Ctx
rece.Redirect(urlString832, 0) // $redirectUrl=urlString832
rece.Redirect(urlString832, 0) // $ redirectUrl=urlString832
}
}
}

16
ql/test/experimental/frameworks/Fiber/ResponseBody.go
View File

@@ -18,13 +18,13 @@ func ResponseBody_GithubComGofiberFiberV1146() {
{
bodyInterface768 := source().(interface{})
var rece fiber.Ctx
rece.JSON(bodyInterface768) // $contentType=application/json $responseBody=bodyInterface768
rece.JSON(bodyInterface768) // $ contentType=application/json responseBody=bodyInterface768
}
// func (*Ctx).JSONP(data interface{}, callback ...string) error
{
bodyInterface468 := source().(interface{})
var rece fiber.Ctx
rece.JSONP(bodyInterface468, "") // $contentType=application/javascript $responseBody=bodyInterface468
rece.JSONP(bodyInterface468, "") // $ contentType=application/javascript responseBody=bodyInterface468
}
}
}
@@ -36,37 +36,37 @@ func ResponseBody_GithubComGofiberFiberV1146() {
{
bodyInterface736 := source().(interface{})
var rece fiber.Ctx
rece.Format(bodyInterface736) // $responseBody=bodyInterface736
rece.Format(bodyInterface736) // $ responseBody=bodyInterface736
}
// func (*Ctx).Send(bodies ...interface{})
{
bodyInterface516 := source().(interface{})
var rece fiber.Ctx
rece.Send(bodyInterface516) // $responseBody=bodyInterface516
rece.Send(bodyInterface516) // $ responseBody=bodyInterface516
}
// func (*Ctx).SendBytes(body []byte)
{
bodyByte246 := source().([]byte)
var rece fiber.Ctx
rece.SendBytes(bodyByte246) // $responseBody=bodyByte246
rece.SendBytes(bodyByte246) // $ responseBody=bodyByte246
}
// func (*Ctx).SendStream(stream io.Reader, size ...int)
{
bodyReader679 := source().(io.Reader)
var rece fiber.Ctx
rece.SendStream(bodyReader679, 0) // $responseBody=bodyReader679
rece.SendStream(bodyReader679, 0) // $ responseBody=bodyReader679
}
// func (*Ctx).SendString(body string)
{
bodyString736 := source().(string)
var rece fiber.Ctx
rece.SendString(bodyString736) // $responseBody=bodyString736
rece.SendString(bodyString736) // $ responseBody=bodyString736
}
// func (*Ctx).Write(bodies ...interface{})
{
bodyInterface839 := source().(interface{})
var rece fiber.Ctx
rece.Write(bodyInterface839) // $responseBody=bodyInterface839
rece.Write(bodyInterface839) // $ responseBody=bodyInterface839
}
}
}

28
ql/test/experimental/frameworks/Fiber/TaintTracking.go
View File

@@ -15,7 +15,7 @@ func TaintTracking_GithubComGofiberFiberV1146() {
{
fromString656 := source().(string)
intoError414 := fiber.NewError(0, fromString656)
sink(intoError414) // $taintSink
sink(intoError414) // $ taintSink
}
}
}
@@ -28,79 +28,79 @@ func TaintTracking_GithubComGofiberUtilsV0010() {
{
fromString989 := source().(string)
intoByte982 := utils.GetBytes(fromString989)
sink(intoByte982) // $taintSink
sink(intoByte982) // $ taintSink
}
// func GetString(b []byte) string
{
fromByte417 := source().([]byte)
intoString584 := utils.GetString(fromByte417)
sink(intoString584) // $taintSink
sink(intoString584) // $ taintSink
}
// func ImmutableString(s string) string
{
fromString991 := source().(string)
intoString881 := utils.ImmutableString(fromString991)
sink(intoString881) // $taintSink
sink(intoString881) // $ taintSink
}
// func ToLower(b string) string
{
fromString494 := source().(string)
intoString873 := utils.ToLower(fromString494)
sink(intoString873) // $taintSink
sink(intoString873) // $ taintSink
}
// func ToLowerBytes(b []byte) []byte
{
fromByte599 := source().([]byte)
intoByte409 := utils.ToLowerBytes(fromByte599)
sink(intoByte409) // $taintSink
sink(intoByte409) // $ taintSink
}
// func ToUpper(b string) string
{
fromString246 := source().(string)
intoString898 := utils.ToUpper(fromString246)
sink(intoString898) // $taintSink
sink(intoString898) // $ taintSink
}
// func ToUpperBytes(b []byte) []byte
{
fromByte598 := source().([]byte)
intoByte631 := utils.ToUpperBytes(fromByte598)
sink(intoByte631) // $taintSink
sink(intoByte631) // $ taintSink
}
// func Trim(s string, cutset byte) string
{
fromString165 := source().(string)
intoString150 := utils.Trim(fromString165, 0)
sink(intoString150) // $taintSink
sink(intoString150) // $ taintSink
}
// func TrimBytes(b []byte, cutset byte) []byte
{
fromByte340 := source().([]byte)
intoByte471 := utils.TrimBytes(fromByte340, 0)
sink(intoByte471) // $taintSink
sink(intoByte471) // $ taintSink
}
// func TrimLeft(s string, cutset byte) string
{
fromString290 := source().(string)
intoString758 := utils.TrimLeft(fromString290, 0)
sink(intoString758) // $taintSink
sink(intoString758) // $ taintSink
}
// func TrimLeftBytes(b []byte, cutset byte) []byte
{
fromByte396 := source().([]byte)
intoByte707 := utils.TrimLeftBytes(fromByte396, 0)
sink(intoByte707) // $taintSink
sink(intoByte707) // $ taintSink
}
// func TrimRight(s string, cutset byte) string
{
fromString912 := source().(string)
intoString718 := utils.TrimRight(fromString912, 0)
sink(intoString718) // $taintSink
sink(intoString718) // $ taintSink
}
// func TrimRightBytes(b []byte, cutset byte) []byte
{
fromByte972 := source().([]byte)
intoByte633 := utils.TrimRightBytes(fromByte972, 0)
sink(intoByte633) // $taintSink
sink(intoByte633) // $ taintSink
}
}
}

46
ql/test/experimental/frameworks/Fiber/UntrustedFlowSources.go
View File

@@ -14,105 +14,105 @@ func UntrustedFlowSources_GithubComGofiberFiberV1146() {
{
var receiverCtx273 fiber.Ctx
result982 := receiverCtx273.BaseURL()
sink(result982) // $untrustedFlowSource
sink(result982) // $ untrustedFlowSource
}
// func (*Ctx).Body() string
{
var receiverCtx458 fiber.Ctx
result506 := receiverCtx458.Body()
sink(result506) // $untrustedFlowSource
sink(result506) // $ untrustedFlowSource
}
// func (*Ctx).BodyParser(out interface{}) error
{
var receiverCtx213 fiber.Ctx
var paramOut468 interface{}
receiverCtx213.BodyParser(paramOut468)
sink(paramOut468) // $untrustedFlowSource
sink(paramOut468) // $ untrustedFlowSource
}
// func (*Ctx).Cookies(key string, defaultValue ...string) string
{
var receiverCtx219 fiber.Ctx
result265 := receiverCtx219.Cookies("", "")
sink(result265) // $untrustedFlowSource
sink(result265) // $ untrustedFlowSource
}
// func (*Ctx).FormFile(key string) (*mime/multipart.FileHeader, error)
{
var receiverCtx971 fiber.Ctx
result320, _ := receiverCtx971.FormFile("")
sink(result320) // $untrustedFlowSource
sink(result320) // $ untrustedFlowSource
}
// func (*Ctx).FormValue(key string) (value string)
{
var receiverCtx545 fiber.Ctx
resultValue566 := receiverCtx545.FormValue("")
sink(resultValue566) // $untrustedFlowSource
sink(resultValue566) // $ untrustedFlowSource
}
// func (*Ctx).Get(key string, defaultValue ...string) string
{
var receiverCtx497 fiber.Ctx
result274 := receiverCtx497.Get("", "")
sink(result274) // $untrustedFlowSource
sink(result274) // $ untrustedFlowSource
}
// func (*Ctx).Hostname() string
{
var receiverCtx783 fiber.Ctx
result905 := receiverCtx783.Hostname()
sink(result905) // $untrustedFlowSource
sink(result905) // $ untrustedFlowSource
}
// func (*Ctx).Method(override ...string) string
{
var receiverCtx389 fiber.Ctx
result198 := receiverCtx389.Method("")
sink(result198) // $untrustedFlowSource
sink(result198) // $ untrustedFlowSource
}
// func (*Ctx).MultipartForm() (*mime/multipart.Form, error)
{
var receiverCtx477 fiber.Ctx
result544, _ := receiverCtx477.MultipartForm()
sink(result544) // $untrustedFlowSource
sink(result544) // $ untrustedFlowSource
}
// func (*Ctx).OriginalURL() string
{
var receiverCtx382 fiber.Ctx
result715 := receiverCtx382.OriginalURL()
sink(result715) // $untrustedFlowSource
sink(result715) // $ untrustedFlowSource
}
// func (*Ctx).Params(key string, defaultValue ...string) string
{
var receiverCtx179 fiber.Ctx
result366 := receiverCtx179.Params("", "")
sink(result366) // $untrustedFlowSource
sink(result366) // $ untrustedFlowSource
}
// func (*Ctx).Path(override ...string) string
{
var receiverCtx648 fiber.Ctx
result544 := receiverCtx648.Path("")
sink(result544) // $untrustedFlowSource
sink(result544) // $ untrustedFlowSource
}
// func (*Ctx).Query(key string, defaultValue ...string) string
{
var receiverCtx754 fiber.Ctx
result680 := receiverCtx754.Query("", "")
sink(result680) // $untrustedFlowSource
sink(result680) // $ untrustedFlowSource
}
// func (*Ctx).QueryParser(out interface{}) error
{
var receiverCtx722 fiber.Ctx
var paramOut506 interface{}
receiverCtx722.QueryParser(paramOut506)
sink(paramOut506) // $untrustedFlowSource
sink(paramOut506) // $ untrustedFlowSource
}
// func (*Ctx).Range(size int) (rangeData Range, err error)
{
var receiverCtx121 fiber.Ctx
resultRangeData293, _ := receiverCtx121.Range(0)
sink(resultRangeData293) // $untrustedFlowSource
sink(resultRangeData293) // $ untrustedFlowSource
}
// func (*Ctx).Subdomains(offset ...int) []string
{
var receiverCtx151 fiber.Ctx
result849 := receiverCtx151.Subdomains(0)
sink(result849) // $untrustedFlowSource
sink(result849) // $ untrustedFlowSource
}
}
}
@@ -122,17 +122,17 @@ func UntrustedFlowSources_GithubComGofiberFiberV1146() {
{
structCookie322 := new(fiber.Cookie)
sink(
structCookie322.Domain, // $untrustedFlowSource
structCookie322.Name, // $untrustedFlowSource
structCookie322.Path, // $untrustedFlowSource
structCookie322.SameSite, // $untrustedFlowSource
structCookie322.Value, // $untrustedFlowSource
structCookie322.Domain, // $ untrustedFlowSource
structCookie322.Name, // $ untrustedFlowSource
structCookie322.Path, // $ untrustedFlowSource
structCookie322.SameSite, // $ untrustedFlowSource
structCookie322.Value, // $ untrustedFlowSource
)
}
// Untrusted flow sources from github.com/gofiber/fiber.Error struct fields.
{
structError339 := new(fiber.Error)
sink(structError339.Message) // $untrustedFlowSource
sink(structError339.Message) // $ untrustedFlowSource
}
}
}

4
ql/test/library-tests/semmle/go/concepts/HTTP/main.go
View File

@@ -57,9 +57,9 @@ func main() {
resp, _ := http.Get("https://example.com")
resp.Header.Set("This-Makes", "No sense")
http.HandleFunc("/foo", handler) // $handler="/foo"
http.HandleFunc("/foo", handler) // $ handler="/foo"
http.HandleFunc("/bar", func(w http.ResponseWriter, r *http.Request) { // $handler="/bar"
http.HandleFunc("/bar", func(w http.ResponseWriter, r *http.Request) { // $ handler="/bar"
fmt.Fprintf(w, "Hello, %q", html.EscapeString(r.URL.Path))
})
}

