diff --git a/docs/codeql/codeql-language-guides/modeling-data-flow-in-go-libraries.rst b/docs/codeql/codeql-language-guides/modeling-data-flow-in-go-libraries.rst index e8b1880b772..deaed7cf3af 100644 --- a/docs/codeql/codeql-language-guides/modeling-data-flow-in-go-libraries.rst +++ b/docs/codeql/codeql-language-guides/modeling-data-flow-in-go-libraries.rst @@ -15,14 +15,14 @@ Sources ------- To mark a source of data that is controlled by an untrusted user, we -create a class extending ``UntrustedFlowSource::Range``. Inheritance and +create a class extending ``RemoteFlowSource::Range``. Inheritance and the characteristic predicate of the class should be used to specify exactly the dataflow node that introduces the data. Here is a short example from ``Mux.qll``. .. code-block:: ql - class RequestVars extends DataFlow::UntrustedFlowSource::Range, DataFlow::CallNode { + class RequestVars extends DataFlow::RemoteFlowSource::Range, DataFlow::CallNode { RequestVars() { this.getTarget().hasQualifiedName("github.com/gorilla/mux", "Vars") } } diff --git a/go/docs/language/learn-ql/go/library-modeling-go.rst b/go/docs/language/learn-ql/go/library-modeling-go.rst index ef7f50bf7cb..3d63ac14cd7 100644 --- a/go/docs/language/learn-ql/go/library-modeling-go.rst +++ b/go/docs/language/learn-ql/go/library-modeling-go.rst @@ -13,14 +13,14 @@ Sources ------- To mark a source of data that is controlled by an untrusted user, we -create a class extending ``UntrustedFlowSource::Range``. Inheritance and +create a class extending ``RemoteFlowSource::Range``. Inheritance and the characteristic predicate of the class should be used to specify exactly the dataflow node that introduces the data. Here is a short example from ``Mux.qll``. .. code-block:: ql - class RequestVars extends DataFlow::UntrustedFlowSource::Range, DataFlow::CallNode { + class RequestVars extends DataFlow::RemoteFlowSource::Range, DataFlow::CallNode { RequestVars() { this.getTarget().hasQualifiedName("github.com/gorilla/mux", "Vars") } } @@ -119,4 +119,4 @@ Here is a short example from ``Stdlib.qll``, which has been slightly simplified. This has the effect that any call to ``Print``, ``Printf``, or ``Println`` in the package ``fmt`` is recognized as a logger call. Any query that uses logger calls as a sink will then identify when tainted data -has been passed as an argument to ``Print``, ``Printf``, or ``Println``. \ No newline at end of file +has been passed as an argument to ``Print``, ``Printf``, or ``Println``. diff --git a/go/ql/lib/change-notes/2024-04-18-untrustedflowsource-renamed-remoteflowsource.md b/go/ql/lib/change-notes/2024-04-18-untrustedflowsource-renamed-remoteflowsource.md new file mode 100644 index 00000000000..cb3edc34d84 --- /dev/null +++ b/go/ql/lib/change-notes/2024-04-18-untrustedflowsource-renamed-remoteflowsource.md @@ -0,0 +1,5 @@ +--- +category: deprecated +--- +* To make Go consistent with other language libraries, the `UntrustedFlowSource` name has been deprecated throughout. Use `RemoteFlowSource` instead, which replaces it. +* Where modules have classes named `UntrustedFlowAsSource`, these are also deprecated and the `Source` class in the same module or the `RemoteFlowSource` class should be used instead. diff --git a/go/ql/lib/semmle/go/frameworks/AwsLambda.qll b/go/ql/lib/semmle/go/frameworks/AwsLambda.qll index 78ed8306ef3..28f21c9101b 100644 --- a/go/ql/lib/semmle/go/frameworks/AwsLambda.qll +++ b/go/ql/lib/semmle/go/frameworks/AwsLambda.qll @@ -1,12 +1,12 @@ /** - * Provides classes for working with untrusted flow sources, sinks and taint propagators + * Provides classes for working with remote flow sources, sinks and taint propagators * from the `github.com/aws/aws-lambda-go/lambda` package. */ import go /** A source of input data in an AWS Lambda. */ -private class LambdaInput extends UntrustedFlowSource::Range { +private class LambdaInput extends RemoteFlowSource::Range { LambdaInput() { exists(Parameter p | p = this.asParameter() | p = any(HandlerFunction hf).getAParameter() and diff --git a/go/ql/lib/semmle/go/frameworks/Beego.qll b/go/ql/lib/semmle/go/frameworks/Beego.qll index 6d31647c32f..a59e67613ce 100644 --- a/go/ql/lib/semmle/go/frameworks/Beego.qll +++ b/go/ql/lib/semmle/go/frameworks/Beego.qll @@ -1,5 +1,5 @@ /** - * Provides classes for working with untrusted flow sources, sinks and taint propagators + * Provides classes for working with remote flow sources, sinks and taint propagators * from the `github.com/beego/beego` package. */ @@ -9,7 +9,7 @@ private import semmle.go.security.SafeUrlFlowCustomizations // Some TaintTracking::FunctionModel subclasses remain because varargs functions don't work with Models-as-Data sumamries yet. /** - * Provides classes for working with untrusted flow sources, sinks and taint propagators + * Provides classes for working with remote flow sources, sinks and taint propagators * from the [Beego](https://github.com/beego/beego) package. */ module Beego { @@ -50,7 +50,7 @@ module Beego { /** * `BeegoInput` sources of untrusted data. */ - private class BeegoInputSource extends UntrustedFlowSource::Range { + private class BeegoInputSource extends RemoteFlowSource::Range { string methodName; BeegoInputSource() { @@ -81,7 +81,7 @@ module Beego { /** * `beego.Controller` sources of untrusted data. */ - private class BeegoControllerSource extends UntrustedFlowSource::Range { + private class BeegoControllerSource extends RemoteFlowSource::Range { BeegoControllerSource() { exists(string methodName, FunctionOutput output | methodName = "ParseForm" and @@ -105,7 +105,7 @@ module Beego { /** * `BeegoInputRequestBody` sources of untrusted data. */ - private class BeegoInputRequestBodySource extends UntrustedFlowSource::Range { + private class BeegoInputRequestBodySource extends RemoteFlowSource::Range { BeegoInputRequestBodySource() { exists(DataFlow::FieldReadNode frn | this = frn | frn.getField().hasQualifiedName(contextPackagePath(), "BeegoInput", "RequestBody") @@ -116,7 +116,7 @@ module Beego { /** * `beego/context.Context` sources of untrusted data. */ - private class BeegoContextSource extends UntrustedFlowSource::Range { + private class BeegoContextSource extends RemoteFlowSource::Range { BeegoContextSource() { exists(Method m | m.hasQualifiedName(contextPackagePath(), "Context", "GetCookie") | this = m.getACall().getResult() diff --git a/go/ql/lib/semmle/go/frameworks/BeegoOrm.qll b/go/ql/lib/semmle/go/frameworks/BeegoOrm.qll index ca5f7718082..a68a2925634 100644 --- a/go/ql/lib/semmle/go/frameworks/BeegoOrm.qll +++ b/go/ql/lib/semmle/go/frameworks/BeegoOrm.qll @@ -1,5 +1,5 @@ /** - * Provides classes for working with untrusted flow sources, sinks and taint propagators + * Provides classes for working with remote flow sources, sinks and taint propagators * from the `github.com/astaxie/beego/orm` subpackage. */ @@ -7,7 +7,7 @@ import go private import semmle.go.security.StoredXssCustomizations /** - * Provides classes for working with untrusted flow sources, sinks and taint propagators + * Provides classes for working with remote flow sources, sinks and taint propagators * from the [Beego ORM](https://github.com/astaxie/beego/orm) subpackage. */ module BeegoOrm { diff --git a/go/ql/lib/semmle/go/frameworks/Chi.qll b/go/ql/lib/semmle/go/frameworks/Chi.qll index d2dfee90ab0..7185b7713ff 100644 --- a/go/ql/lib/semmle/go/frameworks/Chi.qll +++ b/go/ql/lib/semmle/go/frameworks/Chi.qll @@ -1,5 +1,5 @@ /** - * Provides classes for working with untrusted flow sources from the `github.com/go-chi/chi` package. + * Provides classes for working with remote flow sources from the `github.com/go-chi/chi` package. */ import go @@ -9,18 +9,18 @@ private module Chi { string packagePath() { result = package("github.com/go-chi/chi", "") } /** - * Functions that extract URL parameters, considered as a source of untrusted flow. + * Functions that extract URL parameters, considered as a source of remote flow. */ - private class UserControlledFunction extends UntrustedFlowSource::Range, DataFlow::CallNode { + private class UserControlledFunction extends RemoteFlowSource::Range, DataFlow::CallNode { UserControlledFunction() { this.getTarget().hasQualifiedName(packagePath(), ["URLParam", "URLParamFromCtx"]) } } /** - * Methods that extract URL parameters, considered as a source of untrusted flow. + * Methods that extract URL parameters, considered as a source of remote flow. */ - private class UserControlledRequestMethod extends UntrustedFlowSource::Range, + private class UserControlledRequestMethod extends RemoteFlowSource::Range, DataFlow::MethodCallNode { UserControlledRequestMethod() { diff --git a/go/ql/lib/semmle/go/frameworks/Echo.qll b/go/ql/lib/semmle/go/frameworks/Echo.qll index 13cfc25e891..b27893824c1 100644 --- a/go/ql/lib/semmle/go/frameworks/Echo.qll +++ b/go/ql/lib/semmle/go/frameworks/Echo.qll @@ -1,5 +1,5 @@ /** - * Provides classes for working with untrusted flow sources, taint propagators, and HTTP sinks + * Provides classes for working with remote flow sources, taint propagators, and HTTP sinks * from the `github.com/labstack/echo` package. */ @@ -10,9 +10,9 @@ private module Echo { private string packagePath() { result = package("github.com/labstack/echo", "") } /** - * Data from a `Context` interface method, considered as a source of untrusted flow. + * Data from a `Context` interface method, considered as a source of remote flow. */ - private class EchoContextSource extends UntrustedFlowSource::Range { + private class EchoContextSource extends RemoteFlowSource::Range { EchoContextSource() { exists(DataFlow::MethodCallNode call, string methodName | methodName = @@ -42,7 +42,7 @@ private module Echo { /** * A call to a method on `Context` struct that unmarshals data into a