80
ql/test/library-tests/semmle/go/concepts/LoggerCall/glog.go
View File

@@ -9,45 +9,45 @@ import (
)
func glogTest() {
glog.Error(text) // $logger=text
glog.ErrorDepth(0, text) // $f-:logger=text
glog.Errorf(fmt, text) // $logger=fmt $logger=text
glog.Errorln(text) // $logger=text
glog.Exit(text) // $logger=text
glog.ExitDepth(0, text) // $f-:logger=text
glog.Exitf(fmt, text) // $logger=fmt $logger=text
glog.Exitln(text) // $logger=text
glog.Fatal(text) // $logger=text
glog.FatalDepth(0, text) // $f-:logger=text
glog.Fatalf(fmt, text) // $logger=fmt $logger=text
glog.Fatalln(text) // $logger=text
glog.Info(text) // $logger=text
glog.InfoDepth(0, text) // $f-:logger=text
glog.Infof(fmt, text) // $logger=fmt $logger=text
glog.Infoln(text) // $logger=text
glog.Warning(text) // $logger=text
glog.WarningDepth(0, text) // $f-:logger=text
glog.Warningf(fmt, text) // $logger=fmt $logger=text
glog.Warningln(text) // $logger=text
glog.Error(text) // $ logger=text
glog.ErrorDepth(0, text) // $ MISSING: logger=text
glog.Errorf(fmt, text) // $ logger=fmt logger=text
glog.Errorln(text) // $ logger=text
glog.Exit(text) // $ logger=text
glog.ExitDepth(0, text) // $ MISSING: logger=text
glog.Exitf(fmt, text) // $ logger=fmt logger=text
glog.Exitln(text) // $ logger=text
glog.Fatal(text) // $ logger=text
glog.FatalDepth(0, text) // $ MISSING: logger=text
glog.Fatalf(fmt, text) // $ logger=fmt logger=text
glog.Fatalln(text) // $ logger=text
glog.Info(text) // $ logger=text
glog.InfoDepth(0, text) // $ MISSING: logger=text
glog.Infof(fmt, text) // $ logger=fmt logger=text
glog.Infoln(text) // $ logger=text
glog.Warning(text) // $ logger=text
glog.WarningDepth(0, text) // $ MISSING: logger=text
glog.Warningf(fmt, text) // $ logger=fmt logger=text
glog.Warningln(text) // $ logger=text
klog.Error(text) // $logger=text
klog.ErrorDepth(0, text) // $f-:logger=text
klog.Errorf(fmt, text) // $logger=fmt $logger=text
klog.Errorln(text) // $logger=text
klog.Exit(text) // $logger=text
klog.ExitDepth(0, text) // $f-:logger=text
klog.Exitf(fmt, text) // $logger=fmt $logger=text
klog.Exitln(text) // $logger=text
klog.Fatal(text) // $logger=text
klog.FatalDepth(0, text) // $f-:logger=text
klog.Fatalf(fmt, text) // $logger=fmt $logger=text
klog.Fatalln(text) // $logger=text
klog.Info(text) // $logger=text
klog.InfoDepth(0, text) // $f-:logger=text
klog.Infof(fmt, text) // $logger=fmt $logger=text
klog.Infoln(text) // $logger=text
klog.Warning(text) // $logger=text
klog.WarningDepth(0, text) // $f-:logger=text
klog.Warningf(fmt, text) // $logger=fmt $logger=text
klog.Warningln(text) // $logger=text
klog.Error(text) // $ logger=text
klog.ErrorDepth(0, text) // $ MISSING: logger=text
klog.Errorf(fmt, text) // $ logger=fmt logger=text
klog.Errorln(text) // $ logger=text
klog.Exit(text) // $ logger=text
klog.ExitDepth(0, text) // $ MISSING: logger=text
klog.Exitf(fmt, text) // $ logger=fmt logger=text
klog.Exitln(text) // $ logger=text
klog.Fatal(text) // $ logger=text
klog.FatalDepth(0, text) // $ MISSING: logger=text
klog.Fatalf(fmt, text) // $ logger=fmt logger=text
klog.Fatalln(text) // $ logger=text
klog.Info(text) // $ logger=text
klog.InfoDepth(0, text) // $ MISSING: logger=text
klog.Infof(fmt, text) // $ logger=fmt logger=text
klog.Infoln(text) // $ logger=text
klog.Warning(text) // $ logger=text
klog.WarningDepth(0, text) // $ MISSING: logger=text
klog.Warningf(fmt, text) // $ logger=fmt logger=text
klog.Warningln(text) // $ logger=text
}

26
ql/test/library-tests/semmle/go/concepts/LoggerCall/logrus.go
View File

@@ -10,7 +10,7 @@ import (
)
func logSomething(entry *logrus.Entry) {
entry.Traceln(text) // $logger=text
entry.Traceln(text) // $ logger=text
}
func logrusCalls() {
@@ -18,18 +18,18 @@ func logrusCalls() {
var fields logrus.Fields = nil
var fn logrus.LogFunction = nil
var ctx context.Context
tmp := logrus.WithContext(ctx) // $logger=ctx
tmp.Debugf(fmt, text) // $logger=fmt $logger=text
tmp = logrus.WithError(err) // $logger=err
tmp.Warn(text) // $logger=text
tmp = logrus.WithFields(fields) // $logger=fields
tmp.Infoln(text) // $logger=text
tmp = logrus.WithFields(fields) // $logger=fields
tmp := logrus.WithContext(ctx) // $ logger=ctx
tmp.Debugf(fmt, text) // $ logger=fmt logger=text
tmp = logrus.WithError(err) // $ logger=err
tmp.Warn(text) // $ logger=text
tmp = logrus.WithFields(fields) // $ logger=fields
tmp.Infoln(text) // $ logger=text
tmp = logrus.WithFields(fields) // $ logger=fields
logSomething(tmp)
logrus.Error(text) // $logger=text
logrus.Fatalf(fmt, text) // $logger=fmt $logger=text
logrus.Panicln(text) // $logger=text
logrus.Infof(fmt, text) // $logger=fmt $logger=text
logrus.FatalFn(fn) // $logger=fn
logrus.Error(text) // $ logger=text
logrus.Fatalf(fmt, text) // $ logger=fmt logger=text
logrus.Panicln(text) // $ logger=text
logrus.Infof(fmt, text) // $ logger=fmt logger=text
logrus.FatalFn(fn) // $ logger=fn
}

36
ql/test/library-tests/semmle/go/concepts/LoggerCall/stdlib.go
View File

@@ -7,24 +7,24 @@ import (
func stdlib() {
var logger log.Logger
logger.SetPrefix("prefix: ")
logger.Fatal(text) // $logger=text
logger.Fatalf(fmt, text) // $logger=fmt $logger=text
logger.Fatalln(text) // $logger=text
logger.Panic(text) // $logger=text
logger.Panicf(fmt, text) // $logger=fmt $logger=text
logger.Panicln(text) // $logger=text
logger.Print(text) // $logger=text
logger.Printf(fmt, text) // $logger=fmt $logger=text
logger.Println(text) // $logger=text
logger.Fatal(text) // $ logger=text
logger.Fatalf(fmt, text) // $ logger=fmt logger=text
logger.Fatalln(text) // $ logger=text
logger.Panic(text) // $ logger=text
logger.Panicf(fmt, text) // $ logger=fmt logger=text
logger.Panicln(text) // $ logger=text
logger.Print(text) // $ logger=text
logger.Printf(fmt, text) // $ logger=fmt logger=text
logger.Println(text) // $ logger=text
log.SetPrefix("prefix: ")
log.Fatal(text) // $logger=text
log.Fatalf(fmt, text) // $logger=fmt $logger=text
log.Fatalln(text) // $logger=text
log.Panic(text) // $logger=text
log.Panicf(fmt, text) // $logger=fmt $logger=text
log.Panicln(text) // $logger=text
log.Print(text) // $logger=text
log.Printf(fmt, text) // $logger=fmt $logger=text
log.Println(text) // $logger=text
log.Fatal(text) // $ logger=text
log.Fatalf(fmt, text) // $ logger=fmt logger=text
log.Fatalln(text) // $ logger=text
log.Panic(text) // $ logger=text
log.Panicf(fmt, text) // $ logger=fmt logger=text
log.Panicln(text) // $ logger=text
log.Print(text) // $ logger=text
log.Printf(fmt, text) // $ logger=fmt logger=text
log.Println(text) // $ logger=text
}

146
ql/test/library-tests/semmle/go/dataflow/GuardingFunctions/test.go
View File

@@ -342,7 +342,7 @@ func test() {
{
s := source()
if guardBool(s) {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
} else {
sink(s)
}
@@ -351,7 +351,7 @@ func test() {
{
s := source()
if guardBoolStmt(s) {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
} else {
sink(s)
}
@@ -362,7 +362,7 @@ func test() {
if juggleParams("other arg", s) {
sink(s)
} else {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
}
}
@@ -371,14 +371,14 @@ func test() {
if guardBoolNeg(s) {
sink(s)
} else {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
}
}
{
s := source()
if guardBoolCmp(s) {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
} else {
sink(s)
}
@@ -389,14 +389,14 @@ func test() {
if guardBoolNegCmp(s) {
sink(s)
} else {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
}
}
{
s := source()
if guardBoolLOrLhs(s) {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
} else {
sink(s)
}
@@ -405,16 +405,16 @@ func test() {
{
s := source()
if guardBoolLOrNegLhs(s) {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
} else {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
}
}
{
s := source()
if guardBoolLOrRhs(s) {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
} else {
sink(s)
}
@@ -423,18 +423,18 @@ func test() {
{
s := source()
if guardBoolLOrNegRhs(s) {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
} else {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
}
}
{
s := source()
if guardBoolLAndLhs(s) {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
} else {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
}
}
@@ -443,16 +443,16 @@ func test() {
if guardBoolLAndNegLhs(s) {
sink(s)
} else {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
}
}
{
s := source()
if guardBoolLAndRhs(s) {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
} else {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
}
}
@@ -461,14 +461,14 @@ func test() {
if guardBoolLAndNegRhs(s) {
sink(s)
} else {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
}
}
{
s := source()
if guardBoolProxy(s) {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
} else {
sink(s)
}
@@ -479,14 +479,14 @@ func test() {
if guardBoolNegProxy(s) {
sink(s)
} else {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
}
}
{
s := source()
if guardBoolCmpProxy(s) {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
} else {
sink(s)
}
@@ -497,14 +497,14 @@ func test() {
if guardBoolNegCmpProxy(s) {
sink(s)
} else {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
}
}
{
s := source()
if guardBoolLOrLhsProxy(s) {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
} else {
sink(s)
}
@@ -513,16 +513,16 @@ func test() {
{
s := source()
if guardBoolLOrNegLhsProxy(s) {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
} else {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
}
}
{
s := source()
if guardBoolLOrRhsProxy(s) {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
} else {
sink(s)
}
@@ -531,18 +531,18 @@ func test() {
{
s := source()
if guardBoolLOrNegRhsProxy(s) {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
} else {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
}
}
{
s := source()
if guardBoolLAndLhsProxy(s) {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
} else {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
}
}
@@ -551,16 +551,16 @@ func test() {
if guardBoolLAndNegLhsProxy(s) {
sink(s)
} else {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
}
}
{
s := source()
if guardBoolLAndRhsProxy(s) {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
} else {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
}
}
@@ -569,7 +569,7 @@ func test() {
if guardBoolLAndNegRhsProxy(s) {
sink(s)
} else {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
}
}
@@ -578,14 +578,14 @@ func test() {
if guardProxyNilToBool(s) {
sink(s)
} else {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
}
}
{
s := source()
if guardNeqProxyNilToBool(s) {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
} else {
sink(s)
}
@@ -594,7 +594,7 @@ func test() {
{
s := source()
if guardNotEqProxyNilToBool(s) {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
} else {
sink(s)
}
@@ -603,7 +603,7 @@ func test() {
{
s := source()
if guardLOrLhsProxyNilToBool(s) {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
} else {
sink(s)
}
@@ -612,16 +612,16 @@ func test() {
{
s := source()
if guardLOrNegLhsProxyNilToBool(s) {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
} else {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
}
}
{
s := source()
if guardLOrRhsProxyNilToBool(s) {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
} else {
sink(s)
}
@@ -630,18 +630,18 @@ func test() {
{
s := source()
if guardLOrNegRhsProxyNilToBool(s) {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
} else {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
}
}
{
s := source()
if guardLAndLhsProxyNilToBool(s) {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
} else {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
}
}
@@ -650,16 +650,16 @@ func test() {
if guardLAndNegLhsProxyNilToBool(s) {
sink(s)
} else {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
}
}
{
s := source()
if guardLAndRhsProxyNilToBool(s) {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
} else {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
}
}
@@ -668,7 +668,7 @@ func test() {
if guardLAndNegRhsProxyNilToBool(s) {
sink(s)
} else {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
}
}
@@ -677,7 +677,7 @@ func test() {
if guard(s) == nil {
sink(s)
} else {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
}
}
@@ -686,14 +686,14 @@ func test() {
if guardBoolProxyToNil(s) == nil {
sink(s)
} else {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
}
}
{
s := source()
if guardBoolNegProxyToNil(s) == nil {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
} else {
sink(s)
}
@@ -704,14 +704,14 @@ func test() {
if guardBoolCmpProxyToNil(s) == nil {
sink(s)
} else {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
}
}
{
s := source()
if guardBoolNegCmpProxyToNil(s) == nil {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
} else {
sink(s)
}
@@ -722,16 +722,16 @@ func test() {
if guardBoolLOrLhsProxyToNil(s) == nil {
sink(s)
} else {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
}
}
{
s := source()
if guardBoolLOrNegLhsProxyToNil(s) == nil {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
} else {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
}
}
@@ -740,32 +740,32 @@ func test() {
if guardBoolLOrRhsProxyToNil(s) == nil {
sink(s)
} else {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
}
}
{
s := source()
if guardBoolLOrNegRhsProxyToNil(s) == nil {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
} else {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
}
}
{
s := source()
if guardBoolLAndLhsProxyToNil(s) == nil {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
} else {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
}
}
{
s := source()
if guardBoolLAndNegLhsProxyToNil(s) == nil {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
} else {
sink(s)
}
@@ -774,16 +774,16 @@ func test() {
{
s := source()
if guardBoolLAndRhsProxyToNil(s) == nil {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
} else {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
}
}
{
s := source()
if guardBoolLAndNegRhsProxyToNil(s) == nil {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
} else {
sink(s)
}
@@ -794,7 +794,7 @@ func test() {
if directProxyNil(s) == nil {
sink(s)
} else {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
}
}
@@ -803,7 +803,7 @@ func test() {
if deeplyNestedConditionalLeft(s) {
sink(s)
} else {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
}
}
@@ -812,7 +812,7 @@ func test() {
if deeplyNestedConditionalMiddle(s) {
sink(s)
} else {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
}
}
@@ -821,7 +821,7 @@ func test() {
if deeplyNestedConditionalRight(s) {
sink(s)
} else {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
}
}
@@ -832,7 +832,7 @@ func test() {
s := source()
isInvalid := guardBool(s)
if isInvalid {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
} else {
sink(s)
}
@@ -842,9 +842,9 @@ func test() {
s := source()
isValid := !guardBool(s)
if isValid {
sink(s) // $f+:dataflow=s
sink(s) // $ SPURIOUS: dataflow=s
} else {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
}
}

18
ql/test/library-tests/semmle/go/dataflow/ListOfConstantsSanitizerGuards/test.go
View File

@@ -138,14 +138,14 @@ func main() {
if switchStatementReturningTrueOnlyWhenConstant(s) {
sink(s)
} else {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
}
}
{
s := source()
if switchStatementReturningFalseOnlyWhenConstant("", s) {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
} else {
sink(s)
}
@@ -157,7 +157,7 @@ func main() {
if err != nil {
sink(s)
} else {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
}
}
@@ -166,7 +166,7 @@ func main() {
if switchStatementReturningNilOnlyWhenConstant(s) == nil {
sink(s)
} else {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
}
}
@@ -175,25 +175,25 @@ func main() {
if multipleSwitchStatementReturningTrueOnlyWhenConstant(s, getRandomString()) {
sink(s)
} else {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
}
}
{
s := source()
if switchStatementWithoutUsefulInfo(s) {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
} else {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
}
}
{
s := source()
if switchStatementOverRandomString(s) {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
} else {
sink(s) // $dataflow=s
sink(s) // $ dataflow=s
}
}

128
ql/test/library-tests/semmle/go/dataflow/PromotedFields/main.go
View File

@@ -22,130 +22,130 @@ func testPromotedFieldNamedInitialization() {
outer := Outer{
Middle: Middle{Inner: Inner{source()}},
}
sink(outer.field) // $promotedfields
sink(outer.Inner.field) // $promotedfields
sink(outer.Middle.field) // $promotedfields
sink(outer.Middle.Inner.field) // $promotedfields
sink(outer.field) // $ promotedfields
sink(outer.Inner.field) // $ promotedfields
sink(outer.Middle.field) // $ promotedfields
sink(outer.Middle.Inner.field) // $ promotedfields
outerp := &Outer{
Middle: Middle{Inner: Inner{source()}},
}
sink(outerp.field) // $promotedfields
sink(outerp.Inner.field) // $promotedfields
sink(outerp.Middle.field) // $promotedfields
sink(outerp.Middle.Inner.field) // $promotedfields
sink(outerp.field) // $ promotedfields
sink(outerp.Inner.field) // $ promotedfields
sink(outerp.Middle.field) // $ promotedfields
sink(outerp.Middle.Inner.field) // $ promotedfields
}
func testPromotedFieldUnnamedInitialization() {
outer := Outer{Middle{Inner{source()}}}
sink(outer.field) // $promotedfields
sink(outer.Inner.field) // $promotedfields
sink(outer.Middle.field) // $promotedfields
sink(outer.Middle.Inner.field) // $promotedfields
sink(outer.field) // $ promotedfields
sink(outer.Inner.field) // $ promotedfields
sink(outer.Middle.field) // $ promotedfields
sink(outer.Middle.Inner.field) // $ promotedfields
outerp := &Outer{Middle{Inner{source()}}}
sink(outerp.field) // $promotedfields
sink(outerp.Inner.field) // $promotedfields
sink(outerp.Middle.field) // $promotedfields
sink(outerp.Middle.Inner.field) // $promotedfields
sink(outerp.field) // $ promotedfields
sink(outerp.Inner.field) // $ promotedfields
sink(outerp.Middle.field) // $ promotedfields
sink(outerp.Middle.Inner.field) // $ promotedfields
}
func testPromotedFieldUnnamedInitializationFromVariable() {
inner := Inner{source()}
middle := Middle{inner}
outer := Outer{middle}
sink(outer.field) // $promotedfields
sink(outer.Inner.field) // $promotedfields
sink(outer.Middle.field) // $promotedfields
sink(outer.Middle.Inner.field) // $promotedfields
sink(outer.field) // $ promotedfields
sink(outer.Inner.field) // $ promotedfields
sink(outer.Middle.field) // $ promotedfields
sink(outer.Middle.Inner.field) // $ promotedfields
innerp := Inner{source()}
middlep := Middle{innerp}
outerp := Outer{middlep}
sink(outerp.field) // $promotedfields
sink(outerp.Inner.field) // $promotedfields
sink(outerp.Middle.field) // $promotedfields
sink(outerp.Middle.Inner.field) // $promotedfields
sink(outerp.field) // $ promotedfields
sink(outerp.Inner.field) // $ promotedfields
sink(outerp.Middle.field) // $ promotedfields
sink(outerp.Middle.Inner.field) // $ promotedfields
}
func testPromotedFieldNamedInitializationFromVariable() {
inner := Inner{source()}
middle := Middle{Inner: inner}
outer := Outer{Middle: middle}
sink(outer.field) // $promotedfields
sink(outer.Inner.field) // $promotedfields
sink(outer.Middle.field) // $promotedfields
sink(outer.Middle.Inner.field) // $promotedfields
sink(outer.field) // $ promotedfields
sink(outer.Inner.field) // $ promotedfields
sink(outer.Middle.field) // $ promotedfields
sink(outer.Middle.Inner.field) // $ promotedfields
innerp := Inner{source()}
middlep := Middle{Inner: innerp}
outerp := Outer{Middle: middlep}
sink(outerp.field) // $promotedfields
sink(outerp.Inner.field) // $promotedfields
sink(outerp.Middle.field) // $promotedfields
sink(outerp.Middle.Inner.field) // $promotedfields
sink(outerp.field) // $ promotedfields
sink(outerp.Inner.field) // $ promotedfields
sink(outerp.Middle.field) // $ promotedfields
sink(outerp.Middle.Inner.field) // $ promotedfields
}
func testPromotedFieldDirectAssignment() {
var outer Outer
outer.field = source()
sink(outer.field) // $promotedfields
sink(outer.Inner.field) // $promotedfields
sink(outer.Middle.field) // $promotedfields
sink(outer.Middle.Inner.field) // $promotedfields
sink(outer.field) // $ promotedfields
sink(outer.Inner.field) // $ promotedfields
sink(outer.Middle.field) // $ promotedfields
sink(outer.Middle.Inner.field) // $ promotedfields
var outerp Outer
outerp.field = source()
sink(outerp.field) // $promotedfields
sink(outerp.Inner.field) // $promotedfields
sink(outerp.Middle.field) // $promotedfields
sink(outerp.Middle.Inner.field) // $promotedfields
sink(outerp.field) // $ promotedfields
sink(outerp.Inner.field) // $ promotedfields
sink(outerp.Middle.field) // $ promotedfields
sink(outerp.Middle.Inner.field) // $ promotedfields
}
func testPromotedFieldIndirectAssignment1() {
var outer Outer
outer.Inner.field = source()
sink(outer.field) // $promotedfields
sink(outer.Inner.field) // $promotedfields
sink(outer.Middle.field) // $promotedfields
sink(outer.Middle.Inner.field) // $promotedfields
sink(outer.field) // $ promotedfields
sink(outer.Inner.field) // $ promotedfields
sink(outer.Middle.field) // $ promotedfields
sink(outer.Middle.Inner.field) // $ promotedfields
var outerp Outer
outerp.Inner.field = source()
sink(outerp.field) // $promotedfields
sink(outerp.Inner.field) // $promotedfields
sink(outerp.Middle.field) // $promotedfields
sink(outerp.Middle.Inner.field) // $promotedfields
sink(outerp.field) // $ promotedfields
sink(outerp.Inner.field) // $ promotedfields
sink(outerp.Middle.field) // $ promotedfields
sink(outerp.Middle.Inner.field) // $ promotedfields
}
func testPromotedFieldIndirectAssignment2() {
var outer Outer
outer.Middle.field = source()
sink(outer.field) // $promotedfields
sink(outer.Inner.field) // $promotedfields
sink(outer.Middle.field) // $promotedfields
sink(outer.Middle.Inner.field) // $promotedfields
sink(outer.field) // $ promotedfields
sink(outer.Inner.field) // $ promotedfields
sink(outer.Middle.field) // $ promotedfields
sink(outer.Middle.Inner.field) // $ promotedfields
var outerp Outer
outerp.Middle.field = source()
sink(outerp.field) // $promotedfields
sink(outerp.Inner.field) // $promotedfields
sink(outerp.Middle.field) // $promotedfields
sink(outerp.Middle.Inner.field) // $promotedfields
sink(outerp.field) // $ promotedfields
sink(outerp.Inner.field) // $ promotedfields
sink(outerp.Middle.field) // $ promotedfields
sink(outerp.Middle.Inner.field) // $ promotedfields
}
func testPromotedFieldIndirectAssignment3() {
var outer Outer
outer.Middle.Inner.field = source()
sink(outer.field) // $promotedfields
sink(outer.Inner.field) // $promotedfields
sink(outer.Middle.field) // $promotedfields
sink(outer.Middle.Inner.field) // $promotedfields
sink(outer.field) // $ promotedfields
sink(outer.Inner.field) // $ promotedfields
sink(outer.Middle.field) // $ promotedfields
sink(outer.Middle.Inner.field) // $ promotedfields
var outerp Outer
outerp.Middle.Inner.field = source()
sink(outerp.field) // $promotedfields
sink(outerp.Inner.field) // $promotedfields
sink(outerp.Middle.field) // $promotedfields
sink(outerp.Middle.Inner.field) // $promotedfields
sink(outerp.field) // $ promotedfields
sink(outerp.Inner.field) // $ promotedfields
sink(outerp.Middle.field) // $ promotedfields
sink(outerp.Middle.Inner.field) // $ promotedfields
}

12
ql/test/library-tests/semmle/go/dataflow/PromotedMethods/methods.go
View File

@@ -19,27 +19,27 @@ type Base2 struct {
}
func (e Embedded) sinkFieldOnEmbeddedNonPointerReceiver() {
sink(e.field) // $promotedmethods=nonPointerSender1 $promotedmethods=pointerSender1 $promotedmethods=nonPointerSender2 $promotedmethods=pointerSender2
sink(e.field) // $ promotedmethods=nonPointerSender1 promotedmethods=pointerSender1 promotedmethods=nonPointerSender2 promotedmethods=pointerSender2
}
func (e *Embedded) sinkFieldOnEmbeddedPointerReceiver() {
sink(e.field) // $f-:promotedmethods=nonPointerSender1 $f-:promotedmethods=pointerSender1 $f-:promotedmethods=nonPointerSender2 $f-:promotedmethods=pointerSender2
sink(e.field) // $ MISSING: promotedmethods=nonPointerSender1 promotedmethods=pointerSender1 promotedmethods=nonPointerSender2 promotedmethods=pointerSender2
}
func (base1 Base1) sinkFieldOnBase1NonPointerReceiver() {
sink(base1.field) // $promotedmethods=nonPointerSender1 $promotedmethods=pointerSender1
sink(base1.field) // $ promotedmethods=nonPointerSender1 promotedmethods=pointerSender1
}
func (base1 *Base1) sinkFieldOnBase1PointerReceiver() {
sink(base1.field) // $f-:promotedmethods=nonPointerSender1 $promotedmethods=pointerSender1
sink(base1.field) // $ promotedmethods=pointerSender1 MISSING: promotedmethods=nonPointerSender1
}
func (base2 Base2) sinkFieldOnBase2NonPointerReceiver() {
sink(base2.field) // $promotedmethods=nonPointerSender2 $promotedmethods=pointerSender2
sink(base2.field) // $ promotedmethods=nonPointerSender2 promotedmethods=pointerSender2
}
func (base2 *Base2) sinkFieldOnBase2PointerReceiver() {
sink(base2.field) // $f-:promotedmethods=nonPointerSender2 $promotedmethods=pointerSender2
sink(base2.field) // $ promotedmethods=pointerSender2 MISSING: promotedmethods=nonPointerSender2
}
func nonPointerSender1() {

10
ql/test/library-tests/semmle/go/dataflow/TypeAssertions/test.go
View File

@@ -8,23 +8,23 @@ func sink(p interface{}) {}
func test() (bool, *string) {
ptr := src()
sink(ptr) // $dataflow=ptr
sink(ptr) // $ dataflow=ptr
cast := ptr.(*string)
sink(cast) // $dataflow=cast
sink(cast) // $ dataflow=cast
cast2, ok := ptr.(*string)
if !ok {
return true, nil
}
sink(cast2) // $dataflow=cast2
sink(cast2) // $ dataflow=cast2
var cast3, ok2 = ptr.(*string)
if !ok2 {
return true, nil
}
sink(cast3) // $dataflow=cast3
sink(cast3) // $ dataflow=cast3
cast2, ok = ptr.(*string)
if !ok {
return true, nil
}
sink(cast2) // $dataflow=cast2
sink(cast2) // $ dataflow=cast2
return true, nil
}

4
ql/test/library-tests/semmle/go/frameworks/CouchbaseV1/test.go
View File

@@ -19,7 +19,7 @@ func analyticsQuery(bucket gocb.Bucket, untrustedSource *http.Request) {
q5 := q4.RawParam("name", nil)
duration, _ := time.ParseDuration("300s")
q6 := q5.ServerSideTimeout(duration)
bucket.ExecuteAnalyticsQuery(q6, nil) // $sqlinjection=q6
bucket.ExecuteAnalyticsQuery(q6, nil) // $ sqlinjection=q6
}
func n1qlQuery(cluster gocb.Cluster, untrustedSource *http.Request) {
@@ -36,5 +36,5 @@ func n1qlQuery(cluster gocb.Cluster, untrustedSource *http.Request) {
q9 := q8.ScanCap(10)
duration, _ := time.ParseDuration("300s")
q10 := q9.Timeout(duration)
cluster.ExecuteN1qlQuery(q10, nil) // $sqlinjection=q10
cluster.ExecuteN1qlQuery(q10, nil) // $ sqlinjection=q10
}

13
ql/test/library-tests/semmle/go/frameworks/ElazarlGoproxy/main.go
View File

@@ -4,22 +4,23 @@ package main
import (
"fmt"
"github.com/elazarl/goproxy"
"net/http"
"github.com/elazarl/goproxy"
)
func handler(r *http.Request, ctx *goproxy.ProxyCtx) (*http.Request, *http.Response) {
data := ctx.UserData // $untrustedflowsource=selection of UserData
data := ctx.UserData // $ untrustedflowsource="selection of UserData"
// note no content type result here because we don't seem to extract the value of `ContentTypeHtml`
return r, goproxy.NewResponse(r, goproxy.ContentTypeHtml, http.StatusForbidden, fmt.Sprintf("<body>Bad request: %v</body>", data)) // $headerwrite=status:403
return r, goproxy.NewResponse(r, goproxy.ContentTypeHtml, http.StatusForbidden, fmt.Sprintf("<body>Bad request: %v</body>", data)) // $ headerwrite=status:403
}
func handler1(r *http.Request, ctx *goproxy.ProxyCtx) (*http.Request, *http.Response) {
ctx.Logf("test") // $logger="test"
ctx.Warnf("test1") // $logger="test1"
ctx.Logf("test") // $ logger="test"
ctx.Warnf("test1") // $ logger="test1"
return r, goproxy.TextResponse(r, "Hello!") // $headerwrite=status:200 $headerwrite=content-type:text/plain
return r, goproxy.TextResponse(r, "Hello!") // $ headerwrite=status:200 headerwrite=content-type:text/plain
}
func main() {

2
ql/test/library-tests/semmle/go/frameworks/ElazarlGoproxy/test.ql
View File

@@ -9,7 +9,7 @@ class UntrustedFlowSourceTest extends InlineExpectationsTest {
override predicate hasActualResult(string file, int line, string element, string tag, string value) {
tag = "untrustedflowsource" and
value = element and
exists(UntrustedFlowSource src | value = src.toString() |
exists(UntrustedFlowSource src | value = "\"" + src.toString() + "\"" |
src.hasLocationInfo(file, line, _, _, _)
)
}