target. */ - private class EchoContextBinder extends UntrustedFlowSource::Range { + private class EchoContextBinder extends RemoteFlowSource::Range { EchoContextBinder() { exists(DataFlow::MethodCallNode call | call.getTarget().hasQualifiedName(packagePath(), "Context", "Bind") diff --git a/go/ql/lib/semmle/go/frameworks/ElazarlGoproxy.qll b/go/ql/lib/semmle/go/frameworks/ElazarlGoproxy.qll index 0cc5fe9505a..007ea56a81c 100644 --- a/go/ql/lib/semmle/go/frameworks/ElazarlGoproxy.qll +++ b/go/ql/lib/semmle/go/frameworks/ElazarlGoproxy.qll @@ -95,7 +95,7 @@ module ElazarlGoproxy { } } - private class UserControlledRequestData extends UntrustedFlowSource::Range { + private class UserControlledRequestData extends RemoteFlowSource::Range { UserControlledRequestData() { exists(DataFlow::FieldReadNode frn | this = frn | // liberally consider ProxyCtx.UserData to be untrusted; it's a data field set by a request handler diff --git a/go/ql/lib/semmle/go/frameworks/Fasthttp.qll b/go/ql/lib/semmle/go/frameworks/Fasthttp.qll index f975b12e98f..86a1bfbdf0c 100644 --- a/go/ql/lib/semmle/go/frameworks/Fasthttp.qll +++ b/go/ql/lib/semmle/go/frameworks/Fasthttp.qll @@ -1,5 +1,5 @@ /** - * Provides classes for working with untrusted flow sources, sinks and taint propagators + * Provides classes for working with remote flow sources, sinks and taint propagators * from the `github.com/valyala/fasthttp` package. */ @@ -255,11 +255,16 @@ module Fasthttp { * Provide modeling for fasthttp.URI Type. */ module URI { + /** + * DEPRECATED: Use `RemoteFlowSource` instead. + */ + deprecated class UntrustedFlowSource = RemoteFlowSource; + /** * The methods as Remote user controllable source which are part of the incoming URL. */ - class UntrustedFlowSource extends UntrustedFlowSource::Range instanceof DataFlow::Node { - UntrustedFlowSource() { + class RemoteFlowSource extends RemoteFlowSource::Range instanceof DataFlow::Node { + RemoteFlowSource() { exists(Method m | m.hasQualifiedName(packagePath(), "URI", ["FullURI", "LastPathSegment", "Path", "PathOriginal", "QueryString", "String"]) and @@ -273,13 +278,18 @@ module Fasthttp { * Provide modeling for fasthttp.Args Type. */ module Args { + /** + * DEPRECATED: Use `RemoteFlowSource` instead. + */ + deprecated class UntrustedFlowSource = RemoteFlowSource; + /** * The methods as Remote user controllable source which are part of the incoming URL Parameters. * * When support for lambdas has been implemented we should model "VisitAll". */ - class UntrustedFlowSource extends UntrustedFlowSource::Range instanceof DataFlow::Node { - UntrustedFlowSource() { + class RemoteFlowSource extends RemoteFlowSource::Range instanceof DataFlow::Node { + RemoteFlowSource() { exists(Method m | m.hasQualifiedName(packagePath(), "Args", ["Peek", "PeekBytes", "PeekMulti", "PeekMultiBytes", "QueryString", "String"]) and @@ -386,11 +396,16 @@ module Fasthttp { * Provide modeling for fasthttp.Request Type. */ module Request { + /** + * DEPRECATED: Use `RemoteFlowSource` instead. + */ + deprecated class UntrustedFlowSource = RemoteFlowSource; + /** * The methods as Remote user controllable source which can be many part of request. */ - class UntrustedFlowSource extends UntrustedFlowSource::Range instanceof DataFlow::Node { - UntrustedFlowSource() { + class RemoteFlowSource extends RemoteFlowSource::Range instanceof DataFlow::Node { + RemoteFlowSource() { exists(Method m | m.hasQualifiedName(packagePath(), "Request", [ @@ -463,13 +478,18 @@ module Fasthttp { override Http::ResponseWriter getResponseWriter() { none() } } + /** + * DEPRECATED: Use `RemoteFlowSource` instead. + */ + deprecated class UntrustedFlowSource = RemoteFlowSource; + /** * The methods as Remote user controllable source which are generally related to HTTP request. * * When support for lambdas has been implemented we should model "VisitAll", "VisitAllCookie", "VisitAllInOrder", "VisitAllTrailer". */ - class UntrustedFlowSource extends UntrustedFlowSource::Range instanceof DataFlow::Node { - UntrustedFlowSource() { + class RemoteFlowSource extends RemoteFlowSource::Range instanceof DataFlow::Node { + RemoteFlowSource() { exists(Method m | m.hasQualifiedName(packagePath(), "RequestCtx", [ @@ -486,13 +506,18 @@ module Fasthttp { * Provide Methods of fasthttp.RequestHeader which mostly used as remote user controlled sources. */ module RequestHeader { + /** + * DEPRECATED: Use `RemoteFlowSource` instead. + */ + deprecated class UntrustedFlowSource = RemoteFlowSource; + /** * The methods as Remote user controllable source which are mostly related to HTTP Request Headers. * * When support for lambdas has been implemented we should model "VisitAll", "VisitAllCookie", "VisitAllInOrder", "VisitAllTrailer". */ - class UntrustedFlowSource extends UntrustedFlowSource::Range instanceof DataFlow::Node { - UntrustedFlowSource() { + class RemoteFlowSource extends RemoteFlowSource::Range instanceof DataFlow::Node { + RemoteFlowSource() { exists(Method m | m.hasQualifiedName(packagePath(), "RequestHeader", [ diff --git a/go/ql/lib/semmle/go/frameworks/Gin.qll b/go/ql/lib/semmle/go/frameworks/Gin.qll index 574b7e16246..986429ead1b 100644 --- a/go/ql/lib/semmle/go/frameworks/Gin.qll +++ b/go/ql/lib/semmle/go/frameworks/Gin.qll @@ -10,9 +10,9 @@ private module Gin { string packagePath() { result = package("github.com/gin-gonic/gin", "") } /** - * Data from a `Context` struct, considered as a source of untrusted flow. + * Data from a `Context` struct, considered as a source of remote flow. */ - private class GithubComGinGonicGinContextSource extends UntrustedFlowSource::Range { + private class GithubComGinGonicGinContextSource extends RemoteFlowSource::Range { GithubComGinGonicGinContextSource() { // Method calls: exists(DataFlow::MethodCallNode call, string methodName | @@ -39,7 +39,7 @@ private module Gin { /** * A call to a method on `Context` struct that unmarshals data into a target. */ - private class GithubComGinGonicGinContextBindSource extends UntrustedFlowSource::Range { + private class GithubComGinGonicGinContextBindSource extends RemoteFlowSource::Range { GithubComGinGonicGinContextBindSource() { exists(DataFlow::MethodCallNode call, string methodName | call.getTarget().hasQualifiedName(packagePath(), "Context", methodName) and diff --git a/go/ql/lib/semmle/go/frameworks/GoKit.qll b/go/ql/lib/semmle/go/frameworks/GoKit.qll index 7150493f88a..e4a9e48d207 100644 --- a/go/ql/lib/semmle/go/frameworks/GoKit.qll +++ b/go/ql/lib/semmle/go/frameworks/GoKit.qll @@ -35,7 +35,7 @@ module GoKit { DataFlow::exprNode(result.(FuncLit)) = getAnEndpointFactoryResult() } - private class EndpointRequest extends UntrustedFlowSource::Range { + private class EndpointRequest extends RemoteFlowSource::Range { EndpointRequest() { this = DataFlow::parameterNode(getAnEndpointFunction().getParameter(1)) } } } diff --git a/go/ql/lib/semmle/go/frameworks/GoMicro.qll b/go/ql/lib/semmle/go/frameworks/GoMicro.qll index de775761c64..55f5bded627 100644 --- a/go/ql/lib/semmle/go/frameworks/GoMicro.qll +++ b/go/ql/lib/semmle/go/frameworks/GoMicro.qll @@ -142,7 +142,7 @@ module GoMicro { /** * A set of remote requests from a service handler. */ - class Request extends UntrustedFlowSource::Range instanceof DataFlow::ParameterNode { + class Request extends RemoteFlowSource::Range instanceof DataFlow::ParameterNode { Request() { exists(ServiceHandler handler | this.asParameter().isParameterOf(handler.getFuncDecl(), 1) and diff --git a/go/ql/lib/semmle/go/frameworks/GoRestfulHttp.qll b/go/ql/lib/semmle/go/frameworks/GoRestfulHttp.qll index ddaf4dde544..cf49d64b431 100644 --- a/go/ql/lib/semmle/go/frameworks/GoRestfulHttp.qll +++ b/go/ql/lib/semmle/go/frameworks/GoRestfulHttp.qll @@ -27,14 +27,14 @@ private module GoRestfulHttp { /** * A model of go-restful's `Request` object as a source of user-controlled data. */ - private class GoRestfulSource extends UntrustedFlowSource::Range { + private class GoRestfulSource extends RemoteFlowSource::Range { GoRestfulSource() { this = any(GoRestfulSourceMethod g).getACall() } } /** * A model of go-restful's `Request.ReadEntity` method as a source of user-controlled data. */ - private class GoRestfulReadEntitySource extends UntrustedFlowSource::Range { + private class GoRestfulReadEntitySource extends RemoteFlowSource::Range { GoRestfulReadEntitySource() { exists(DataFlow::MethodCallNode call | call.getTarget().hasQualifiedName(packagePath(), "Request", "ReadEntity") diff --git a/go/ql/lib/semmle/go/frameworks/Gqlgen.qll b/go/ql/lib/semmle/go/frameworks/Gqlgen.qll index a4c3993d5d4..4edaab46b22 100644 --- a/go/ql/lib/semmle/go/frameworks/Gqlgen.qll +++ b/go/ql/lib/semmle/go/frameworks/Gqlgen.qll @@ -39,7 +39,7 @@ module Gqlgen { } /** A parameter of a resolver method which receives untrusted input. */ - class ResolverParameter extends UntrustedFlowSource::Range instanceof DataFlow::ParameterNode { + class ResolverParameter extends RemoteFlowSource::Range instanceof DataFlow::ParameterNode { ResolverParameter() { this.asParameter() = any(ResolverImplementationMethod h).getAnUntrustedParameter() } diff --git a/go/ql/lib/semmle/go/frameworks/Mux.qll b/go/ql/lib/semmle/go/frameworks/Mux.qll index bca64c17cf6..7931ecee700 100644 --- a/go/ql/lib/semmle/go/frameworks/Mux.qll +++ b/go/ql/lib/semmle/go/frameworks/Mux.qll @@ -9,7 +9,7 @@ import go */ module Mux { /** An access to a Mux middleware variable. */ - class RequestVars extends DataFlow::UntrustedFlowSource::Range, DataFlow::CallNode { + class RequestVars extends DataFlow::RemoteFlowSource::Range, DataFlow::CallNode { RequestVars() { this.getTarget().hasQualifiedName(package("github.com/gorilla/mux", ""), "Vars") } diff --git a/go/ql/lib/semmle/go/frameworks/Revel.qll b/go/ql/lib/semmle/go/frameworks/Revel.qll