22
ql/test/library-tests/semmle/go/frameworks/EvanphxJsonPatch/main.go
View File

@@ -25,40 +25,40 @@ func main() {
// func MergeMergePatches(patch1Data, patch2Data []byte) ([]byte, error)
b1, _ := patch.MergeMergePatches(getTaintedByteArray(), untaintedByteArray)
sinkByteArray(b1) // $taintflow
sinkByteArray(b1) // $ taintflow
b2, _ := patch.MergeMergePatches(untaintedByteArray, getTaintedByteArray())
sinkByteArray(b2) // $taintflow
sinkByteArray(b2) // $ taintflow
// func MergePatch(docData, patchData []byte) ([]byte, error)
b3, _ := patch.MergePatch(getTaintedByteArray(), untaintedByteArray)
sinkByteArray(b3) // $taintflow
sinkByteArray(b3) // $ taintflow
b4, _ := patch.MergePatch(untaintedByteArray, getTaintedByteArray())
sinkByteArray(b4) // $taintflow
sinkByteArray(b4) // $ taintflow
// func CreateMergePatch(originalJSON, modifiedJSON []byte) ([]byte, error)
b5, _ := patch.CreateMergePatch(getTaintedByteArray(), untaintedByteArray)
sinkByteArray(b5) // $taintflow
sinkByteArray(b5) // $ taintflow
b6, _ := patch.CreateMergePatch(untaintedByteArray, getTaintedByteArray())
sinkByteArray(b6) // $taintflow
sinkByteArray(b6) // $ taintflow
// func DecodePatch(buf []byte) (Patch, error)
p7, _ := patch.DecodePatch(getTaintedByteArray())
sinkPatch(p7) // $taintflow
sinkPatch(p7) // $ taintflow
// func (p Patch) Apply(doc []byte) ([]byte, error)
b8, _ := untaintedPatch.Apply(getTaintedByteArray())
sinkByteArray(b8) // $taintflow
sinkByteArray(b8) // $ taintflow
b9, _ := getTaintedPatch().Apply(untaintedByteArray)
sinkByteArray(b9) // $taintflow
sinkByteArray(b9) // $ taintflow
// func (p Patch) ApplyIndent(doc []byte, indent string) ([]byte, error)
b10, _ := untaintedPatch.ApplyIndent(getTaintedByteArray(), " ")
sinkByteArray(b10) // $taintflow
sinkByteArray(b10) // $ taintflow
b11, _ := getTaintedPatch().ApplyIndent(untaintedByteArray, " ")
sinkByteArray(b11) // $taintflow
sinkByteArray(b11) // $ taintflow
}

5
ql/test/library-tests/semmle/go/frameworks/GoKit/main.go
View File

@@ -2,6 +2,7 @@ package main
import (
"context"
"github.com/go-kit/kit/endpoint"
)
@@ -11,12 +12,12 @@ type MyService interface {
}
func makeEndpointLit(svc MyService) endpoint.Endpoint {
return func(_ context.Context, request interface{}) (interface{}, error) { // $source=definition of request
return func(_ context.Context, request interface{}) (interface{}, error) { // $ source="definition of request"
return request, nil
}
}
func endpointfn(_ context.Context, request interface{}) (interface{}, error) { // $source=definition of request
func endpointfn(_ context.Context, request interface{}) (interface{}, error) { // $ source="definition of request"
return request, nil
}

2
ql/test/library-tests/semmle/go/frameworks/GoKit/untrustedflowsource.ql
View File

@@ -11,7 +11,7 @@ class UntrustedFlowSourceTest extends InlineExpectationsTest {
exists(UntrustedFlowSource source |
source.hasLocationInfo(file, line, _, _, _) and
element = source.toString() and
value = source.toString() and
value = "\"" + source.toString() + "\"" and
tag = "source"
)
}

28
ql/test/library-tests/semmle/go/frameworks/K8sIoApiCoreV1/main.go
View File

@@ -19,76 +19,76 @@ func main() {
{
// func (in *Secret) DeepCopy() *Secret
sink(source().(*corev1.Secret).DeepCopy()) // $KsIoApiCoreV
sink(source().(*corev1.Secret).DeepCopy()) // $ KsIoApiCoreV
}
{
// func (in *Secret) DeepCopyInto(out *Secret)
var out *corev1.Secret
source().(*corev1.Secret).DeepCopyInto(out)
sink(out) // $KsIoApiCoreV
sink(out) // $ KsIoApiCoreV
}
{
// func (in *Secret) DeepCopyObject() runtime.Object
sink(source().(*corev1.Secret).DeepCopyObject()) // $KsIoApiCoreV
sink(source().(*corev1.Secret).DeepCopyObject()) // $ KsIoApiCoreV
}
{
// func (m *Secret) Marshal() (dAtA []byte, err error)
sink(source().(*corev1.Secret).Marshal()) // $KsIoApiCoreV
sink(source().(*corev1.Secret).Marshal()) // $ KsIoApiCoreV
}
{
// func (m *Secret) MarshalTo(dAtA []byte) (int, error)
var dAtA []byte
source().(*corev1.Secret).MarshalTo(dAtA)
sink(dAtA) // $KsIoApiCoreV
sink(dAtA) // $ KsIoApiCoreV
}
{
// func (m *Secret) MarshalToSizedBuffer(dAtA []byte) (int, error)
var dAtA []byte
source().(*corev1.Secret).MarshalToSizedBuffer(dAtA)
sink(dAtA) // $KsIoApiCoreV
sink(dAtA) // $ KsIoApiCoreV
}
{
// func (m *Secret) Unmarshal(dAtA []byte) error
var dAtA []byte
source().(*corev1.Secret).Unmarshal(dAtA)
sink(dAtA) // $KsIoApiCoreV
sink(dAtA) // $ KsIoApiCoreV
}
{
// func (in *SecretList) DeepCopy() *SecretList
sink(source().(*corev1.SecretList).DeepCopy()) // $KsIoApiCoreV
sink(source().(*corev1.SecretList).DeepCopy()) // $ KsIoApiCoreV
}
{
// func (in *SecretList) DeepCopyInto(out *SecretList)
var out *corev1.SecretList
source().(*corev1.SecretList).DeepCopyInto(out)
sink(out) // $KsIoApiCoreV
sink(out) // $ KsIoApiCoreV
}
{
// func (in *SecretList) DeepCopyObject() runtime.Object
sink(source().(*corev1.SecretList).DeepCopyObject()) // $KsIoApiCoreV
sink(source().(*corev1.SecretList).DeepCopyObject()) // $ KsIoApiCoreV
}
{
// func (m *SecretList) Marshal() (dAtA []byte, err error)
sink(source().(*corev1.SecretList).Marshal()) // $KsIoApiCoreV
sink(source().(*corev1.SecretList).Marshal()) // $ KsIoApiCoreV
}
{
// func (m *SecretList) MarshalTo(dAtA []byte) (int, error)
var dAtA []byte
source().(*corev1.SecretList).MarshalTo(dAtA)
sink(dAtA) // $KsIoApiCoreV
sink(dAtA) // $ KsIoApiCoreV
}
{
// func (m *SecretList) MarshalToSizedBuffer(dAtA []byte) (int, error)
var dAtA []byte
source().(*corev1.SecretList).MarshalToSizedBuffer(dAtA)
sink(dAtA) // $KsIoApiCoreV
sink(dAtA) // $ KsIoApiCoreV
}
{
// func (m *SecretList) Unmarshal(dAtA []byte) error
var dAtA []byte
source().(*corev1.SecretList).Unmarshal(dAtA)
sink(dAtA) // $KsIoApiCoreV
sink(dAtA) // $ KsIoApiCoreV
}
}

106
ql/test/library-tests/semmle/go/frameworks/K8sIoApimachineryPkgRuntime/main.go
View File