index c67c4b340ee..d0381f5d11f 100644 --- a/go/ql/lib/semmle/go/frameworks/Revel.qll +++ b/go/ql/lib/semmle/go/frameworks/Revel.qll @@ -1,5 +1,5 @@ /** - * Provides classes for working with untrusted flow sources from the `github.com/revel/revel` package. + * Provides classes for working with remote flow sources from the `github.com/revel/revel` package. */ import go @@ -12,7 +12,7 @@ module Revel { result = package(["github.com/revel", "github.com/robfig"] + "/revel", "") } - private class ControllerParams extends UntrustedFlowSource::Range, DataFlow::FieldReadNode { + private class ControllerParams extends RemoteFlowSource::Range, DataFlow::FieldReadNode { ControllerParams() { exists(Field f | this.readsField(_, f) and @@ -32,7 +32,7 @@ module Revel { } } - private class RouteMatchParams extends UntrustedFlowSource::Range, DataFlow::FieldReadNode { + private class RouteMatchParams extends RemoteFlowSource::Range, DataFlow::FieldReadNode { RouteMatchParams() { exists(Field f | this.readsField(_, f) and @@ -42,9 +42,7 @@ module Revel { } /** An access to an HTTP request field whose value may be controlled by an untrusted user. */ - private class UserControlledRequestField extends UntrustedFlowSource::Range, - DataFlow::FieldReadNode - { + private class UserControlledRequestField extends RemoteFlowSource::Range, DataFlow::FieldReadNode { UserControlledRequestField() { exists(string fieldName | this.getField().hasQualifiedName(packagePath(), "Request", fieldName) @@ -56,7 +54,7 @@ module Revel { } } - private class UserControlledRequestMethod extends UntrustedFlowSource::Range, + private class UserControlledRequestMethod extends RemoteFlowSource::Range, DataFlow::MethodCallNode { UserControlledRequestMethod() { diff --git a/go/ql/lib/semmle/go/frameworks/Twirp.qll b/go/ql/lib/semmle/go/frameworks/Twirp.qll index 03451fcac8d..3efd91eee4d 100644 --- a/go/ql/lib/semmle/go/frameworks/Twirp.qll +++ b/go/ql/lib/semmle/go/frameworks/Twirp.qll @@ -130,7 +130,7 @@ module Twirp { } /** A request coming to the service handler. */ - class Request extends UntrustedFlowSource::Range instanceof DataFlow::ParameterNode { + class Request extends RemoteFlowSource::Range instanceof DataFlow::ParameterNode { Request() { exists(ServiceHandler handler | this.asParameter().isParameterOf(handler.getFuncDecl(), 1) and diff --git a/go/ql/lib/semmle/go/frameworks/WebSocket.qll b/go/ql/lib/semmle/go/frameworks/WebSocket.qll index 44445b538b2..8d201a1f1a1 100644 --- a/go/ql/lib/semmle/go/frameworks/WebSocket.qll +++ b/go/ql/lib/semmle/go/frameworks/WebSocket.qll @@ -127,7 +127,7 @@ module WebSocketRequestCall { /** * A message written to a WebSocket, considered as a flow sink for reflected XSS. */ -class WebSocketReaderAsSource extends UntrustedFlowSource::Range { +class WebSocketReaderAsSource extends RemoteFlowSource::Range { WebSocketReaderAsSource() { exists(WebSocketReader r | this = r.getAnOutput().getNode(r.getACall())) } diff --git a/go/ql/lib/semmle/go/frameworks/stdlib/NetHttp.qll b/go/ql/lib/semmle/go/frameworks/stdlib/NetHttp.qll index c63cf71737b..ecf277e882a 100644 --- a/go/ql/lib/semmle/go/frameworks/stdlib/NetHttp.qll +++ b/go/ql/lib/semmle/go/frameworks/stdlib/NetHttp.qll @@ -9,9 +9,7 @@ private import semmle.go.dataflow.internal.FlowSummaryImpl::Private /** Provides models of commonly used functions in the `net/http` package. */ module NetHttp { /** An access to an HTTP request field whose value may be controlled by an untrusted user. */ - private class UserControlledRequestField extends UntrustedFlowSource::Range, - DataFlow::FieldReadNode - { + private class UserControlledRequestField extends RemoteFlowSource::Range, DataFlow::FieldReadNode { UserControlledRequestField() { exists(string fieldName | this.getField().hasQualifiedName("net/http", "Request", fieldName) | fieldName = diff --git a/go/ql/lib/semmle/go/security/CommandInjectionCustomizations.qll b/go/ql/lib/semmle/go/security/CommandInjectionCustomizations.qll index bab3fab0fc3..978a13b44ed 100644 --- a/go/ql/lib/semmle/go/security/CommandInjectionCustomizations.qll +++ b/go/ql/lib/semmle/go/security/CommandInjectionCustomizations.qll @@ -29,8 +29,13 @@ module CommandInjection { */ abstract class Sanitizer extends DataFlow::Node { } + /** + * DEPRECATED: Use `RemoteFlowSource` or `Source` instead. + */ + deprecated class UntrustedFlowAsSource = RemoteFlowAsSource; + /** A source of untrusted data, considered as a taint source for command injection. */ - class UntrustedFlowAsSource extends Source instanceof UntrustedFlowSource { } + private class RemoteFlowAsSource extends Source instanceof RemoteFlowSource { } /** A command name, considered as a taint sink for command injection. */ class CommandNameAsSink extends Sink { diff --git a/go/ql/lib/semmle/go/security/ExternalAPIs.qll b/go/ql/lib/semmle/go/security/ExternalAPIs.qll index 78b59eca318..f244942506b 100644 --- a/go/ql/lib/semmle/go/security/ExternalAPIs.qll +++ b/go/ql/lib/semmle/go/security/ExternalAPIs.qll @@ -187,13 +187,13 @@ class UnknownExternalApiDataNode extends ExternalApiDataNode { deprecated class UntrustedDataToExternalApiConfig extends TaintTracking::Configuration { UntrustedDataToExternalApiConfig() { this = "UntrustedDataToExternalAPIConfig" } - override predicate isSource(DataFlow::Node source) { source instanceof UntrustedFlowSource } + override predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource } override predicate isSink(DataFlow::Node sink) { sink instanceof ExternalApiDataNode } } private module UntrustedDataConfig implements DataFlow::ConfigSig { - predicate isSource(DataFlow::Node source) { source instanceof UntrustedFlowSource } + predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource } predicate isSink(DataFlow::Node sink) { sink instanceof ExternalApiDataNode } } @@ -211,13 +211,13 @@ module UntrustedDataToExternalApiFlow = DataFlow::Global; deprecated class UntrustedDataToUnknownExternalApiConfig extends TaintTracking::Configuration { UntrustedDataToUnknownExternalApiConfig() { this = "UntrustedDataToUnknownExternalAPIConfig" } - override predicate isSource(DataFlow::Node source) { source instanceof UntrustedFlowSource } + override predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource } override predicate isSink(DataFlow::Node sink) { sink instanceof UnknownExternalApiDataNode } } private module UntrustedDataToUnknownExternalApiConfig implements DataFlow::ConfigSig { - predicate isSource(DataFlow::Node source) { source instanceof UntrustedFlowSource } + predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource } predicate isSink(DataFlow::Node sink) { sink instanceof UnknownExternalApiDataNode } } diff --git a/go/ql/lib/semmle/go/security/FlowSources.qll b/go/ql/lib/semmle/go/security/FlowSources.qll index b4d4c4d3187..6de620c79e4 100644 --- a/go/ql/lib/semmle/go/security/FlowSources.qll +++ b/go/ql/lib/semmle/go/security/FlowSources.qll @@ -5,21 +5,31 @@ import go private import semmle.go.dataflow.ExternalFlow as ExternalFlow +/** + * DEPRECATED: Use `RemoteFlowSource` instead. + */ +deprecated class UntrustedFlowSource = RemoteFlowSource; + /** * A source of data that is controlled by an untrusted user. * * Extend this class to refine existing API models. If you want to model new APIs, - * extend `UntrustedFlowSource::Range` instead. + * extend `RemoteFlowSource::Range` instead. */ -class UntrustedFlowSource extends DataFlow::Node instanceof UntrustedFlowSource::Range { } +class RemoteFlowSource extends DataFlow::Node instanceof RemoteFlowSource::Range { } + +/** + * DEPRECATED: Use `RemoteFlowSource` instead. + */ +deprecated module UntrustedFlowSource = RemoteFlowSource; /** Provides a class for modeling new sources of untrusted data. */ -module UntrustedFlowSource { +module RemoteFlowSource { /** * A source of data that is controlled by an untrusted user. * * Extend this class to model new APIs. If you want to refine existing API models, - * extend `UntrustedFlowSource` instead. + * extend `RemoteFlowSource` instead. */ abstract class Range extends DataFlow::Node { } diff --git a/go/ql/lib/semmle/go/security/LogInjectionCustomizations.qll b/go/ql/lib/semmle/go/security/LogInjectionCustomizations.qll index 0a6885db530..166856be03e 100644 --- a/go/ql/lib/semmle/go/security/LogInjectionCustomizations.qll +++ b/go/ql/lib/semmle/go/security/LogInjectionCustomizations.qll @@ -25,8 +25,13 @@ module LogInjection { */ abstract class Sanitizer extends DataFlow::Node { } + /** + * DEPRECATED: Use `RemoteFlowSource` or `Source` instead. + */ + deprecated class UntrustedFlowAsSource = RemoteFlowAsSource; + /** A source of untrusted data, considered as a taint source for log injection. */ - class UntrustedFlowAsSource extends Source instanceof UntrustedFlowSource { } + private class RemoteFlowAsSource extends Source instanceof RemoteFlowSource { } /** An argument to a logging mechanism. */ class LoggerSink extends Sink { diff --git a/go/ql/lib/semmle/go/security/MissingJwtSignatureCheckCustomizations.qll b/go/ql/lib/semmle/go/security/MissingJwtSignatureCheckCustomizations.qll index 2b048441151..4df1da46278 100644 --- a/go/ql/lib/semmle/go/security/MissingJwtSignatureCheckCustomizations.qll +++ b/go/ql/lib/semmle/go/security/MissingJwtSignatureCheckCustomizations.qll @@ -49,7 +49,7 @@ module MissingJwtSignatureCheck { } } - private class DefaultSource extends Source instanceof UntrustedFlowSource { } + private class DefaultSource extends Source instanceof RemoteFlowSource { } private class DefaultSink extends Sink { DefaultSink() { sinkNode(this, "jwt") } diff --git a/go/ql/lib/semmle/go/security/OpenUrlRedirectCustomizations.qll b/go/ql/lib/semmle/go/security/OpenUrlRedirectCustomizations.qll index 5683b7715f8..06a5013e17e 