@@ -31,93 +31,93 @@ func main() {
// func Convert_Slice_string_To_Pointer_int64(in *[]string, out **int64, s conversion.Scope) error
var out **int64
runtime.Convert_Slice_string_To_Pointer_int64(source().(*[]string), out, s)
sink(out) // $KsIoApimachineryPkgRuntime
sink(out) // $ KsIoApimachineryPkgRuntime
}
{
// func Convert_Slice_string_To_int(in *[]string, out *int, s conversion.Scope) error
var out *int
runtime.Convert_Slice_string_To_int(source().(*[]string), out, s)
sink(out) // $KsIoApimachineryPkgRuntime
sink(out) // $ KsIoApimachineryPkgRuntime
}
{
// func Convert_Slice_string_To_int64(in *[]string, out *int64, s conversion.Scope) error
var out *int64
runtime.Convert_Slice_string_To_int64(source().(*[]string), out, s)
sink(out) // $KsIoApimachineryPkgRuntime
sink(out) // $ KsIoApimachineryPkgRuntime
}
{
// func Convert_Slice_string_To_string(in *[]string, out *string, s conversion.Scope) error
var out *string
runtime.Convert_Slice_string_To_string(source().(*[]string), out, s)
sink(out) // $KsIoApimachineryPkgRuntime
sink(out) // $ KsIoApimachineryPkgRuntime
}
{
// func Convert_runtime_Object_To_runtime_RawExtension(in *Object, out *RawExtension, s conversion.Scope) error
var out *runtime.RawExtension
runtime.Convert_runtime_Object_To_runtime_RawExtension(source().(*runtime.Object), out, s)
sink(out) // $KsIoApimachineryPkgRuntime
sink(out) // $ KsIoApimachineryPkgRuntime
}
{
// func Convert_runtime_RawExtension_To_runtime_Object(in *RawExtension, out *Object, s conversion.Scope) error
var out *runtime.Object
runtime.Convert_runtime_RawExtension_To_runtime_Object(source().(*runtime.RawExtension), out, s)
sink(out) // $KsIoApimachineryPkgRuntime
sink(out) // $ KsIoApimachineryPkgRuntime
}
{
// func Convert_string_To_Pointer_int64(in *string, out **int64, s conversion.Scope) error
var out **int64
runtime.Convert_string_To_Pointer_int64(source().(*string), out, s)
sink(out) // $KsIoApimachineryPkgRuntime
sink(out) // $ KsIoApimachineryPkgRuntime
}
{
// func Convert_string_To_int64(in *string, out *int64, s conversion.Scope) error
var out *int64
runtime.Convert_string_To_int64(source().(*string), out, s)
sink(out) // $KsIoApimachineryPkgRuntime
sink(out) // $ KsIoApimachineryPkgRuntime
}
{
// func DecodeInto(d Decoder, data []byte, into Object) error
var o runtime.Object
runtime.DecodeInto(decoder, source().([]byte), o)
sink(o) // $KsIoApimachineryPkgRuntime
sink(o) // $ KsIoApimachineryPkgRuntime
}
{
// func DeepCopyJSON(x map[string]interface{}) map[string]interface{}
sink(runtime.DeepCopyJSON(source().(map[string]interface{}))) // $KsIoApimachineryPkgRuntime
sink(runtime.DeepCopyJSON(source().(map[string]interface{}))) // $ KsIoApimachineryPkgRuntime
}
{
// func DeepCopyJSONValue(x interface{}) interface{}
sink(runtime.DeepCopyJSONValue(source().(map[string]interface{}))) // $KsIoApimachineryPkgRuntime
sink(runtime.DeepCopyJSONValue(source().(map[string]interface{}))) // $ KsIoApimachineryPkgRuntime
}
{
// func Encode(e Encoder, obj Object) ([]byte, error)
x, _ := runtime.Encode(encoder, source().(runtime.Object))
sink(x) // $KsIoApimachineryPkgRuntime
sink(x) // $ KsIoApimachineryPkgRuntime
}
{
// func EncodeOrDie(e Encoder, obj Object) string
sink(runtime.EncodeOrDie(encoder, source().(runtime.Object))) // $KsIoApimachineryPkgRuntime
sink(runtime.EncodeOrDie(encoder, source().(runtime.Object))) // $ KsIoApimachineryPkgRuntime
}
{
// func Field(v reflect.Value, fieldName string, dest interface{}) error
var fieldName string
var dest interface{}
runtime.Field(source().(reflect.Value), fieldName, dest)
sink(dest) // $KsIoApimachineryPkgRuntime
sink(dest) // $ KsIoApimachineryPkgRuntime
}
{
// func FieldPtr(v reflect.Value, fieldName string, dest interface{}) error
var fieldName string
var dest interface{}
runtime.FieldPtr(source().(reflect.Value), fieldName, dest)
sink(dest) // $KsIoApimachineryPkgRuntime
sink(dest) // $ KsIoApimachineryPkgRuntime
}
{
// func SetField(src interface{}, v reflect.Value, fieldName string) error
var v reflect.Value
var fieldName string
runtime.SetField(source(), v, fieldName)
sink(v) // $KsIoApimachineryPkgRuntime
sink(v) // $ KsIoApimachineryPkgRuntime
}
{
// CacheEncode(id Identifier, encode func(Object, io.Writer) error, w io.Writer) error
@@ -125,19 +125,19 @@ func main() {
var encode func(runtime.Object, io.Writer) error
var w io.Writer
source().(myCacheableObject).CacheEncode(id, encode, w)
sink(w) // $KsIoApimachineryPkgRuntime
sink(w) // $ KsIoApimachineryPkgRuntime
}
{
// GetObject() Object
sink(source().(myCacheableObject).GetObject()) // $KsIoApimachineryPkgRuntime
sink(source().(myCacheableObject).GetObject()) // $ KsIoApimachineryPkgRuntime
}
{
// Decode(data []byte, defaults *schema.GroupVersionKind, into Object) (Object, *schema.GroupVersionKind, error)
var defaults *schema.GroupVersionKind
var into runtime.Object
x, _, _ := decoder.Decode(source().([]byte), defaults, into)
sink(x) // $KsIoApimachineryPkgRuntime
sink(into) // $KsIoApimachineryPkgRuntime
sink(x) // $ KsIoApimachineryPkgRuntime
sink(into) // $ KsIoApimachineryPkgRuntime
}
{
// Decode(data []byte, defaults *schema.GroupVersionKind, into Object) (Object, *schema.GroupVersionKind, error)
@@ -145,47 +145,47 @@ func main() {
var into runtime.Object
var withoutVersionDecoder runtime.WithoutVersionDecoder
x, _, _ := withoutVersionDecoder.Decode(source().([]byte), defaults, into)
sink(x) // $KsIoApimachineryPkgRuntime
sink(into) // $KsIoApimachineryPkgRuntime
sink(x) // $ KsIoApimachineryPkgRuntime
sink(into) // $ KsIoApimachineryPkgRuntime
}
{
// Encode(obj Object, w io.Writer) error
var w io.Writer
encoder.Encode(source().(runtime.Object), w)
sink(w) // $KsIoApimachineryPkgRuntime
sink(w) // $ KsIoApimachineryPkgRuntime
}
{
// Encode(obj Object, w io.Writer) error
var w io.Writer
var withVersionEncoder runtime.WithVersionEncoder
withVersionEncoder.Encode(source().(runtime.Object), w)
sink(w) // $KsIoApimachineryPkgRuntime
sink(w) // $ KsIoApimachineryPkgRuntime
}
{
var framer myFramer
// NewFrameReader(r io.ReadCloser) io.ReadCloser
sink(framer.NewFrameReader(source().(io.ReadCloser))) // $KsIoApimachineryPkgRuntime
sink(framer.NewFrameReader(source().(io.ReadCloser))) // $ KsIoApimachineryPkgRuntime
// NewFrameWriter(w io.Writer) io.Writer
sink(framer.NewFrameWriter(source().(io.Writer))) // $KsIoApimachineryPkgRuntime
sink(framer.NewFrameWriter(source().(io.Writer))) // $ KsIoApimachineryPkgRuntime
}
{
// DeepCopyObject() Object
sink(source().(runtime.Object).DeepCopyObject()) // $KsIoApimachineryPkgRuntime
sink(source().(runtime.Object).DeepCopyObject()) // $ KsIoApimachineryPkgRuntime
}
{
// func Decode(d Decoder, data []byte) (Object, error)
o, _ := runtime.Decode(decoder, source().([]byte))
sink(o) // $KsIoApimachineryPkgRuntime
sink(o) // $ KsIoApimachineryPkgRuntime
}
{
// func NewEncodable(e Encoder, obj Object, versions ...schema.GroupVersion) Object
sink(runtime.NewEncodable(encoder, source().(runtime.Object))) // $KsIoApimachineryPkgRuntime
sink(runtime.NewEncodable(encoder, source().(runtime.Object))) // $ KsIoApimachineryPkgRuntime
}
{
// func NewEncodableList(e Encoder, objects []Object, versions ...schema.GroupVersion) []Object
sink(runtime.NewEncodableList(encoder, source().([]runtime.Object))) // $KsIoApimachineryPkgRuntime
sink(runtime.NewEncodableList(encoder, source().([]runtime.Object))) // $ KsIoApimachineryPkgRuntime
}
{
// func UseOrCreateObject(t ObjectTyper, c ObjectCreater, gvk schema.GroupVersionKind, obj Object) (Object, error)
@@ -193,7 +193,7 @@ func main() {
var c runtime.ObjectCreater
var gvk schema.GroupVersionKind
o, _ := runtime.UseOrCreateObject(t, c, gvk, source().(runtime.Object))
sink(o) // $KsIoApimachineryPkgRuntime
sink(o) // $ KsIoApimachineryPkgRuntime
}
{
var objectConverter myObjectConverter
@@ -201,12 +201,12 @@ func main() {
// Convert(in, out, context interface{}) error
var out, context interface{}
objectConverter.Convert(source(), out, context)
sink(out) // $KsIoApimachineryPkgRuntime
sink(out) // $ KsIoApimachineryPkgRuntime
// ConvertToVersion(in Object, gv GroupVersioner) (out Object, err error)
var gv runtime.GroupVersioner
o, _ := objectConverter.ConvertToVersion(source().(runtime.Object), gv)
sink(o) // $KsIoApimachineryPkgRuntime
sink(o) // $ KsIoApimachineryPkgRuntime
}
{
var parameterCodec myParameterCodec
@@ -215,110 +215,110 @@ func main() {
var gv schema.GroupVersion
var into runtime.Object
parameterCodec.DecodeParameters(source().(url.Values), gv, into)
sink(into) // $KsIoApimachineryPkgRuntime
sink(into) // $ KsIoApimachineryPkgRuntime
// EncodeParameters(obj Object, to schema.GroupVersion) (url.Values, error)
urlValues, _ := parameterCodec.EncodeParameters(source().(runtime.Object), gv)
sink(urlValues) // $KsIoApimachineryPkgRuntime
sink(urlValues) // $ KsIoApimachineryPkgRuntime
}
{
// MarshalTo(data []byte) (int, error)
var data []byte
source().(myProtobufMarshaller).MarshalTo(data)
sink(data) // $KsIoApimachineryPkgRuntime
sink(data) // $ KsIoApimachineryPkgRuntime
}
{
// MarshalToSizedBuffer(data []byte) (int, error)
var data []byte
source().(myProtobufReverseMarshaller).MarshalToSizedBuffer(data)
sink(data) // $KsIoApimachineryPkgRuntime
sink(data) // $ KsIoApimachineryPkgRuntime
}
{
// func (in *RawExtension) DeepCopy() *RawExtension
sink(source().(*runtime.RawExtension).DeepCopy()) // $KsIoApimachineryPkgRuntime
sink(source().(*runtime.RawExtension).DeepCopy()) // $ KsIoApimachineryPkgRuntime
}
{
// func (in *RawExtension) DeepCopyInto(out *RawExtension)
var out *runtime.RawExtension
source().(*runtime.RawExtension).DeepCopyInto(out)
sink(out) // $KsIoApimachineryPkgRuntime
sink(out) // $ KsIoApimachineryPkgRuntime
}
{
// func (m *RawExtension) Marshal() (dAtA []byte, err error)
dAtA, _ := source().(*runtime.RawExtension).Marshal()
sink(dAtA) // $KsIoApimachineryPkgRuntime
sink(dAtA) // $ KsIoApimachineryPkgRuntime
}
{
// func (m *RawExtension) MarshalTo(dAtA []byte) (int, error)
var dAtA []byte
source().(*runtime.RawExtension).MarshalTo(dAtA)
sink(dAtA) // $KsIoApimachineryPkgRuntime
sink(dAtA) // $ KsIoApimachineryPkgRuntime
}
{
// func (m *RawExtension) MarshalToSizedBuffer(dAtA []byte) (int, error)
var dAtA []byte
source().(*runtime.RawExtension).MarshalToSizedBuffer(dAtA)
sink(dAtA) // $KsIoApimachineryPkgRuntime
sink(dAtA) // $ KsIoApimachineryPkgRuntime
}
{
// func (m *RawExtension) Unmarshal(dAtA []byte) error
var dAtA []byte
source().(*runtime.RawExtension).Unmarshal(dAtA)
sink(dAtA) // $KsIoApimachineryPkgRuntime
sink(dAtA) // $ KsIoApimachineryPkgRuntime
}
{
// func (in *Unknown) DeepCopy() *Unknown
sink(source().(*runtime.Unknown).DeepCopy()) // $KsIoApimachineryPkgRuntime
sink(source().(*runtime.Unknown).DeepCopy()) // $ KsIoApimachineryPkgRuntime
}
{
// func (in *Unknown) DeepCopyObject() Object
sink(source().(*runtime.Unknown).DeepCopyObject()) // $KsIoApimachineryPkgRuntime
sink(source().(*runtime.Unknown).DeepCopyObject()) // $ KsIoApimachineryPkgRuntime
}
{
// func (in *Unknown) DeepCopyInto(out *Unknown)
var out *runtime.Unknown
source().(*runtime.Unknown).DeepCopyInto(out)
sink(out) // $KsIoApimachineryPkgRuntime
sink(out) // $ KsIoApimachineryPkgRuntime
}
{
// func (m *Unknown) Marshal() (dAtA []byte, err error)
dAtA, _ := source().(*runtime.Unknown).Marshal()
sink(dAtA) // $KsIoApimachineryPkgRuntime
sink(dAtA) // $ KsIoApimachineryPkgRuntime
}
{
// func (m *Unknown) MarshalTo(dAtA []byte) (int, error)
var dAtA []byte
source().(*runtime.Unknown).MarshalTo(dAtA)
sink(dAtA) // $KsIoApimachineryPkgRuntime
sink(dAtA) // $ KsIoApimachineryPkgRuntime
}
{
// func (m *Unknown) MarshalToSizedBuffer(dAtA []byte) (int, error)
var dAtA []byte
source().(*runtime.Unknown).MarshalToSizedBuffer(dAtA)
sink(dAtA) // $KsIoApimachineryPkgRuntime
sink(dAtA) // $ KsIoApimachineryPkgRuntime
}
{
// func (m *Unknown) NestedMarshalTo(data []byte, b ProtobufMarshaller, size uint64) (int, error)
var dAtA []byte
var b myProtobufMarshaller
source().(*runtime.Unknown).NestedMarshalTo(dAtA, b, 1)
sink(dAtA) // $KsIoApimachineryPkgRuntime
sink(dAtA) // $ KsIoApimachineryPkgRuntime
}
{
// func (m *Unknown) Unmarshal(dAtA []byte) error
var dAtA []byte
source().(*runtime.Unknown).Unmarshal(dAtA)
sink(dAtA) // $KsIoApimachineryPkgRuntime
sink(dAtA) // $ KsIoApimachineryPkgRuntime
}
{
// UnstructuredContent() map[string]interface{}
sink(source().(myUnstructured).UnstructuredContent()) // $KsIoApimachineryPkgRuntime
sink(source().(myUnstructured).UnstructuredContent()) // $ KsIoApimachineryPkgRuntime
}
{
// SetUnstructuredContent(map[string]interface{})
var unstructured myUnstructured
unstructured.SetUnstructuredContent(source().(map[string]interface{}))
sink(unstructured) // $KsIoApimachineryPkgRuntime
sink(unstructured) // $ KsIoApimachineryPkgRuntime
}
}

12
ql/test/library-tests/semmle/go/frameworks/K8sIoClientGo/main.go
View File

@@ -27,14 +27,14 @@ func main() {
use(t.Delete(ctx, name, opts))
use(s.DeleteCollection(ctx, opts, listOpts))
use(t.DeleteCollection(ctx, opts, listOpts))
use(s.Get(ctx, name, opts)) // $KsIoClientGo
use(t.Get(ctx, name, opts)) // $KsIoClientGo
use(s.List(ctx, opts)) // $KsIoClientGo
use(t.List(ctx, opts)) // $KsIoClientGo
use(s.Get(ctx, name, opts)) // $ KsIoClientGo
use(t.Get(ctx, name, opts)) // $ KsIoClientGo
use(s.List(ctx, opts)) // $ KsIoClientGo
use(t.List(ctx, opts)) // $ KsIoClientGo
use(s.Watch(ctx, opts))
use(t.Watch(ctx, opts))
use(s.Patch(ctx, name, pt, data, opts)) // $KsIoClientGo
use(t.Patch(ctx, name, pt, data, opts)) // $KsIoClientGo
use(s.Patch(ctx, name, pt, data, opts)) // $ KsIoClientGo
use(t.Patch(ctx, name, pt, data, opts)) // $ KsIoClientGo
}
func use(arg ...interface{}) {}

44
ql/test/library-tests/semmle/go/frameworks/NoSQL/main.go
View File

@@ -26,46 +26,46 @@ func test(coll *mongo.Collection, filter interface{}, models []mongo.WriteModel,
matchStage := bson.D{{"$match", filter}}
pipeline := mongo.Pipeline{matchStage}
coll.Aggregate(ctx, pipeline, nil) // $nosqlquery=pipeline
coll.Aggregate(ctx, pipeline, nil) // $ nosqlquery=pipeline
coll.BulkWrite(ctx, models, nil)
coll.Clone(nil)
coll.CountDocuments(ctx, filter, nil) // $nosqlquery=filter
coll.CountDocuments(ctx, filter, nil) // $ nosqlquery=filter
coll.Database()
coll.DeleteMany(ctx, filter, nil) // $nosqlquery=filter
coll.DeleteOne(ctx, filter, nil) // $nosqlquery=filter
coll.DeleteMany(ctx, filter, nil) // $ nosqlquery=filter
coll.DeleteOne(ctx, filter, nil) // $ nosqlquery=filter
coll.Distinct(ctx, fieldName, filter) // $nosqlquery=filter
coll.Distinct(ctx, fieldName, filter) // $ nosqlquery=filter
coll.Drop(ctx)
coll.EstimatedDocumentCount(ctx, nil)
coll.Find(ctx, filter, nil) // $nosqlquery=filter
coll.FindOne(ctx, filter, nil) // $nosqlquery=filter
coll.FindOneAndDelete(ctx, filter, nil) // $nosqlquery=filter
coll.FindOneAndReplace(ctx, filter, nil) // $nosqlquery=filter
coll.FindOneAndUpdate(ctx, filter, nil) // $nosqlquery=filter
coll.Find(ctx, filter, nil) // $ nosqlquery=filter
coll.FindOne(ctx, filter, nil) // $ nosqlquery=filter
coll.FindOneAndDelete(ctx, filter, nil) // $ nosqlquery=filter
coll.FindOneAndReplace(ctx, filter, nil) // $ nosqlquery=filter
coll.FindOneAndUpdate(ctx, filter, nil) // $ nosqlquery=filter
coll.Indexes()
coll.InsertMany(ctx, documents)
coll.InsertOne(ctx, document, nil)
coll.Name()
replacement := bson.D{{"location", "NYC"}}
coll.ReplaceOne(ctx, filter, replacement) // $nosqlquery=filter
coll.ReplaceOne(ctx, filter, replacement) // $ nosqlquery=filter
update := bson.D{{"$inc", bson.D{{"age", 1}}}}
coll.UpdateMany(ctx, filter, update) // $nosqlquery=filter
coll.UpdateOne(ctx, filter, update) // $nosqlquery=filter
coll.Watch(ctx, pipeline) // $nosqlquery=pipeline
coll.UpdateMany(ctx, filter, update) // $ nosqlquery=filter
coll.UpdateOne(ctx, filter, update) // $ nosqlquery=filter
coll.Watch(ctx, pipeline) // $ nosqlquery=pipeline
}
func testGocbV1(bucket gocbv1.Bucket, cluster gocbv1.Cluster, aq *gocbv1.AnalyticsQuery, nq *gocbv1.N1qlQuery) {
bucket.ExecuteAnalyticsQuery(aq, nil) // $nosqlquery=aq
cluster.ExecuteAnalyticsQuery(aq, nil) // $nosqlquery=aq
bucket.ExecuteN1qlQuery(nq, nil) // $nosqlquery=nq
cluster.ExecuteN1qlQuery(nq, nil) // $nosqlquery=nq
bucket.ExecuteAnalyticsQuery(aq, nil) // $ nosqlquery=aq
cluster.ExecuteAnalyticsQuery(aq, nil) // $ nosqlquery=aq
bucket.ExecuteN1qlQuery(nq, nil) // $ nosqlquery=nq
cluster.ExecuteN1qlQuery(nq, nil) // $ nosqlquery=nq
}
func testGocbV2(cluster gocbv2.Cluster, scope gocbv2.Scope) {
cluster.AnalyticsQuery("a", nil) // $nosqlquery="a"
scope.AnalyticsQuery("b", nil) // $nosqlquery="b"
cluster.Query("c", nil) // $nosqlquery="c"
scope.Query("d", nil) // $nosqlquery="d"
cluster.AnalyticsQuery("a", nil) // $ nosqlquery="a"
scope.AnalyticsQuery("b", nil) // $ nosqlquery="b"
cluster.Query("c", nil) // $ nosqlquery="c"
scope.Query("d", nil) // $ nosqlquery="d"
}
func main() {}