100644 --- a/go/ql/lib/semmle/go/security/OpenUrlRedirectCustomizations.qll +++ b/go/ql/lib/semmle/go/security/OpenUrlRedirectCustomizations.qll @@ -42,11 +42,16 @@ module OpenUrlRedirect { abstract predicate hasTaintStep(DataFlow::Node pred, DataFlow::Node succ); } + /** + * DEPRECATED: Use `RemoteFlowSource` or `Source` instead. + */ + deprecated class UntrustedFlowAsSource = RemoteFlowAsSource; + /** * A source of third-party user input, considered as a flow source for URL redirects. */ - class UntrustedFlowAsSource extends Source, UntrustedFlowSource { - UntrustedFlowAsSource() { + private class RemoteFlowAsSource extends Source instanceof RemoteFlowSource { + RemoteFlowAsSource() { // exclude some fields and methods of URLs that are generally not attacker-controllable for // open redirect exploits not this instanceof Http::Redirect::UnexploitableSource diff --git a/go/ql/lib/semmle/go/security/ReflectedXssCustomizations.qll b/go/ql/lib/semmle/go/security/ReflectedXssCustomizations.qll index b1c81950a6c..7b897d5d422 100644 --- a/go/ql/lib/semmle/go/security/ReflectedXssCustomizations.qll +++ b/go/ql/lib/semmle/go/security/ReflectedXssCustomizations.qll @@ -34,10 +34,15 @@ module ReflectedXss { } } + /** + * DEPRECATED: Use `RemoteFlowSource` or `Source` instead. + */ + deprecated class UntrustedFlowAsSource = RemoteFlowAsSource; + /** * A third-party controllable input, considered as a flow source for reflected XSS. */ - class UntrustedFlowAsSource extends Source, UntrustedFlowSource { } + private class RemoteFlowAsSource extends Source instanceof RemoteFlowSource { } /** An arbitrary XSS sink, considered as a flow sink for stored XSS. */ private class AnySink extends Sink instanceof SharedXss::Sink { } diff --git a/go/ql/lib/semmle/go/security/RequestForgeryCustomizations.qll b/go/ql/lib/semmle/go/security/RequestForgeryCustomizations.qll index 27a54253372..5fc9fa1fa60 100644 --- a/go/ql/lib/semmle/go/security/RequestForgeryCustomizations.qll +++ b/go/ql/lib/semmle/go/security/RequestForgeryCustomizations.qll @@ -32,10 +32,15 @@ module RequestForgery { /** An outgoing sanitizer edge for request forgery vulnerabilities. */ abstract class SanitizerEdge extends DataFlow::Node { } + /** + * DEPRECATED: Use `RemoteFlowSource` or `Source` instead. + */ + deprecated class UntrustedFlowAsSource = RemoteFlowAsSource; + /** * A third-party controllable input, considered as a flow source for request forgery. */ - class UntrustedFlowAsSource extends Source, UntrustedFlowSource { } + private class RemoteFlowAsSource extends Source instanceof RemoteFlowSource { } /** * The URL of an HTTP request, viewed as a sink for request forgery. diff --git a/go/ql/lib/semmle/go/security/SqlInjectionCustomizations.qll b/go/ql/lib/semmle/go/security/SqlInjectionCustomizations.qll index dcdb9fe5fde..fd4648e224e 100644 --- a/go/ql/lib/semmle/go/security/SqlInjectionCustomizations.qll +++ b/go/ql/lib/semmle/go/security/SqlInjectionCustomizations.qll @@ -25,8 +25,13 @@ module SqlInjection { */ abstract class Sanitizer extends DataFlow::Node { } + /** + * DEPRECATED: Use `RemoteFlowSource` or `Source` instead. + */ + deprecated class UntrustedFlowAsSource = RemoteFlowAsSource; + /** A source of untrusted data, considered as a taint source for SQL injection. */ - class UntrustedFlowAsSource extends Source instanceof UntrustedFlowSource { } + private class RemoteFlowAsSource extends Source instanceof RemoteFlowSource { } /** An SQL string, considered as a taint sink for SQL injection. */ class SqlQueryAsSink extends Sink instanceof SQL::QueryString { } diff --git a/go/ql/lib/semmle/go/security/TaintedPathCustomizations.qll b/go/ql/lib/semmle/go/security/TaintedPathCustomizations.qll index 03fa6c8a0d2..483d1cb90a2 100644 --- a/go/ql/lib/semmle/go/security/TaintedPathCustomizations.qll +++ b/go/ql/lib/semmle/go/security/TaintedPathCustomizations.qll @@ -44,8 +44,13 @@ module TaintedPath { } } + /** + * DEPRECATED: Use `RemoteFlowSource` or `Source` instead. + */ + deprecated class UntrustedFlowAsSource = RemoteFlowAsSource; + /** A source of untrusted data, considered as a taint source for path traversal. */ - class UntrustedFlowAsSource extends Source instanceof UntrustedFlowSource { } + private class RemoteFlowAsSource extends Source instanceof RemoteFlowSource { } /** A path expression, considered as a taint sink for path traversal. */ class PathAsSink extends Sink { diff --git a/go/ql/lib/semmle/go/security/UncontrolledAllocationSizeCustomizations.qll b/go/ql/lib/semmle/go/security/UncontrolledAllocationSizeCustomizations.qll index 1237971dde1..a7b723c1dcc 100644 --- a/go/ql/lib/semmle/go/security/UncontrolledAllocationSizeCustomizations.qll +++ b/go/ql/lib/semmle/go/security/UncontrolledAllocationSizeCustomizations.qll @@ -21,7 +21,7 @@ module UncontrolledAllocationSize { abstract class Sanitizer extends DataFlow::Node { } /** A source of untrusted data, considered as a taint source for uncontrolled size allocation vulnerabilities. */ - private class UntrustedFlowAsSource extends Source instanceof UntrustedFlowSource { } + private class RemoteFlowAsSource extends Source instanceof RemoteFlowSource { } /** The size argument of a memory allocation function. */ private class AllocationSizeAsSink extends Sink instanceof AllocationSizeOverflow::AllocationSize { diff --git a/go/ql/lib/semmle/go/security/XPathInjectionCustomizations.qll b/go/ql/lib/semmle/go/security/XPathInjectionCustomizations.qll index 27d0badd68e..4b91d67719c 100644 --- a/go/ql/lib/semmle/go/security/XPathInjectionCustomizations.qll +++ b/go/ql/lib/semmle/go/security/XPathInjectionCustomizations.qll @@ -24,8 +24,13 @@ module XPathInjection { */ abstract class Sanitizer extends DataFlow::ExprNode { } + /** + * DEPRECATED: Use `RemoteFlowSource` or `Source` instead. + */ + deprecated class UntrustedFlowAsSource = RemoteFlowAsSource; + /** A source of untrusted data, used in an XPath expression. */ - class UntrustedFlowAsSource extends Source instanceof UntrustedFlowSource { } + private class RemoteFlowAsSource extends Source instanceof RemoteFlowSource { } /** An XPath expression string, considered as a taint sink for XPath injection. */ class XPathExpressionStringAsSink extends Sink instanceof XPath::XPathExpressionString { } diff --git a/go/ql/src/Security/CWE-640/EmailInjectionCustomizations.qll b/go/ql/src/Security/CWE-640/EmailInjectionCustomizations.qll index 1e0d4ee7d4c..3ccceb53084 100644 --- a/go/ql/src/Security/CWE-640/EmailInjectionCustomizations.qll +++ b/go/ql/src/Security/CWE-640/EmailInjectionCustomizations.qll @@ -16,8 +16,13 @@ module EmailInjection { */ abstract class Sink extends DataFlow::Node { } + /** + * DEPRECATED: Use `RemoteFlowSource` or `Source` instead. + */ + deprecated class UntrustedFlowSourceAsSource = RemoteFlowSourceAsSource; + /** A source of untrusted data, considered as a taint source for email injection. */ - class UntrustedFlowSourceAsSource extends Source instanceof UntrustedFlowSource { } + private class RemoteFlowSourceAsSource extends Source instanceof RemoteFlowSource { } /** * A data-flow node that becomes part of an email considered as a taint sink for email injection. diff --git a/go/ql/src/experimental/CWE-090/LDAPInjection.qll b/go/ql/src/experimental/CWE-090/LDAPInjection.qll index 483a1987626..3e190313a79 100644 --- a/go/ql/src/experimental/CWE-090/LDAPInjection.qll +++ b/go/ql/src/experimental/CWE-090/LDAPInjection.qll @@ -98,13 +98,13 @@ private class LdapClientDNSink extends LdapSink { /** * DEPRECATED: Use `LdapInjectionFlow` instead. * - * A taint-tracking configuration for reasoning about when an `UntrustedFlowSource` + * A taint-tracking configuration for reasoning about when a `RemoteFlowSource` * flows into an argument or field that is vulnerable to LDAP injection. */ deprecated class LdapInjectionConfiguration extends TaintTracking::Configuration { LdapInjectionConfiguration() { this = "Ldap injection" } - override predicate isSource(DataFlow::Node source) { source instanceof UntrustedFlowSource } + override predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource } override predicate isSink(DataFlow::Node sink) { sink instanceof LdapSink } @@ -112,7 +112,7 @@ deprecated class LdapInjectionConfiguration extends TaintTracking::Configuration } private module LdapInjectionConfig implements DataFlow::ConfigSig { - predicate isSource(DataFlow::Node source) { source instanceof UntrustedFlowSource } + predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource } predicate isSink(DataFlow::Node sink) { sink instanceof LdapSink } @@ -120,7 +120,7 @@ private module LdapInjectionConfig implements DataFlow::ConfigSig { } /** - * Tracks taint flow for reasoning about when an `UntrustedFlowSource` flows + * Tracks taint flow for reasoning about when a `RemoteFlowSource` flows * into an argument or field that is vulnerable to LDAP injection. */ module LdapInjectionFlow = TaintTracking::Global; diff --git a/go/ql/src/experimental/CWE-203/Timing.ql b/go/ql/src/experimental/CWE-203/Timing.ql index 057ff80acfb..0e33ad60658 100644 --- a/go/ql/src/experimental/CWE-203/Timing.ql +++ b/go/ql/src/experimental/CWE-203/Timing.ql @@ -98,7 +98,7 @@ private class SensitiveStringSink extends Sink { module Config implements DataFlow::ConfigSig { predicate isSource(DataFlow::Node source) { - source instanceof UntrustedFlowSource and not isBadResult(source) + source instanceof RemoteFlowSource and not isBadResult(source) } predicate isSink(DataFlow::Node sink) { sink instanceof Sink and not isBadResult(sink) } diff --git a/go/ql/src/experimental/CWE-287/ImproperLdapAuthCustomizations.qll b/go/ql/src/experimental/CWE-287/ImproperLdapAuthCustomizations.qll index a47c1ce29c3..fba59bcb212 100644 --- a/go/ql/src/experimental/CWE-287/ImproperLdapAuthCustomizations.qll +++ b/go/ql/src/experimental/CWE-287/ImproperLdapAuthCustomizations.qll @@ -68,7 +68,7 @@ module ImproperLdapAuth { private module Config implements DataFlow::ConfigSig { predicate isSource(DataFlow::Node source) { - source instanceof UntrustedFlowSource or source instanceof EmptyString + source instanceof RemoteFlowSource or source instanceof EmptyString } predicate isSink(DataFlow::Node sink) { sink instanceof LdapAuthSink } diff --git a/go/ql/src/experimental/CWE-369/DivideByZero.ql b/go/ql/src/experimental/CWE-369/DivideByZero.ql index b7478276f84..ae0eae73a80 100644 --- a/go/ql/src/experimental/CWE-369/DivideByZero.ql +++ b/go/ql/src/experimental/CWE-369/DivideByZero.ql @@ -28,7 +28,7 @@ predicate divideByZeroSanitizerGuard(DataFlow::Node g, Expr e, boolean branch) { } module Config implements DataFlow::ConfigSig { - predicate isSource(DataFlow::Node source) { source instanceof UntrustedFlowSource } + predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource } predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) { exists(Function f, DataFlow::CallNode cn | cn = f.getACall() | diff --git a/go/ql/src/experimental/CWE-74/DsnInjection.ql b/go/ql/src/experimental/CWE-74/DsnInjection.ql index 41e5dd58690..f065cea922d 100644 --- a/go/ql/src/experimental/CWE-74/DsnInjection.ql +++ b/go/ql/src/experimental/CWE-74/DsnInjection.ql @@ -13,8 +13,8 @@ import go import DsnInjectionCustomizations import DsnInjectionFlow::PathGraph -/** An untrusted flow source taken as a source for the `DsnInjection` taint-flow configuration. */ -private class UntrustedFlowAsSource extends Source instanceof UntrustedFlowSource { } +/** A remote flow source taken as a source for the `DsnInjection` taint-flow configuration. */ +private class RemoteFlowAsSource extends Source instanceof RemoteFlowSource { } from DsnInjectionFlow::PathNode source, DsnInjectionFlow::PathNode sink where DsnInjectionFlow::flowPath(source, sink) diff --git a/go/ql/src/experimental/CWE-79/HTMLTemplateEscapingPassthrough.ql b/go/ql/src/experimental/CWE-79/HTMLTemplateEscapingPassthrough.ql index 1471cf3689a..440a64ff446 100644 --- a/go/ql/src/experimental/CWE-79/HTMLTemplateEscapingPassthrough.ql +++ b/go/ql/src/experimental/CWE-79/HTMLTemplateEscapingPassthrough.ql @@ -36,7 +36,7 @@ class PassthroughTypeName extends string { } module UntrustedToPassthroughTypeConversionConfig implements DataFlow::ConfigSig { - predicate isSource(DataFlow::Node source) { source instanceof UntrustedFlowSource } + predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource } additional predicate isSinkToPassthroughType(DataFlow::TypeCastNode sink, PassthroughTypeName name) { exists(Type typ | @@ -53,7 +53,7 @@ module UntrustedToPassthroughTypeConversionConfig implements DataFlow::ConfigSig } /** - * Tracks taint flow for reasoning about when an `UntrustedFlowSource` is + * Tracks taint flow for reasoning about when a `RemoteFlowSource` is * converted into a special "passthrough" type which will not be escaped by the * template generator; this allows the injection of arbitrary content (html, * css, js) into the generated output of the templates. @@ -109,13 +109,13 @@ predicate isSinkToTemplateExec(DataFlow::Node sink, DataFlow::CallNode call) { } module FromUntrustedToTemplateExecutionCallConfig implements DataFlow::ConfigSig { - predicate isSource(DataFlow::Node source) { source instanceof UntrustedFlowSource } + predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource } predicate isSink(DataFlow::Node sink) { isSinkToTemplateExec(sink, _) } } /** - * Tracks taint flow from an `UntrustedFlowSource` into a template executor + * Tracks taint flow from a `RemoteFlowSource` into a template executor * call. */ module FromUntrustedToTemplateExecutionCallFlow = diff --git a/go/ql/src/experimental/CWE-807/SensitiveConditionBypass.qll b/go/ql/src/experimental/CWE-807/SensitiveConditionBypass.qll index ed56ac4af91..9f002e196d1 100644 --- a/go/ql/src/experimental/CWE-807/SensitiveConditionBypass.qll +++ b/go/ql/src/experimental/CWE-807/SensitiveConditionBypass.qll @@ -52,7 +52,7 @@ deprecated class Configuration extends TaintTracking::Configuration { Configuration() { this = "Condtional Expression Check Bypass" } override predicate isSource(DataFlow::Node source) { - source instanceof UntrustedFlowSource + source instanceof RemoteFlowSource or exists(DataFlow::FieldReadNode f | f.getField().hasQualifiedName("net/http", "Request", "Host") @@ -71,7 +71,7 @@ deprecated class Configuration extends TaintTracking::Configuration { private module Config implements DataFlow::ConfigSig { predicate isSource(DataFlow::Node source) { - source instanceof UntrustedFlowSource + source instanceof RemoteFlowSource or exists(DataFlow::FieldReadNode f | f.getField().hasQualifiedName("net/http", "Request", "Host") diff --git a/go/ql/src/experimental/CWE-840/ConditionalBypass.ql b/go/ql/src/experimental/CWE-840/ConditionalBypass.ql index e19fa46f4ca..59de6a5939c 100644 --- a/go/ql/src/experimental/CWE-840/ConditionalBypass.ql +++ b/go/ql/src/experimental/CWE-840/ConditionalBypass.ql @@ -14,7 +14,7 @@ import go module Config implements DataFlow::ConfigSig { predicate isSource(DataFlow::Node source) { - source instanceof UntrustedFlowSource + source instanceof RemoteFlowSource or source = any(Field f | f.hasQualifiedName("net/http", "Request", "Host")).getARead() } diff --git a/go/ql/src/experimental/CWE-918/SSRF.qll b/go/ql/src/experimental/CWE-918/SSRF.qll index e5360bbeba0..e010ba0e522 100644 --- a/go/ql/src/experimental/CWE-918/SSRF.qll +++ b/go/ql/src/experimental/CWE-918/SSRF.qll @@ -87,10 +87,15 @@ module ServerSideRequestForgery { /** An outgoing sanitizer edge for request forgery vulnerabilities. */ abstract class SanitizerEdge extends DataFlow::Node { } + /** + * DEPRECATED: Use `RemoteFlowSource` or `Source` instead. + */ + deprecated class UntrustedFlowAsSource = RemoteFlowAsSource; + /** * An user controlled input, considered as a flow source for request forgery. */ - class UntrustedFlowAsSource extends Source instanceof UntrustedFlowSource { } + private class RemoteFlowAsSource extends Source instanceof RemoteFlowSource { } /** * The URL of an HTTP request, viewed as a sink for request forgery. diff --git a/go/ql/src/experimental/CWE-942/CorsMisconfiguration.ql b/go/ql/src/experimental/CWE-942/CorsMisconfiguration.ql index 1bcf05e214a..8554280837b 100644 --- a/go/ql/src/experimental/CWE-942/CorsMisconfiguration.ql +++ b/go/ql/src/experimental/CWE-942/CorsMisconfiguration.ql @@ -52,7 +52,7 @@ class AllowCredentialsHeaderWrite extends Http::HeaderWrite { } module UntrustedToAllowOriginHeaderConfig implements DataFlow::ConfigSig { - predicate isSource(DataFlow::Node source) { source instanceof UntrustedFlowSource } + predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource } additional predicate isSinkHW(DataFlow::Node sink, AllowOriginHeaderWrite hw) { sink = hw.getValue() @@ -70,7 +70,7 @@ module UntrustedToAllowOriginHeaderConfig implements DataFlow::ConfigSig { } module UntrustedToAllowOriginConfigConfig implements DataFlow::ConfigSig { - predicate isSource(DataFlow::Node source) { source instanceof UntrustedFlowSource } + predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource } additional predicate isSinkWrite(DataFlow::Node sink, GinCors::AllowOriginsWrite w) { sink = w } @@ -78,13 +78,13 @@ module UntrustedToAllowOriginConfigConfig implements DataFlow::ConfigSig { } /** - * Tracks taint flowfor reasoning about when an `UntrustedFlowSource` flows to + * Tracks taint flowfor reasoning about when a `RemoteFlowSource` flows to * a `HeaderWrite` that writes an `Access-Control-Allow-Origin` header's value. */ module UntrustedToAllowOriginHeaderFlow = TaintTracking::Global; /** - * Tracks taint flowfor reasoning about when an `UntrustedFlowSource` flows to + * Tracks taint flowfor reasoning about when a `RemoteFlowSource` flows to * a `AllowOriginsWrite` that writes an `Access-Control-Allow-Origin` header's value. */ module UntrustedToAllowOriginConfigFlow = TaintTracking::Global; @@ -121,7 +121,7 @@ predicate allowCredentialsIsSetToTrue(DataFlow::ExprNode allowOriginHW) { /** * Holds if the provided `allowOriginHW` HeaderWrite's value is set using an - * UntrustedFlowSource. + * RemoteFlowSource. * The `message` parameter is populated with the warning message to be returned by the query. */ predicate flowsFromUntrustedToAllowOrigin(DataFlow::ExprNode allowOriginHW, string message) { @@ -169,7 +169,7 @@ class MapRead extends DataFlow::ElementReadNode { } module FromUntrustedConfig implements DataFlow::ConfigSig { - predicate isSource(DataFlow::Node source) { source instanceof UntrustedFlowSource } + predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource } predicate isSink(DataFlow::Node sink) { isSinkCgn(sink, _) } @@ -208,13 +208,13 @@ module FromUntrustedConfig implements DataFlow::ConfigSig { } /** - * Tracks taint flow for reasoning about when an `UntrustedFlowSource` flows + * Tracks taint flow for reasoning about when a `RemoteFlowSource` flows * somewhere. */ module FromUntrustedFlow = TaintTracking::Global; /** - * Holds if the provided `allowOriginHW` is also destination of a `UntrustedFlowSource`. + * Holds if the provided `allowOriginHW` is also destination of a `RemoteFlowSource`. */ predicate flowsToGuardedByCheckOnUntrusted(DataFlow::ExprNode allowOriginHW) { exists(DataFlow::Node sink, ControlFlow::ConditionGuardNode cgn | diff --git a/go/ql/src/experimental/frameworks/CleverGo.json b/go/ql/src/experimental/frameworks/CleverGo.json index dc8c523fd35..a6574be700c 100644 --- a/go/ql/src/experimental/frameworks/CleverGo.json +++ b/go/ql/src/experimental/frameworks/CleverGo.json @@ -2,8 +2,8 @@ "Name": "CleverGo", "Models": [ { - "Name": "UntrustedSources", - "Kind": "UntrustedFlowSource", + "Name": "RemoteSources", + "Kind": "RemoteFlowSource", "Methods": [ { "Name": "{source:[](Param|Result|Fields|Type)} \u003c- $source", diff --git a/go/ql/src/experimental/frameworks/CleverGo.qll b/go/ql/src/experimental/frameworks/CleverGo.qll index 2433ba4997a..b5e269678cd 100644 --- a/go/ql/src/experimental/frameworks/CleverGo.qll +++ b/go/ql/src/experimental/frameworks/CleverGo.qll @@ -14,10 +14,10 @@ private module CleverGo { } /** - * Provides models of untrusted flow sources. + * Provides models of remote flow sources. */ - private class UntrustedSources extends UntrustedFlowSource::Range { - UntrustedSources() { + private class RemoteSources extends RemoteFlowSource::Range { + RemoteSources() { // Methods on types of package: clevergo.tech/clevergo@v0.5.2 exists(string receiverName, string methodName, Method mtd, FunctionOutput out | this = out.getExitNode(mtd.getACall()) and diff --git a/go/ql/src/experimental/frameworks/DecompressionBombs.qll b/go/ql/src/experimental/frameworks/DecompressionBombs.qll index e1d2cd4ddc9..2e7c9c07857 100644 --- a/go/ql/src/experimental/frameworks/DecompressionBombs.qll +++ b/go/ql/src/experimental/frameworks/DecompressionBombs.qll @@ -4,7 +4,7 @@ import go -class MimeMultipartFileHeader extends UntrustedFlowSource::Range { +class MimeMultipartFileHeader extends RemoteFlowSource::Range { MimeMultipartFileHeader() { exists(DataFlow::FieldReadNode frn | this = frn | frn.getField().hasQualifiedName("mime/multipart", "FileHeader", ["Filename", "Header"]) @@ -29,7 +29,7 @@ module DecompressionBomb { class FlowState = DecompressionBombs::FlowState; predicate isSource(DataFlow::Node source, FlowState state) { - source instanceof UntrustedFlowSource and + source instanceof RemoteFlowSource and state = "" } diff --git a/go/ql/src/experimental/frameworks/Fiber.json b/go/ql/src/experimental/frameworks/Fiber.json index 30549353dc1..27f4f8a9f7c 100644 --- a/go/ql/src/experimental/frameworks/Fiber.json +++ b/go/ql/src/experimental/frameworks/Fiber.json @@ -728,8 +728,8 @@ ] }, { - "Name": "UntrustedFlowSources", - "Kind": "UntrustedFlowSource", + "Name": "RemoteFlowSources", + "Kind": "RemoteFlowSource", "Methods": [ { "Name": "{source:[](Param|Result|Fields|Type)} \u003c- $source", diff --git a/go/ql/src/experimental/frameworks/Fiber.qll b/go/ql/src/experimental/frameworks/Fiber.qll index 27bb9bbcd10..72ea1e37c5a 100644 --- a/go/ql/src/experimental/frameworks/Fiber.qll +++ b/go/ql/src/experimental/frameworks/Fiber.qll @@ -293,10 +293,10 @@ private module Fiber { } /** - * Provides models of untrusted flow sources. + * Provides models of remote flow sources. */ - private class UntrustedFlowSources extends UntrustedFlowSource::Range { - UntrustedFlowSources() { + private class RemoteFlowSources extends RemoteFlowSource::Range { + RemoteFlowSources() { // Methods on types of package: github.com/gofiber/fiber@v1.14.6 exists(string receiverName, string methodName, Method mtd, FunctionOutput out | this = out.getExitNode(mtd.getACall()) and diff --git a/go/ql/test/experimental/frameworks/CleverGo/UntrustedSources.expected b/go/ql/test/experimental/frameworks/CleverGo/RemoteSources.expected similarity index 100% rename from go/ql/test/experimental/frameworks/CleverGo/UntrustedSources.expected rename to go/ql/test/experimental/frameworks/CleverGo/RemoteSources.expected diff --git a/go/ql/test/experimental/frameworks/CleverGo/UntrustedSources.go b/go/ql/test/experimental/frameworks/CleverGo/RemoteSources.go similarity index 61% rename from go/ql/test/experimental/frameworks/CleverGo/UntrustedSources.go rename to go/ql/test/experimental/frameworks/CleverGo/RemoteSources.go index 53451c2a315..d76c2e1542e 100644 --- a/go/ql/test/experimental/frameworks/CleverGo/UntrustedSources.go +++ b/go/ql/test/experimental/frameworks/CleverGo/RemoteSources.go @@ -5,110 +5,110 @@ package main import "clevergo.tech/clevergo" // Package clevergo.tech/clevergo@v0.5.2 -func UntrustedSources_ClevergoTechClevergoV052() { - // Untrusted flow sources from method calls. +func RemoteSources_ClevergoTechClevergoV052() { + // Remote flow sources from method calls. { - // Untrusted flow sources from method calls on clevergo.tech/clevergo.Context. + // Remote flow sources from method calls on clevergo.tech/clevergo.Context. { // func (*Context).BasicAuth() (username string, password string, ok bool) { var receiverContext656 clevergo.Context resultUsername414, resultPassword518, _ := receiverContext656.BasicAuth() - sink(resultUsername414) // $ untrustedFlowSource - sink(resultPassword518) // $ untrustedFlowSource + sink(resultUsername414) // $ remoteFlowSource + sink(resultPassword518) // $ remoteFlowSource } // func (*Context).Decode(v interface{}) (err error) { var receiverContext650 clevergo.Context var paramV784 interface{} receiverContext650.Decode(paramV784) - sink(paramV784) // $ untrustedFlowSource + sink(paramV784) // $ remoteFlowSource } // func (*Context).DefaultQuery(key string, defaultVlue string) string { var receiverContext957 clevergo.Context result520 := receiverContext957.DefaultQuery("", "") - sink(result520) // $ untrustedFlowSource + sink(result520) // $ remoteFlowSource } // func (*Context).FormValue(key string) string { var receiverContext443 clevergo.Context result127 := receiverContext443.FormValue("") - sink(result127) // $ untrustedFlowSource + sink(result127) // $ remoteFlowSource } // func (*Context).GetHeader(name string) string { var receiverContext483 clevergo.Context result989 := receiverContext483.GetHeader("") - sink(result989) // $ untrustedFlowSource + sink(result989) // $ remoteFlowSource } // func (*Context).PostFormValue(key string) string { var receiverContext982 clevergo.Context result417 := receiverContext982.PostFormValue("") - sink(result417) // $ untrustedFlowSource + sink(result417) // $ remoteFlowSource } // func (*Context).QueryParam(key string) string { var receiverContext584 clevergo.Context result991 := receiverContext584.QueryParam("") - sink(result991) // $ untrustedFlowSource + sink(result991) // $ remoteFlowSource } // func (*Context).QueryParams() net/url.Values { var receiverContext881 clevergo.Context result186 := receiverContext881.QueryParams() - sink(result186) // $ untrustedFlowSource + sink(result186) // $ remoteFlowSource } // func (*Context).QueryString() string { var receiverContext284 clevergo.Context result908 := receiverContext284.QueryString() - sink(result908) // $ untrustedFlowSource + sink(result908) // $ remoteFlowSource } } - // Untrusted flow sources from method calls on clevergo.tech/clevergo.Params. + // Remote flow sources from method calls on clevergo.tech/clevergo.Params. { // func (Params).String(name string) string { var receiverParams137 clevergo.Params result494 := receiverParams137.String("") - sink(result494) // $ untrustedFlowSource + sink(result494) // $ remoteFlowSource } } } - // Untrusted flow sources from interface method calls. + // Remote flow sources from interface method calls. { - // Untrusted flow sources from method calls on clevergo.tech/clevergo.Decoder interface. + // Remote flow sources from method calls on clevergo.tech/clevergo.Decoder interface. { // func (Decoder).Decode(req *net/http.Request, v interface{}) error { var receiverDecoder873 clevergo.Decoder var paramV599 interface{} receiverDecoder873.Decode(nil, paramV599) - sink(paramV599) // $ untrustedFlowSource + sink(paramV599) // $ remoteFlowSource } } } - // Untrusted flow sources from struct fields. + // Remote flow sources from struct fields. { - // Untrusted flow sources from clevergo.tech/clevergo.Context struct fields. + // Remote flow sources from clevergo.tech/clevergo.Context struct fields. { structContext409 := new(clevergo.Context) - sink(structContext409.Params) // $ untrustedFlowSource + sink(structContext409.Params) // $ remoteFlowSource } - // Untrusted flow sources from clevergo.tech/clevergo.Param struct fields. + // Remote flow sources from clevergo.tech/clevergo.Param struct fields. { structParam246 := new(clevergo.Param) - sink(structParam246.Key) // $ untrustedFlowSource - sink(structParam246.Value) // $ untrustedFlowSource + sink(structParam246.Key) // $ remoteFlowSource + sink(structParam246.Value) // $ remoteFlowSource } } - // Untrusted flow sources from types. + // Remote flow sources from types. { { var typeParams898 clevergo.Params - sink(typeParams898) // $ untrustedFlowSource + sink(typeParams898) // $ remoteFlowSource } } } diff --git a/go/ql/test/experimental/frameworks/CleverGo/UntrustedSources.ql b/go/ql/test/experimental/frameworks/CleverGo/RemoteSources.ql similarity index 70% rename from go/ql/test/experimental/frameworks/CleverGo/UntrustedSources.ql rename to go/ql/test/experimental/frameworks/CleverGo/RemoteSources.ql index d414451dc21..f99fc2b280d 100644 --- a/go/ql/test/experimental/frameworks/CleverGo/UntrustedSources.ql +++ b/go/ql/test/experimental/frameworks/CleverGo/RemoteSources.ql @@ -2,15 +2,15 @@ import go import TestUtilities.InlineExpectationsTest import experimental.frameworks.CleverGo -module UntrustedFlowSourceTest implements TestSig { - string getARelevantTag() { result = "untrustedFlowSource" } +module RemoteFlowSourceTest implements TestSig { + string getARelevantTag() { result = "remoteFlowSource" } predicate hasActualResult(Location location, string element, string tag, string value) { - tag = "untrustedFlowSource" and + tag = "remoteFlowSource" and exists(DataFlow::CallNode sinkCall, DataFlow::ArgumentNode arg | sinkCall.getCalleeName() = "sink" and arg = sinkCall.getAnArgument() and - arg.getAPredecessor*() instanceof UntrustedFlowSource + arg.getAPredecessor*() instanceof RemoteFlowSource | element = arg.toString() and value = "" and @@ -20,4 +20,4 @@ module UntrustedFlowSourceTest implements TestSig { } } -import MakeTest +import MakeTest diff --git a/go/ql/test/experimental/frameworks/CleverGo/TaintTracking.go b/go/ql/test/experimental/frameworks/CleverGo/TaintTracking.go index f907439ac2a..5a485da7a35 100644 --- a/go/ql/test/experimental/frameworks/CleverGo/TaintTracking.go +++ b/go/ql/test/experimental/frameworks/CleverGo/TaintTracking.go @@ -55,7 +55,7 @@ func TaintTracking_ClevergoTechClevergoV052() { { fromParams396 := source().(clevergo.Params) intoString707 := fromParams396.String("") - sink(intoString707) // $ hasTaintFlow="intoString707" untrustedFlowSource + sink(intoString707) // $ hasTaintFlow="intoString707" remoteFlowSource } } } @@ -69,7 +69,7 @@ func TaintTracking_ClevergoTechClevergoV052() { var intoInterface718 interface{} var mediumObjCQL clevergo.Decoder mediumObjCQL.Decode(fromRequest912, intoInterface718) - sink(intoInterface718) // $ hasTaintFlow="intoInterface718" untrustedFlowSource + sink(intoInterface718) // $ hasTaintFlow="intoInterface718" remoteFlowSource } } // Taint-tracking through method calls on clevergo.tech/clevergo.Renderer interface. diff --git a/go/ql/test/experimental/frameworks/Fiber/UntrustedFlowSources.expected b/go/ql/test/experimental/frameworks/Fiber/RemoteFlowSources.expected similarity index 100% rename from go/ql/test/experimental/frameworks/Fiber/UntrustedFlowSources.expected rename to go/ql/test/experimental/frameworks/Fiber/RemoteFlowSources.expected diff --git a/go/ql/test/experimental/frameworks/Fiber/UntrustedFlowSources.go b/go/ql/test/experimental/frameworks/Fiber/RemoteFlowSources.go similarity index 64% rename from go/ql/test/experimental/frameworks/Fiber/UntrustedFlowSources.go rename to go/ql/test/experimental/frameworks/Fiber/RemoteFlowSources.go index f3178dbaca4..997beddefbf 100644 --- a/go/ql/test/experimental/frameworks/Fiber/UntrustedFlowSources.go +++ b/go/ql/test/experimental/frameworks/Fiber/RemoteFlowSources.go @@ -5,132 +5,132 @@ package main import "github.com/gofiber/fiber" // Package github.com/gofiber/fiber@v1.14.6 -func UntrustedFlowSources_GithubComGofiberFiberV1146() { - // Untrusted flow sources from method calls. +func RemoteFlowSources_GithubComGofiberFiberV1146() { + // Remote flow sources from method calls. { - // Untrusted flow sources from method calls on github.com/gofiber/fiber.Ctx. + // Remote flow sources from method calls on github.com/gofiber/fiber.Ctx. { // func (*Ctx).BaseURL() string { var receiverCtx273 fiber.Ctx result982 := receiverCtx273.BaseURL() - sink(result982) // $ untrustedFlowSource + sink(result982) // $ remoteFlowSource } // func (*Ctx).Body() string { var receiverCtx458 fiber.Ctx result506 := receiverCtx458.Body() - sink(result506) // $ untrustedFlowSource + sink(result506) // $ remoteFlowSource } // func (*Ctx).BodyParser(out interface{}) error { var receiverCtx213 fiber.Ctx var paramOut468 interface{} receiverCtx213.BodyParser(paramOut468) - sink(paramOut468) // $ untrustedFlowSource + sink(paramOut468) // $ remoteFlowSource } // func (*Ctx).Cookies(key string, defaultValue ...string) string { var receiverCtx219 fiber.Ctx result265 := receiverCtx219.Cookies("", "") - sink(result265) // $ untrustedFlowSource + sink(result265) // $ remoteFlowSource } // func (*Ctx).FormFile(key string) (*mime/multipart.FileHeader, error) { var receiverCtx971 fiber.Ctx result320, _ := receiverCtx971.FormFile("") - sink(result320) // $ untrustedFlowSource + sink(result320) // $ remoteFlowSource } // func (*Ctx).FormValue(key string) (value string) { var receiverCtx545 fiber.Ctx resultValue566 := receiverCtx545.FormValue("") - sink(resultValue566) // $ untrustedFlowSource + sink(resultValue566) // $ remoteFlowSource } // func (*Ctx).Get(key string, defaultValue ...string) string { var receiverCtx497 fiber.Ctx result274 := receiverCtx497.Get("", "") - sink(result274) // $ untrustedFlowSource + sink(result274) // $ remoteFlowSource } // func (*Ctx).Hostname() string { var receiverCtx783 fiber.Ctx result905 := receiverCtx783.Hostname() - sink(result905) // $ untrustedFlowSource + sink(result905) // $ remoteFlowSource } // func (*Ctx).Method(override ...string) string { var receiverCtx389 fiber.Ctx result198 := receiverCtx389.Method("") - sink(result198) // $ untrustedFlowSource + sink(result198) // $ remoteFlowSource } // func (*Ctx).MultipartForm() (*mime/multipart.Form, error) { var receiverCtx477 fiber.Ctx result544, _ := receiverCtx477.MultipartForm() - sink(result544) // $ untrustedFlowSource + sink(result544) // $ remoteFlowSource } // func (*Ctx).OriginalURL() string { var receiverCtx382 fiber.Ctx result715 := receiverCtx382.OriginalURL() - sink(result715) // $ untrustedFlowSource + sink(result715) // $ remoteFlowSource } // func (*Ctx).Params(key string, defaultValue ...string) string { var receiverCtx179 fiber.Ctx result366 := receiverCtx179.Params("", "") - sink(result366) // $ untrustedFlowSource + sink(result366) // $ remoteFlowSource } // func (*Ctx).Path(override ...string) string { var receiverCtx648 fiber.Ctx result544 := receiverCtx648.Path("") - sink(result544) // $ untrustedFlowSource + sink(result544) // $ remoteFlowSource } // func (*Ctx).Query(key string, defaultValue ...string) string { var receiverCtx754 fiber.Ctx result680 := receiverCtx754.Query("", "") - sink(result680) // $ untrustedFlowSource + sink(result680) // $ remoteFlowSource } // func (*Ctx).QueryParser(out interface{}) error { var receiverCtx722 fiber.Ctx var paramOut506 interface{} receiverCtx722.QueryParser(paramOut506) - sink(paramOut506) // $ untrustedFlowSource + sink(paramOut506) // $ remoteFlowSource } // func (*Ctx).Range(size int) (rangeData Range, err error) { var receiverCtx121 fiber.Ctx resultRangeData293, _ := receiverCtx121.Range(0) - sink(resultRangeData293) // $ untrustedFlowSource + sink(resultRangeData293) // $ remoteFlowSource } // func (*Ctx).Subdomains(offset ...int) []string { var receiverCtx151 fiber.Ctx result849 := receiverCtx151.Subdomains(0) - sink(result849) // $ untrustedFlowSource + sink(result849) // $ remoteFlowSource } } } - // Untrusted flow sources from struct fields. + // Remote flow sources from struct fields. { - // Untrusted flow sources from github.com/gofiber/fiber.Cookie struct fields. + // Remote flow sources from github.com/gofiber/fiber.Cookie struct fields. { structCookie322 := new(fiber.Cookie) - sink(structCookie322.Domain) // $ untrustedFlowSource - sink(structCookie322.Name) // $ untrustedFlowSource - sink(structCookie322.Path) // $ untrustedFlowSource - sink(structCookie322.SameSite) // $ untrustedFlowSource - sink(structCookie322.Value) // $ untrustedFlowSource + sink(structCookie322.Domain) // $ remoteFlowSource + sink(structCookie322.Name) // $ remoteFlowSource + sink(structCookie322.Path) // $ remoteFlowSource + sink(structCookie322.SameSite) // $ remoteFlowSource + sink(structCookie322.Value) // $ remoteFlowSource } - // Untrusted flow sources from github.com/gofiber/fiber.Error struct fields. + // Remote flow sources from github.com/gofiber/fiber.Error struct fields. { structError339 := new(fiber.Error) - sink(structError339.Message) // $ untrustedFlowSource + sink(structError339.Message) // $ remoteFlowSource } } } diff --git a/go/ql/test/experimental/frameworks/Fiber/UntrustedFlowSources.ql b/go/ql/test/experimental/frameworks/Fiber/RemoteFlowSources.ql similarity index 69% rename from go/ql/test/experimental/frameworks/Fiber/UntrustedFlowSources.ql rename to go/ql/test/experimental/frameworks/Fiber/RemoteFlowSources.ql index 4964c900207..b537c729236 100644 --- a/go/ql/test/experimental/frameworks/Fiber/UntrustedFlowSources.ql +++ b/go/ql/test/experimental/frameworks/Fiber/RemoteFlowSources.ql @@ -2,15 +2,15 @@ import go import TestUtilities.InlineExpectationsTest import experimental.frameworks.Fiber -module UntrustedFlowSourceTest implements TestSig { - string getARelevantTag() { result = "untrustedFlowSource" } +module RemoteFlowSourceTest implements TestSig { + string getARelevantTag() { result = "remoteFlowSource" } predicate hasActualResult(Location location, string element, string tag, string value) { - tag = "untrustedFlowSource" and + tag = "remoteFlowSource" and exists(DataFlow::CallNode sinkCall, DataFlow::ArgumentNode arg | sinkCall.getCalleeName() = "sink" and arg = sinkCall.getAnArgument() and - arg.getAPredecessor*() instanceof UntrustedFlowSource + arg.getAPredecessor*() instanceof RemoteFlowSource | element = arg.toString() and value = "" and @@ -20,4 +20,4 @@ module UntrustedFlowSourceTest implements TestSig { } } -import MakeTest +import MakeTest diff --git a/go/ql/test/library-tests/semmle/go/concepts/HTTP/UntrustedFlowSources.expected b/go/ql/test/library-tests/semmle/go/concepts/HTTP/RemoteFlowSources.expected similarity index 100% rename from go/ql/test/library-tests/semmle/go/concepts/HTTP/UntrustedFlowSources.expected rename to go/ql/test/library-tests/semmle/go/concepts/HTTP/RemoteFlowSources.expected diff --git a/go/ql/test/library-tests/semmle/go/concepts/HTTP/RemoteFlowSources.ql b/go/ql/test/library-tests/semmle/go/concepts/HTTP/RemoteFlowSources.ql new file mode 100644 index 00000000000..d56a98686e0 --- /dev/null +++ b/go/ql/test/library-tests/semmle/go/concepts/HTTP/RemoteFlowSources.ql @@ -0,0 +1,3 @@ +import go + +select any(RemoteFlowSource ufs) diff --git a/go/ql/test/library-tests/semmle/go/concepts/HTTP/UntrustedFlowSources.ql b/go/ql/test/library-tests/semmle/go/concepts/HTTP/UntrustedFlowSources.ql deleted file mode 100644 index 0715d64f8e2..00000000000 --- a/go/ql/test/library-tests/semmle/go/concepts/HTTP/UntrustedFlowSources.ql +++ /dev/null @@ -1,3 +0,0 @@ -import go - -select any(UntrustedFlowSource