30
ql/test/library-tests/semmle/go/frameworks/Revel/EndToEnd.go
View File

@@ -27,69 +27,69 @@ type MyRoute struct {
func (c MyRoute) Handler1() revel.Result {
// GOOD: the Render function is likely to properly escape the user-controlled parameter.
return c.Render("someviewparam", c.Params.Form.Get("someField")) // $source=selection of Params
return c.Render("someviewparam", c.Params.Form.Get("someField"))
}
func (c MyRoute) Handler2() revel.Result {
// BAD: the RenderBinary function copies an `io.Reader` to the user's browser.
buf := &bytes.Buffer{}
buf.WriteString(c.Params.Form.Get("someField")) // $source=selection of Params
return c.RenderBinary(buf, "index.html", revel.Inline, time.Now()) // $responsebody=buf
buf.WriteString(c.Params.Form.Get("someField"))
return c.RenderBinary(buf, "index.html", revel.Inline, time.Now()) // $ responsebody='buf'
}
func (c MyRoute) Handler3() revel.Result {
// GOOD: the RenderBinary function copies an `io.Reader` to the user's browser, but the filename
// means it will be given a safe content-type.
buf := &bytes.Buffer{}
buf.WriteString(c.Params.Form.Get("someField")) // $source=selection of Params
return c.RenderBinary(buf, "index.txt", revel.Inline, time.Now()) // $responsebody=buf
buf.WriteString(c.Params.Form.Get("someField"))
return c.RenderBinary(buf, "index.txt", revel.Inline, time.Now()) // $ responsebody='buf'
}
func (c MyRoute) Handler4() revel.Result {
// GOOD: the RenderError function either uses an HTML template with probable escaping,
// or it uses content-type text/plain.
err := errors.New(c.Params.Form.Get("someField")) // $source=selection of Params
return c.RenderError(err) // $responsebody=err
err := errors.New(c.Params.Form.Get("someField"))
return c.RenderError(err) // $ responsebody='err'
}
func (c MyRoute) Handler5() revel.Result {
// BAD: returning an arbitrary file (but this is detected at the os.Open call, not
// due to modelling Revel)
f, _ := os.Open(c.Params.Form.Get("someField")) // $source=selection of Params
f, _ := os.Open(c.Params.Form.Get("someField"))
return c.RenderFile(f, revel.Inline)
}
func (c MyRoute) Handler6() revel.Result {
// BAD: returning an arbitrary file (detected as a user-controlled file-op, not XSS)
return c.RenderFileName(c.Params.Form.Get("someField"), revel.Inline) // $source=selection of Params
return c.RenderFileName(c.Params.Form.Get("someField"), revel.Inline)
}
func (c MyRoute) Handler7() revel.Result {
// BAD: straightforward XSS
return c.RenderHTML(c.Params.Form.Get("someField")) // $responsebody=call to Get $source=selection of Params
return c.RenderHTML(c.Params.Form.Get("someField")) // $ responsebody='call to Get'
}
func (c MyRoute) Handler8() revel.Result {
// GOOD: uses JSON content-type
return c.RenderJSON(c.Params.Form.Get("someField")) // $responsebody=call to Get $source=selection of Params
return c.RenderJSON(c.Params.Form.Get("someField")) // $ responsebody='call to Get'
}
func (c MyRoute) Handler9() revel.Result {
// GOOD: uses Javascript content-type
return c.RenderJSONP("callback", c.Params.Form.Get("someField")) // $responsebody=call to Get $source=selection of Params
return c.RenderJSONP("callback", c.Params.Form.Get("someField")) // $ responsebody='call to Get'
}
func (c MyRoute) Handler10() revel.Result {
// GOOD: uses text content-type
return c.RenderText(c.Params.Form.Get("someField")) // $responsebody=call to Get $source=selection of Params
return c.RenderText(c.Params.Form.Get("someField")) // $ responsebody='call to Get'
}
func (c MyRoute) Handler11() revel.Result {
// GOOD: uses xml content-type
return c.RenderXML(c.Params.Form.Get("someField")) // $responsebody=call to Get $source=selection of Params
return c.RenderXML(c.Params.Form.Get("someField")) // $ responsebody='call to Get'
}
func (c MyRoute) Handler12() revel.Result {
// BAD: open redirect
return c.Redirect(c.Params.Form.Get("someField")) // $source=selection of Params
return c.Redirect(c.Params.Form.Get("someField"))
}

14
ql/test/library-tests/semmle/go/frameworks/Revel/Revel.go
View File

@@ -24,18 +24,18 @@ func sink(_ ...interface{}) {}
func (c myAppController) accessingParamsDirectlyIsUnsafe() {
sink(c.Params.Get("key"))
sink(c.Params.Values) // $source=selection of Params
sink(c.Params.Values)
val4 := ""
c.Params.Bind(&val4, "key") // $source=selection of Params
c.Params.Bind(&val4, "key")
sink(val4)
sink(c.Request.FormValue("key"))
}
func (c myAppController) accessingFixedIsSafe(mainRouter *revel.Router) {
sink(c.Params.Fixed.Get("key")) // $noflow
sink(mainRouter.Route(c.Request).FixedParams[0]) // $noflow
sink(c.Params.Fixed.Get("key")) // $ noflow
sink(mainRouter.Route(c.Request).FixedParams[0]) // $ noflow
}
func (c myAppController) accessingRouteIsUnsafe(mainRouter *revel.Router) {
@@ -64,10 +64,10 @@ func (c myAppController) accessingParamsJSONIsUnsafe() {
sink(val2["name"].(string))
}
func (c myAppController) rawRead() { // $responsebody=argument corresponding to c
c.ViewArgs["Foo"] = "<p>raw HTML</p>" // $responsebody="<p>raw HTML</p>"
func (c myAppController) rawRead() { // $ responsebody='argument corresponding to c'
c.ViewArgs["Foo"] = "<p>raw HTML</p>" // $ responsebody='"<p>raw HTML</p>"'
c.ViewArgs["Bar"] = "<p>not raw HTML</p>"
c.ViewArgs["Foo"] = c.Params.Query // $responsebody=selection of Query
c.ViewArgs["Foo"] = c.Params.Query // $ responsebody='selection of Query'
c.Render()
}

5
ql/test/library-tests/semmle/go/frameworks/Revel/examples/booking/app/controllers/hotels.go
View File

@@ -31,6 +31,7 @@ import (
"strings"
"codeql-go-tests/frameworks/Revel/examples/booking/app/models"
"github.com/revel/revel"
)
@@ -104,7 +105,7 @@ func (c Hotels) ListJson(search string, size, page uint64) revel.Result {
var hotels []*models.Hotel
return c.RenderJSON(map[string]interface{}{"hotels": hotels, "search": search, "size": size, "page": page, "nextPage": nextPage}) // $responsebody=map literal
return c.RenderJSON(map[string]interface{}{"hotels": hotels, "search": search, "size": size, "page": page, "nextPage": nextPage}) // $ responsebody='map literal'
}
func (c Hotels) List(search string, size, page uint64) revel.Result {
if page == 0 {
@@ -155,7 +156,7 @@ func (c Hotels) SaveSettings(password, verifyPassword string) revel.Result {
}
func (c Hotels) ConfirmBooking(id int, booking models.Booking) revel.Result {
hotel := c.loadHotelById(id) // $responsebody=call to loadHotelById
hotel := c.loadHotelById(id) // $ responsebody='call to loadHotelById'
if hotel == nil {
return c.NotFound("Hotel %d does not exist", id)
}

4
ql/test/library-tests/semmle/go/frameworks/Revel/examples/booking/app/init.go
View File

@@ -33,11 +33,11 @@ func init() {
switch event {
case revel.ENGINE_BEFORE_INITIALIZED:
revel.AddHTTPMux("/this/is/a/test", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
fmt.Fprintln(w, "Hi there, it worked", r.URL.Path) // $responsebody=selection of Path $responsebody="Hi there, it worked"
fmt.Fprintln(w, "Hi there, it worked", r.URL.Path) // $ responsebody='selection of Path' responsebody='"Hi there, it worked"'
w.WriteHeader(200)
}))
revel.AddHTTPMux("/this/is/", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
fmt.Fprintln(w, "Hi there, shorter prefix", r.URL.Path) // $responsebody=selection of Path $responsebody="Hi there, shorter prefix"
fmt.Fprintln(w, "Hi there, shorter prefix", r.URL.Path) // $ responsebody='selection of Path' responsebody='"Hi there, shorter prefix"'
w.WriteHeader(200)
}))
}

2
ql/test/library-tests/semmle/go/frameworks/Revel/test.ql
View File

@@ -41,7 +41,7 @@ class HttpResponseBodyTest extends InlineExpectationsTest {
exists(HTTP::ResponseBody rb |
rb.hasLocationInfo(file, line, _, _, _) and
element = rb.toString() and
value = rb.toString()
value = "'" + rb.toString() + "'"
)
}
}

48
ql/test/library-tests/semmle/go/frameworks/SQL/main.go
View File

@@ -32,43 +32,43 @@ var (
)
func test(db *sql.DB, ctx context.Context) {
db.Exec(query1) // $query=query1
db.ExecContext(ctx, query2) // $query=query2
db.Prepare(query3) // $querystring=query3
db.PrepareContext(ctx, query4) // $querystring=query4
db.Query(query5) // $query=query5
db.QueryContext(ctx, query6) // $query=query6
db.QueryRow(query7) // $query=query7
db.QueryRowContext(ctx, query8) // $query=query8
db.Exec(query1) // $ query=query1
db.ExecContext(ctx, query2) // $ query=query2
db.Prepare(query3) // $ querystring=query3
db.PrepareContext(ctx, query4) // $ querystring=query4
db.Query(query5) // $ query=query5
db.QueryContext(ctx, query6) // $ query=query6
db.QueryRow(query7) // $ query=query7
db.QueryRowContext(ctx, query8) // $ query=query8
}
func squirrelTest(querypart string) {
squirrel.Select("*").From("users").Where(squirrel.Expr(querypart)) // $querystring=querypart
squirrel.Select("*").From("users").Suffix(querypart) // $querystring=querypart
squirrel.Select("*").From("users").Where(squirrel.Expr(querypart)) // $ querystring=querypart
squirrel.Select("*").From("users").Suffix(querypart) // $ querystring=querypart
}
func test2(tx *sql.Tx, query string, ctx context.Context) {
tx.Exec(query11) // $query=query11
tx.ExecContext(ctx, query12) // $query=query12
tx.Prepare(query13) // $querystring=query13
tx.PrepareContext(ctx, query14) // $querystring=query14
tx.Query(query15) // $query=query15
tx.QueryContext(ctx, query16) // $query=query16
tx.QueryRow(query17) // $query=query17
tx.QueryRowContext(ctx, query18) // $query=query18
tx.Exec(query11) // $ query=query11
tx.ExecContext(ctx, query12) // $ query=query12
tx.Prepare(query13) // $ querystring=query13
tx.PrepareContext(ctx, query14) // $ querystring=query14
tx.Query(query15) // $ query=query15
tx.QueryContext(ctx, query16) // $ query=query16
tx.QueryRow(query17) // $ query=query17
tx.QueryRowContext(ctx, query18) // $ query=query18
}
func test3(db *sql.DB, ctx context.Context) {
stmt1, _ := db.Prepare(query21) // $f+:querystring=query21
stmt1.Exec() // $f-:query=query21
stmt2, _ := db.PrepareContext(ctx, query22) // $f+:querystring=query22
stmt2.ExecContext(ctx) // $f-:query=query22
stmt3, _ := db.Prepare(query23) // $f+:querystring=query23
stmt1, _ := db.Prepare(query21) // $ SPURIOUS: querystring=query21
stmt1.Exec() // $ MISSING: query=query21
stmt2, _ := db.PrepareContext(ctx, query22) // $ SPURIOUS: querystring=query22
stmt2.ExecContext(ctx) // $ MISSING: query=query22
stmt3, _ := db.Prepare(query23) // $ SPURIOUS: querystring=query23
runQuery(stmt3)
}
func runQuery(stmt *sql.Stmt) {
stmt.Exec() // $f-:query=query23
stmt.Exec() // $ MISSING: query=query23
}
func main() {}

38
ql/test/library-tests/semmle/go/frameworks/SQL/pg.go
View File

@@ -11,31 +11,31 @@ import (
)
func pgtest(query string, conn pg.Conn, db pg.DB, tx pg.Tx) {
pg.Q(query) // $querystring=query
pg.Q(query) // $ querystring=query
var dst []byte
conn.FormatQuery(dst, query) // $querystring=query
conn.Prepare(query) // $querystring=query
db.FormatQuery(dst, query) // $querystring=query
db.Prepare(query) // $querystring=query
tx.FormatQuery(dst, query) // $querystring=query
tx.Prepare(query) // $querystring=query
conn.FormatQuery(dst, query) // $ querystring=query
conn.Prepare(query) // $ querystring=query
db.FormatQuery(dst, query) // $ querystring=query
db.Prepare(query) // $ querystring=query
tx.FormatQuery(dst, query) // $ querystring=query
tx.Prepare(query) // $ querystring=query
}
// go-pg v9 dropped support for `FormatQuery`
func newpgtest(query string, conn newpg.Conn, db newpg.DB, tx newpg.Tx) {
newpg.Q(query) // $querystring=query
conn.Prepare(query) // $querystring=query
db.Prepare(query) // $querystring=query
tx.Prepare(query) // $querystring=query
newpg.Q(query) // $ querystring=query
conn.Prepare(query) // $ querystring=query
db.Prepare(query) // $ querystring=query
tx.Prepare(query) // $ querystring=query
}
func pgormtest(query string, q orm.Query) {
orm.Q(query) // $querystring=query
q.ColumnExpr(query) // $querystring=query
q.For(query) // $querystring=query
orm.Q(query) // $ querystring=query
q.ColumnExpr(query) // $ querystring=query
q.For(query) // $ querystring=query
var b []byte
q.FormatQuery(b, query) // $querystring=query
q.Having(query) // $querystring=query
q.Where(query) // $querystring=query
q.WhereInMulti(query) // $querystring=query
q.WhereOr(query) // $querystring=query
q.FormatQuery(b, query) // $ querystring=query
q.Having(query) // $ querystring=query
q.Where(query) // $ querystring=query
q.WhereInMulti(query) // $ querystring=query
q.WhereOr(query) // $ querystring=query
}

112
ql/test/library-tests/semmle/go/frameworks/SQL/xorm.go
View File

@@ -12,66 +12,66 @@ func xormtest() {
query := "UntrustedString"
engine1 := xorm1.Engine{}
engine1.Query(query) // $querystring=query
engine1.QueryString(query) // $querystring=query
engine1.QueryInterface(query) // $querystring=query
engine1.SQL(query) // $querystring=query
engine1.Where(query) // $querystring=query
engine1.Alias(query) // $querystring=query
engine1.NotIn(query) // $querystring=query
engine1.In(query) // $querystring=query
engine1.Select(query) // $querystring=query
engine1.SetExpr(query, nil) // $querystring=query
engine1.OrderBy(query) // $querystring=query
engine1.Having(query) // $querystring=query
engine1.GroupBy(query) // $querystring=query
engine1.Query(query) // $ querystring=query
engine1.QueryString(query) // $ querystring=query
engine1.QueryInterface(query) // $ querystring=query
engine1.SQL(query) // $ querystring=query
engine1.Where(query) // $ querystring=query
engine1.Alias(query) // $ querystring=query
engine1.NotIn(query) // $ querystring=query
engine1.In(query) // $ querystring=query
engine1.Select(query) // $ querystring=query
engine1.SetExpr(query, nil) // $ querystring=query
engine1.OrderBy(query) // $ querystring=query
engine1.Having(query) // $ querystring=query
engine1.GroupBy(query) // $ querystring=query
engine2 := xorm2.Engine{}
engine2.Query(query) // $querystring=query
engine2.QueryString(query) // $querystring=query
engine2.QueryInterface(query) // $querystring=query
engine2.SQL(query) // $querystring=query
engine2.Where(query) // $querystring=query
engine2.Alias(query) // $querystring=query
engine2.NotIn(query) // $querystring=query
engine2.In(query) // $querystring=query
engine2.Select(query) // $querystring=query
engine2.SetExpr(query, nil) // $querystring=query
engine2.OrderBy(query) // $querystring=query
engine2.Having(query) // $querystring=query
engine2.GroupBy(query) // $querystring=query
engine2.Query(query) // $ querystring=query
engine2.QueryString(query) // $ querystring=query
engine2.QueryInterface(query) // $ querystring=query
engine2.SQL(query) // $ querystring=query
engine2.Where(query) // $ querystring=query
engine2.Alias(query) // $ querystring=query
engine2.NotIn(query) // $ querystring=query
engine2.In(query) // $ querystring=query
engine2.Select(query) // $ querystring=query
engine2.SetExpr(query, nil) // $ querystring=query
engine2.OrderBy(query) // $ querystring=query
engine2.Having(query) // $ querystring=query
engine2.GroupBy(query) // $ querystring=query
session1 := xorm1.Session{}
session1.Query(query) // $querystring=query
session1.QueryString(query) // $querystring=query
session1.QueryInterface(query) // $querystring=query
session1.SQL(query) // $querystring=query
session1.Where(query) // $querystring=query
session1.Alias(query) // $querystring=query
session1.NotIn(query) // $querystring=query
session1.In(query) // $querystring=query
session1.Select(query) // $querystring=query
session1.SetExpr(query, nil) // $querystring=query
session1.OrderBy(query) // $querystring=query
session1.Having(query) // $querystring=query
session1.GroupBy(query) // $querystring=query
session1.And(query) // $querystring=query
session1.Or(query) // $querystring=query
session1.Query(query) // $ querystring=query
session1.QueryString(query) // $ querystring=query
session1.QueryInterface(query) // $ querystring=query
session1.SQL(query) // $ querystring=query
session1.Where(query) // $ querystring=query
session1.Alias(query) // $ querystring=query
session1.NotIn(query) // $ querystring=query
session1.In(query) // $ querystring=query
session1.Select(query) // $ querystring=query
session1.SetExpr(query, nil) // $ querystring=query
session1.OrderBy(query) // $ querystring=query
session1.Having(query) // $ querystring=query
session1.GroupBy(query) // $ querystring=query
session1.And(query) // $ querystring=query
session1.Or(query) // $ querystring=query
session2 := xorm2.Session{}
session2.Query(query) // $querystring=query
session2.QueryString(query) // $querystring=query
session2.QueryInterface(query) // $querystring=query
session2.SQL(query) // $querystring=query
session2.Where(query) // $querystring=query
session2.Alias(query) // $querystring=query
session2.NotIn(query) // $querystring=query
session2.In(query) // $querystring=query
session2.Select(query) // $querystring=query
session2.SetExpr(query, nil) // $querystring=query
session2.OrderBy(query) // $querystring=query
session2.Having(query) // $querystring=query
session2.GroupBy(query) // $querystring=query
session2.And(query) // $querystring=query
session2.Or(query) // $querystring=query
session2.Query(query) // $ querystring=query
session2.QueryString(query) // $ querystring=query
session2.QueryInterface(query) // $ querystring=query
session2.SQL(query) // $ querystring=query
session2.Where(query) // $ querystring=query
session2.Alias(query) // $ querystring=query
session2.NotIn(query) // $ querystring=query
session2.In(query) // $ querystring=query
session2.Select(query) // $ querystring=query
session2.SetExpr(query, nil) // $ querystring=query
session2.OrderBy(query) // $ querystring=query
session2.Having(query) // $ querystring=query
session2.GroupBy(query) // $ querystring=query
session2.And(query) // $ querystring=query
session2.Or(query) // $ querystring=query
}

54
ql/test/library-tests/semmle/go/frameworks/StdlibTaintFlow/Os.go
View File

@@ -22,7 +22,7 @@ func TaintStepTest_OsExpandEnv_B0I0O0(sourceCQL interface{}) interface{} {
func TaintStepTest_OsNewFile_B0I0O0(sourceCQL interface{}) interface{} {
fromUintptr784 := sourceCQL.(uintptr)
intoFile957 := os.NewFile(fromUintptr784, "") // $fsaccess=""
intoFile957 := os.NewFile(fromUintptr784, "") // $ fsaccess=""
return intoFile957
}
@@ -154,30 +154,30 @@ func RunAllTaints_Os() {
func fsAccesses() {
var path, path1, part string
var time time.Time
os.Chdir(path) // $fsaccess=path
os.Chmod(path, 0600) // $fsaccess=path
os.Chown(path, 1000, 1000) // $fsaccess=path
os.Chtimes(path, time, time) // $fsaccess=path
os.Create(path) // $fsaccess=path
os.Lchown(path, 1000, 1000) // $fsaccess=path
os.Link(path, path1) // $fsaccess=path $fsaccess=path1
os.Lstat(path) // $fsaccess=path
os.Mkdir(path, 0600) // $fsaccess=path
os.MkdirAll(path, 0600) // $fsaccess=path
os.NewFile(124, path) // $fsaccess=path
os.Open(path) // $fsaccess=path
os.OpenFile(path, os.O_RDONLY, 0600) // $fsaccess=path
os.Readlink(path) // $fsaccess=path
os.Remove(path) // $fsaccess=path
os.RemoveAll(path) // $fsaccess=path
os.Rename(path, path1) // $fsaccess=path $fsaccess=path1
os.Stat(path) // $fsaccess=path
os.Symlink(path, path1) // $fsaccess=path $fsaccess=path1
os.Truncate(path, 1000) // $fsaccess=path
os.DirFS(path) // $fsaccess=path
os.ReadDir(path) // $fsaccess=path
os.ReadFile(path) // $fsaccess=path
os.MkdirTemp(path, part) // $fsaccess=path $fsaccess=part
os.CreateTemp(path, part) // $fsaccess=path $fsaccess=part
os.WriteFile(path, []byte{}, 0600) // $fsaccess=path
os.Chdir(path) // $ fsaccess=path
os.Chmod(path, 0600) // $ fsaccess=path
os.Chown(path, 1000, 1000) // $ fsaccess=path
os.Chtimes(path, time, time) // $ fsaccess=path
os.Create(path) // $ fsaccess=path
os.Lchown(path, 1000, 1000) // $ fsaccess=path
os.Link(path, path1) // $ fsaccess=path fsaccess=path1
os.Lstat(path) // $ fsaccess=path
os.Mkdir(path, 0600) // $ fsaccess=path
os.MkdirAll(path, 0600) // $ fsaccess=path
os.NewFile(124, path) // $ fsaccess=path
os.Open(path) // $ fsaccess=path
os.OpenFile(path, os.O_RDONLY, 0600) // $ fsaccess=path
os.Readlink(path) // $ fsaccess=path
os.Remove(path) // $ fsaccess=path
os.RemoveAll(path) // $ fsaccess=path
os.Rename(path, path1) // $ fsaccess=path fsaccess=path1
os.Stat(path) // $ fsaccess=path
os.Symlink(path, path1) // $ fsaccess=path fsaccess=path1
os.Truncate(path, 1000) // $ fsaccess=path
os.DirFS(path) // $ fsaccess=path
os.ReadDir(path) // $ fsaccess=path
os.ReadFile(path) // $ fsaccess=path
os.MkdirTemp(path, part) // $ fsaccess=path fsaccess=part
os.CreateTemp(path, part) // $ fsaccess=path fsaccess=part
os.WriteFile(path, []byte{}, 0600) // $ fsaccess=path
}

8
ql/test/library-tests/semmle/go/frameworks/Yaml/tests.ql
View File

@@ -11,7 +11,7 @@ class TaintFunctionModelTest extends InlineExpectationsTest {
exists(TaintTracking::FunctionModel model, DataFlow::CallNode call | call = model.getACall() |
call.hasLocationInfo(file, line, _, _, _) and
element = call.toString() and
value = model.getAnInputNode(call) + " -> " + model.getAnOutputNode(call)
value = "\"" + model.getAnInputNode(call) + " -> " + model.getAnOutputNode(call) + "\""
)
}
}
@@ -27,7 +27,8 @@ class MarshalerTest extends InlineExpectationsTest {
call.hasLocationInfo(file, line, _, _, _) and
element = call.toString() and
value =
m.getFormat() + ": " + m.getAnInput().getNode(call) + " -> " + m.getOutput().getNode(call)
"\"" + m.getFormat() + ": " + m.getAnInput().getNode(call) + " -> " +
m.getOutput().getNode(call) + "\""
)
}
}
@@ -43,7 +44,8 @@ class UnmarshalerTest extends InlineExpectationsTest {
call.hasLocationInfo(file, line, _, _, _) and
element = call.toString() and
value =
m.getFormat() + ": " + m.getAnInput().getNode(call) + " -> " + m.getOutput().getNode(call)
"\"" + m.getFormat() + ": " + m.getAnInput().getNode(call) + " -> " +
m.getOutput().getNode(call) + "\""
)
}
}

37
ql/test/library-tests/semmle/go/frameworks/Yaml/yaml.go
View File

@@ -1,41 +1,42 @@
package main
import (
"io"
yaml1 "gopkg.in/yaml.v1"
yaml2 "gopkg.in/yaml.v2"
yaml3 "gopkg.in/yaml.v3"
"io"
)
func main() {
var in, out interface{}
var inb []byte
out, _ = yaml1.Marshal(in) // $marshaler=yaml: in -> ... = ...[0] $ttfnmodelstep=in -> ... = ...[0]
yaml1.Unmarshal(inb, out) // $unmarshaler=yaml: inb -> definition of out $ttfnmodelstep=inb -> definition of out
out, _ = yaml1.Marshal(in) // $ marshaler="yaml: in -> ... = ...[0]" ttfnmodelstep="in -> ... = ...[0]"
yaml1.Unmarshal(inb, out) // $ unmarshaler="yaml: inb -> definition of out" ttfnmodelstep="inb -> definition of out"
out, _ = yaml2.Marshal(in) // $marshaler=yaml: in -> ... = ...[0] $ttfnmodelstep=in -> ... = ...[0]
yaml2.Unmarshal(inb, out) // $unmarshaler=yaml: inb -> definition of out $ttfnmodelstep=inb -> definition of out
yaml2.UnmarshalStrict(inb, out) // $unmarshaler=yaml: inb -> definition of out $ttfnmodelstep=inb -> definition of out
out, _ = yaml2.Marshal(in) // $ marshaler="yaml: in -> ... = ...[0]" ttfnmodelstep="in -> ... = ...[0]"
yaml2.Unmarshal(inb, out) // $ unmarshaler="yaml: inb -> definition of out" ttfnmodelstep="inb -> definition of out"
yaml2.UnmarshalStrict(inb, out) // $ unmarshaler="yaml: inb -> definition of out" ttfnmodelstep="inb -> definition of out"
var r io.Reader
d := yaml2.NewDecoder(r) // $ttfnmodelstep=r -> call to NewDecoder
d.Decode(out) // $ttfnmodelstep=d -> definition of out
d := yaml2.NewDecoder(r) // $ ttfnmodelstep="r -> call to NewDecoder"
d.Decode(out) // $ ttfnmodelstep="d -> definition of out"
var w io.Writer
e := yaml2.NewEncoder(w) // $ttfnmodelstep=definition of e -> definition of w
e.Encode(in) // $ttfnmodelstep=in -> definition of e
e := yaml2.NewEncoder(w) // $ ttfnmodelstep="definition of e -> definition of w"
e.Encode(in) // $ ttfnmodelstep="in -> definition of e"
out, _ = yaml3.Marshal(in) // $marshaler=yaml: in -> ... = ...[0] $ttfnmodelstep=in -> ... = ...[0]
yaml3.Unmarshal(inb, out) // $unmarshaler=yaml: inb -> definition of out $ttfnmodelstep=inb -> definition of out
out, _ = yaml3.Marshal(in) // $ marshaler="yaml: in -> ... = ...[0]" ttfnmodelstep="in -> ... = ...[0]"
yaml3.Unmarshal(inb, out) // $ unmarshaler="yaml: inb -> definition of out" ttfnmodelstep="inb -> definition of out"
d1 := yaml3.NewDecoder(r) // $ttfnmodelstep=r -> call to NewDecoder
d1.Decode(out) // $ttfnmodelstep=d1 -> definition of out
d1 := yaml3.NewDecoder(r) // $ ttfnmodelstep="r -> call to NewDecoder"
d1.Decode(out) // $ ttfnmodelstep="d1 -> definition of out"
e1 := yaml3.NewEncoder(w) // $ttfnmodelstep=definition of e1 -> definition of w
e1.Encode(in) // $ttfnmodelstep=in -> definition of e1
e1 := yaml3.NewEncoder(w) // $ ttfnmodelstep="definition of e1 -> definition of w"
e1.Encode(in) // $ ttfnmodelstep="in -> definition of e1"
var n1 yaml3.Node
n1.Decode(out) // $ttfnmodelstep=n1 -> definition of out
n1.Encode(in) // $ttfnmodelstep=in -> definition of n1
n1.Decode(out) // $ ttfnmodelstep="n1 -> definition of out"
n1.Encode(in) // $ ttfnmodelstep="in -> definition of n1"
}

2
ql/test/library-tests/semmle/go/frameworks/Zap/TaintFlows.ql
View File

@@ -22,7 +22,7 @@ class ZapTest extends InlineExpectationsTest {
tag = "zap" and
exists(DataFlow::Node sink | any(TestConfig c).hasFlow(_, sink) |
element = sink.toString() and
value = sink.toString() and
value = "\"" + sink.toString() + "\"" and
sink.hasLocationInfo(file, line, _, _, _)
)
}

98
ql/test/library-tests/semmle/go/frameworks/Zap/test.go
View File

@@ -18,72 +18,72 @@ func getUntrustedString() string {
func testZapLoggerDPanic() {
logger, _ := zap.NewProduction()
logger.DPanic(getUntrustedString()) // $zap=call to getUntrustedString
logger.DPanic(getUntrustedString()) // $ zap="call to getUntrustedString"
}
func testZapLoggerFatal() {
logger := zap.NewExample()
logger.Fatal("msg", zap.String(getUntrustedString(), "value")) // $zap=call to String
logger.Fatal("msg", zap.String(getUntrustedString(), "value")) // $ zap="call to String"
}
func testZapLoggerPanic() {
logger, _ := zap.NewDevelopment()
logger.Panic("msg", zap.Any("key", getUntrustedData())) // $zap=call to Any
logger.Panic("msg", zap.Any("key", getUntrustedData())) // $ zap="call to Any"
}
func testZapLoggerDebug(core zapcore.Core, byteArray []byte) {
logger := zap.New(core)
logger.Debug(getUntrustedString()) // $zap=call to getUntrustedString
logger.Debug("msg", zap.Binary(getUntrustedString(), byteArray)) // $zap=call to Binary
logger.Debug("msg", zap.ByteString("key", getUntrustedData().([]byte))) // $zap=call to ByteString
logger.Debug(getUntrustedString()) // $ zap="call to getUntrustedString"
logger.Debug("msg", zap.Binary(getUntrustedString(), byteArray)) // $ zap="call to Binary"
logger.Debug("msg", zap.ByteString("key", getUntrustedData().([]byte))) // $ zap="call to ByteString"
}
func testZapLoggerError(bss [][]byte) {
logger := zap.L()
logger.Error(getUntrustedString()) // $zap=call to getUntrustedString
logger.Error("msg", zap.ByteStrings(getUntrustedString(), bss)) // $zap=call to ByteStrings
logger.Error("msg", zap.Error(getUntrustedData().(error))) // $zap=call to Error
logger.Error(getUntrustedString()) // $ zap="call to getUntrustedString"
logger.Error("msg", zap.ByteStrings(getUntrustedString(), bss)) // $ zap="call to ByteStrings"
logger.Error("msg", zap.Error(getUntrustedData().(error))) // $ zap="call to Error"
}
func testZapLoggerInfo(logger *zap.Logger, errs []error) {
logger.Info(getUntrustedString()) // $zap=call to getUntrustedString
logger.Info("msg", zap.Errors(getUntrustedString(), errs)) // $zap=call to Errors
logger.Info("msg", zap.NamedError("key", getUntrustedData().(error))) // $zap=call to NamedError
logger.Info(getUntrustedString()) // $ zap="call to getUntrustedString"
logger.Info("msg", zap.Errors(getUntrustedString(), errs)) // $ zap="call to Errors"
logger.Info("msg", zap.NamedError("key", getUntrustedData().(error))) // $ zap="call to NamedError"
}
func testZapLoggerWarn(logger *zap.Logger) {
logger.Warn(getUntrustedString()) // $zap=call to getUntrustedString
logger.Warn("msg", zap.Reflect(getUntrustedString(), nil)) // $zap=call to Reflect
logger.Warn("msg", zap.Stringp("key", getUntrustedData().(*string))) // $zap=call to Stringp
logger.Warn("msg", zap.Strings("key", getUntrustedData().([]string))) // $zap=call to Strings
logger.Warn(getUntrustedString()) // $ zap="call to getUntrustedString"
logger.Warn("msg", zap.Reflect(getUntrustedString(), nil)) // $ zap="call to Reflect"
logger.Warn("msg", zap.Stringp("key", getUntrustedData().(*string))) // $ zap="call to Stringp"
logger.Warn("msg", zap.Strings("key", getUntrustedData().([]string))) // $ zap="call to Strings"
}
func testZapLoggerNop() {
// We do not currently recognise that a logger made using NewNop() does not actually do any logging
logger := zap.NewNop()
logger.Debug(getUntrustedString()) // $f+:zap=call to getUntrustedString
logger.Debug(getUntrustedString()) // $ SPURIOUS: zap="call to getUntrustedString"
}
func testLoggerNamed(logger *zap.Logger) {
namedLogger := logger.Named(getUntrustedString()) // $zap=call to getUntrustedString
namedLogger := logger.Named(getUntrustedString()) // $ zap="call to getUntrustedString"
namedLogger.Info("hello world")
}
func testLoggerWith(logger *zap.Logger) *zap.Logger {
logger1 := logger.With(zap.Any(getUntrustedString(), nil)) // $zap=call to Any
logger1 := logger.With(zap.Any(getUntrustedString(), nil)) // $ zap="call to Any"
logger1.Info("hello world")
logger2 := logger.With(zap.String("key", getUntrustedString())) // $zap=call to String
logger2 := logger.With(zap.String("key", getUntrustedString())) // $ zap="call to String"
logger2.Info("hello world")
logger3 := logger.With(zap.String("key", getUntrustedString())) // $f+:zap=call to String
logger3 := logger.With(zap.String("key", getUntrustedString())) // $ SPURIOUS: zap="call to String"
return logger3
}
func getLoggerWithUntrustedField() *zap.Logger {
return zap.NewExample().With(zap.NamedError("key", getUntrustedData().(error))) // $zap=call to NamedError
return zap.NewExample().With(zap.NamedError("key", getUntrustedData().(error))) // $ zap="call to NamedError"
}
func getLoggerWithUntrustedFieldUnused() *zap.Logger {
return zap.NewExample().With(zap.NamedError("key", getUntrustedData().(error))) // $f+:zap=call to NamedError
return zap.NewExample().With(zap.NamedError("key", getUntrustedData().(error))) // $ SPURIOUS: zap="call to NamedError"
}
func testLoggerWithAcrossFunctionBoundary() {
@@ -91,91 +91,91 @@ func testLoggerWithAcrossFunctionBoundary() {
}
func testLoggerWithOptions(logger *zap.Logger) *zap.Logger {
logger1 := logger.WithOptions(zap.Fields(zap.Any(getUntrustedString(), nil))) // $zap=call to Fields
logger1 := logger.WithOptions(zap.Fields(zap.Any(getUntrustedString(), nil))) // $ zap="call to Fields"
logger1.Info("hello world")
logger2 := logger.WithOptions(zap.Fields(zap.String("key", getUntrustedString()))) // $zap=call to Fields
logger2 := logger.WithOptions(zap.Fields(zap.String("key", getUntrustedString()))) // $ zap="call to Fields"
logger2.Info("hello world")
logger3 := logger.WithOptions(zap.Fields(zap.String("key", getUntrustedString()))) // $f+:zap=call to Fields
logger3 := logger.WithOptions(zap.Fields(zap.String("key", getUntrustedString()))) // $ SPURIOUS: zap="call to Fields"
return logger3
}
func testZapSugaredLoggerDPanic(sugaredLogger *zap.SugaredLogger) {
sugaredLogger.DPanic(getUntrustedData()) // $zap=call to getUntrustedData
sugaredLogger.DPanic(getUntrustedData()) // $ zap="call to getUntrustedData"
}
func testZapSugaredLoggerDPanicf(sugaredLogger *zap.SugaredLogger) {
sugaredLogger.DPanicf(getUntrustedString()) // $zap=call to getUntrustedString
sugaredLogger.DPanicf(getUntrustedString()) // $ zap="call to getUntrustedString"
}
func testZapSugaredLoggerDPanicw(sugaredLogger *zap.SugaredLogger) {
sugaredLogger.DPanicw(getUntrustedString()) // $zap=call to getUntrustedString
sugaredLogger.DPanicw(getUntrustedString()) // $ zap="call to getUntrustedString"
}
func testZapSugaredLoggerFatal(sugaredLogger *zap.SugaredLogger) {
sugaredLogger.Fatal(getUntrustedData()) // $zap=call to getUntrustedData
sugaredLogger.Fatal(getUntrustedData()) // $ zap="call to getUntrustedData"
}
func testZapSugaredLoggerFatalf(sugaredLogger *zap.SugaredLogger) {
sugaredLogger.Fatalf(getUntrustedString()) // $zap=call to getUntrustedString
sugaredLogger.Fatalf(getUntrustedString()) // $ zap="call to getUntrustedString"
}
func testZapSugaredLoggerFatalw(sugaredLogger *zap.SugaredLogger) {
sugaredLogger.Fatalw(getUntrustedString()) // $zap=call to getUntrustedString
sugaredLogger.Fatalw(getUntrustedString()) // $ zap="call to getUntrustedString"
}
func testZapSugaredLoggerPanic(sugaredLogger *zap.SugaredLogger) {
sugaredLogger.Panic(getUntrustedData()) // $zap=call to getUntrustedData
sugaredLogger.Panic(getUntrustedData()) // $ zap="call to getUntrustedData"
}
func testZapSugaredLoggerPanicf(sugaredLogger *zap.SugaredLogger) {
sugaredLogger.Panicf(getUntrustedString()) // $zap=call to getUntrustedString
sugaredLogger.Panicf(getUntrustedString()) // $ zap="call to getUntrustedString"
}
func testZapSugaredLoggerPanicw(sugaredLogger *zap.SugaredLogger) {
sugaredLogger.Panicw(getUntrustedString()) // $zap=call to getUntrustedString
sugaredLogger.Panicw(getUntrustedString()) // $ zap="call to getUntrustedString"
}
func testZapSugaredLoggerDebug() {
sugaredLogger := zap.S()
sugaredLogger.Debug(getUntrustedData()) // $zap=call to getUntrustedData
sugaredLogger.Debugf("msg", getUntrustedData()) // $zap=call to getUntrustedData
sugaredLogger.Debugw("msg", "key", getUntrustedData()) // $zap=call to getUntrustedData
sugaredLogger.Debug(getUntrustedData()) // $ zap="call to getUntrustedData"
sugaredLogger.Debugf("msg", getUntrustedData()) // $ zap="call to getUntrustedData"
sugaredLogger.Debugw("msg", "key", getUntrustedData()) // $ zap="call to getUntrustedData"
}
func testZapSugaredLoggerError() {
logger, _ := zap.NewProduction()
sugaredLogger := logger.Sugar()
sugaredLogger.Error(getUntrustedData()) // $zap=call to getUntrustedData
sugaredLogger.Errorf("msg", getUntrustedData()) // $zap=call to getUntrustedData
sugaredLogger.Errorw("msg", "key", getUntrustedData()) // $zap=call to getUntrustedData
sugaredLogger.Error(getUntrustedData()) // $ zap="call to getUntrustedData"
sugaredLogger.Errorf("msg", getUntrustedData()) // $ zap="call to getUntrustedData"
sugaredLogger.Errorw("msg", "key", getUntrustedData()) // $ zap="call to getUntrustedData"
}
func testZapSugaredLoggerInfo() {
logger := zap.NewExample()
sugaredLogger := logger.Sugar()
sugaredLogger.Info(getUntrustedData()) // $zap=call to getUntrustedData
sugaredLogger.Infof("msg", getUntrustedData()) // $zap=call to getUntrustedData
sugaredLogger.Infow("msg", "key", getUntrustedData()) // $zap=call to getUntrustedData
sugaredLogger.Info(getUntrustedData()) // $ zap="call to getUntrustedData"
sugaredLogger.Infof("msg", getUntrustedData()) // $ zap="call to getUntrustedData"
sugaredLogger.Infow("msg", "key", getUntrustedData()) // $ zap="call to getUntrustedData"
}
func testZapSugaredLoggerWarn() {
logger, _ := zap.NewDevelopment()
sugaredLogger := logger.Sugar()
sugaredLogger.Warn(getUntrustedData()) // $zap=call to getUntrustedData
sugaredLogger.Warnf("msg", getUntrustedData()) // $zap=call to getUntrustedData
sugaredLogger.Warnw("msg", "key", getUntrustedData()) // $zap=call to getUntrustedData
sugaredLogger.Warn(getUntrustedData()) // $ zap="call to getUntrustedData"
sugaredLogger.Warnf("msg", getUntrustedData()) // $ zap="call to getUntrustedData"
sugaredLogger.Warnw("msg", "key", getUntrustedData()) // $ zap="call to getUntrustedData"
}
func testZapSugaredLoggerNamed() {
logger := zap.L()
sugaredLogger := logger.Sugar()
sugaredLogger.Named(getUntrustedString()) // $zap=call to getUntrustedString
sugaredLogger.Named(getUntrustedString()) // $ zap="call to getUntrustedString"
sugaredLogger.Info("msg")
}
func testZapSugaredLoggerWith() {
logger := zap.L()
sugaredLogger := logger.Sugar()
sugaredLogger.With("key", getUntrustedData()) // $zap=call to getUntrustedData
sugaredLogger.With("key", getUntrustedData()) // $ zap="call to getUntrustedData"
sugaredLogger.Info("msg")
}