ufs) diff --git a/go/ql/test/library-tests/semmle/go/dataflow/DefaultTaintSanitizer/DefaultSanitizer.ql b/go/ql/test/library-tests/semmle/go/dataflow/DefaultTaintSanitizer/DefaultSanitizer.ql index fe31123365e..3fb3ceda940 100644 --- a/go/ql/test/library-tests/semmle/go/dataflow/DefaultTaintSanitizer/DefaultSanitizer.ql +++ b/go/ql/test/library-tests/semmle/go/dataflow/DefaultTaintSanitizer/DefaultSanitizer.ql @@ -6,7 +6,7 @@ import go module Config implements DataFlow::ConfigSig { - predicate isSource(DataFlow::Node n) { n instanceof UntrustedFlowSource } + predicate isSource(DataFlow::Node n) { n instanceof RemoteFlowSource } predicate isSink(DataFlow::Node n) { any(ReturnStmt s).getAnExpr() = n.asExpr() } } diff --git a/go/ql/test/library-tests/semmle/go/frameworks/AwsLambda/test.ql b/go/ql/test/library-tests/semmle/go/frameworks/AwsLambda/test.ql index a89a0d77501..20f788ef4d1 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/AwsLambda/test.ql +++ b/go/ql/test/library-tests/semmle/go/frameworks/AwsLambda/test.ql @@ -2,7 +2,7 @@ import go import TestUtilities.InlineFlowTest module Config implements DataFlow::ConfigSig { - predicate isSource(DataFlow::Node source) { source instanceof UntrustedFlowSource } + predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource } predicate isSink(DataFlow::Node sink) { exists(Function fn | fn.hasQualifiedName(_, "sink") | sink = fn.getACall().getAnArgument()) diff --git a/go/ql/test/library-tests/semmle/go/frameworks/ElazarlGoproxy/main.go b/go/ql/test/library-tests/semmle/go/frameworks/ElazarlGoproxy/main.go index f7287c351e0..cdc9dfc8c9f 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/ElazarlGoproxy/main.go +++ b/go/ql/test/library-tests/semmle/go/frameworks/ElazarlGoproxy/main.go @@ -11,7 +11,7 @@ import ( ) func handler(r *http.Request, ctx *goproxy.ProxyCtx) (*http.Request, *http.Response) { - data := ctx.UserData // $ untrustedflowsource="selection of UserData" + data := ctx.UserData // $ remoteflowsource="selection of UserData" // note no content type result here because we don't seem to extract the value of `ContentTypeHtml` return r, goproxy.NewResponse(r, goproxy.ContentTypeHtml, http.StatusForbidden, fmt.Sprintf("Bad request: %v", data)) // $ headerwrite=status:403 diff --git a/go/ql/test/library-tests/semmle/go/frameworks/ElazarlGoproxy/test.ql b/go/ql/test/library-tests/semmle/go/frameworks/ElazarlGoproxy/test.ql index 2ffca8a692a..1003a5a9541 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/ElazarlGoproxy/test.ql +++ b/go/ql/test/library-tests/semmle/go/frameworks/ElazarlGoproxy/test.ql @@ -1,13 +1,13 @@ import go import TestUtilities.InlineExpectationsTest -module UntrustedFlowSourceTest implements TestSig { - string getARelevantTag() { result = "untrustedflowsource" } +module RemoteFlowSourceTest implements TestSig { + string getARelevantTag() { result = "remoteflowsource" } predicate hasActualResult(Location location, string element, string tag, string value) { - tag = "untrustedflowsource" and + tag = "remoteflowsource" and value = element and - exists(UntrustedFlowSource src | value = "\"" + src.toString() + "\"" | + exists(RemoteFlowSource src | value = "\"" + src.toString() + "\"" | src.hasLocationInfo(location.getFile().getAbsolutePath(), location.getStartLine(), location.getStartColumn(), location.getEndLine(), location.getEndColumn()) ) @@ -70,4 +70,4 @@ module TaintFlow implements TestSig { } } -import MakeTest> +import MakeTest> diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Encoding/jsoniter.ql b/go/ql/test/library-tests/semmle/go/frameworks/Encoding/jsoniter.ql index 12604046b15..3532a02a54f 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Encoding/jsoniter.ql +++ b/go/ql/test/library-tests/semmle/go/frameworks/Encoding/jsoniter.ql @@ -6,8 +6,8 @@ class UntrustedFunction extends Function { UntrustedFunction() { this.getName() = ["getUntrustedString", "getUntrustedBytes"] } } -class UntrustedSource extends DataFlow::Node, UntrustedFlowSource::Range { - UntrustedSource() { this = any(UntrustedFunction f).getACall() } +class RemoteSource extends DataFlow::Node, RemoteFlowSource::Range { + RemoteSource() { this = any(UntrustedFunction f).getACall() } } from CommandInjection::Flow::PathNode source, CommandInjection::Flow::PathNode sink diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Fasthttp/UntrustedRemoteFlowSource.expected b/go/ql/test/library-tests/semmle/go/frameworks/Fasthttp/RemoteFlowSources.expected similarity index 100% rename from go/ql/test/library-tests/semmle/go/frameworks/Fasthttp/UntrustedRemoteFlowSource.expected rename to go/ql/test/library-tests/semmle/go/frameworks/Fasthttp/RemoteFlowSources.expected diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Fasthttp/UntrustedRemoteFlowSource.ql b/go/ql/test/library-tests/semmle/go/frameworks/Fasthttp/RemoteFlowSources.ql similarity index 79% rename from go/ql/test/library-tests/semmle/go/frameworks/Fasthttp/UntrustedRemoteFlowSource.ql rename to go/ql/test/library-tests/semmle/go/frameworks/Fasthttp/RemoteFlowSources.ql index f168631a444..60b62f2bbf4 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Fasthttp/UntrustedRemoteFlowSource.ql +++ b/go/ql/test/library-tests/semmle/go/frameworks/Fasthttp/RemoteFlowSources.ql @@ -2,16 +2,16 @@ import go import TestUtilities.InlineExpectationsTest module FasthttpTest implements TestSig { - string getARelevantTag() { result = "UntrustedFlowSource" } + string getARelevantTag() { result = "RemoteFlowSource" } predicate hasActualResult(Location location, string element, string tag, string value) { - exists(UntrustedFlowSource source | + exists(RemoteFlowSource source | source .hasLocationInfo(location.getFile().getAbsolutePath(), location.getStartLine(), location.getStartColumn(), location.getEndLine(), location.getEndColumn()) and element = source.toString() and value = "\"" + source.toString() + "\"" and - tag = "UntrustedFlowSource" + tag = "RemoteFlowSource" ) } } diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Fasthttp/fasthttp.go b/go/ql/test/library-tests/semmle/go/frameworks/Fasthttp/fasthttp.go index 57f5b7f607e..e6862993f97 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Fasthttp/fasthttp.go +++ b/go/ql/test/library-tests/semmle/go/frameworks/Fasthttp/fasthttp.go @@ -96,7 +96,7 @@ func main() { func fasthttpServer() { ln, _ := net.Listen("tcp4", "127.0.0.1:8080") requestHandler := func(requestCtx *fasthttp.RequestCtx) { - filePath := requestCtx.QueryArgs().Peek("filePath") // $ UntrustedFlowSource="call to Peek" + filePath := requestCtx.QueryArgs().Peek("filePath") // $ RemoteFlowSource="call to Peek" // File System Access filePath_string := string(filePath) _ = requestCtx.Response.SendFile(filePath_string) // $ FileSystemAccess=filePath_string @@ -112,67 +112,67 @@ func fasthttpServer() { dstReader := &bufio.Reader{} // user controlled methods as source requestHeader := &fasthttp.RequestHeader{} - requestHeader.Header() // $ UntrustedFlowSource="call to Header" - requestHeader.TrailerHeader() // $ UntrustedFlowSource="call to TrailerHeader" - requestHeader.String() // $ UntrustedFlowSource="call to String" - requestHeader.RequestURI() // $ UntrustedFlowSource="call to RequestURI" - requestHeader.Host() // $ UntrustedFlowSource="call to Host" - requestHeader.UserAgent() // $ UntrustedFlowSource="call to UserAgent" - requestHeader.ContentEncoding() // $ UntrustedFlowSource="call to ContentEncoding" - requestHeader.ContentType() // $ UntrustedFlowSource="call to ContentType" - requestHeader.Cookie("ACookie") // $ UntrustedFlowSource="call to Cookie" - requestHeader.CookieBytes([]byte("ACookie")) // $ UntrustedFlowSource="call to CookieBytes" - requestHeader.MultipartFormBoundary() // $ UntrustedFlowSource="call to MultipartFormBoundary" - requestHeader.Peek("AHeaderName") // $ UntrustedFlowSource="call to Peek" - requestHeader.PeekAll("AHeaderName") // $ UntrustedFlowSource="call to PeekAll" - requestHeader.PeekBytes([]byte("AHeaderName")) // $ UntrustedFlowSource="call to PeekBytes" - requestHeader.PeekKeys() // $ UntrustedFlowSource="call to PeekKeys" - requestHeader.PeekTrailerKeys() // $ UntrustedFlowSource="call to PeekTrailerKeys" - requestHeader.Referer() // $ UntrustedFlowSource="call to Referer" - requestHeader.RawHeaders() // $ UntrustedFlowSource="call to RawHeaders" + requestHeader.Header() // $ RemoteFlowSource="call to Header" + requestHeader.TrailerHeader() // $ RemoteFlowSource="call to TrailerHeader" + requestHeader.String() // $ RemoteFlowSource="call to String" + requestHeader.RequestURI() // $ RemoteFlowSource="call to RequestURI" + requestHeader.Host() // $ RemoteFlowSource="call to Host" + requestHeader.UserAgent() // $ RemoteFlowSource="call to UserAgent" + requestHeader.ContentEncoding() // $ RemoteFlowSource="call to ContentEncoding" + requestHeader.ContentType() // $ RemoteFlowSource="call to ContentType" + requestHeader.Cookie("ACookie") // $ RemoteFlowSource="call to Cookie" + requestHeader.CookieBytes([]byte("ACookie")) // $ RemoteFlowSource="call to CookieBytes" + requestHeader.MultipartFormBoundary() // $ RemoteFlowSource="call to MultipartFormBoundary" + requestHeader.Peek("AHeaderName") // $ RemoteFlowSource="call to Peek" + requestHeader.PeekAll("AHeaderName") // $ RemoteFlowSource="call to PeekAll" + requestHeader.PeekBytes([]byte("AHeaderName")) // $ RemoteFlowSource="call to PeekBytes" + requestHeader.PeekKeys() // $ RemoteFlowSource="call to PeekKeys" + requestHeader.PeekTrailerKeys() // $ RemoteFlowSource="call to PeekTrailerKeys" + requestHeader.Referer() // $ RemoteFlowSource="call to Referer" + requestHeader.RawHeaders() // $ RemoteFlowSource="call to RawHeaders" // multipart.Form is already implemented // requestCtx.MultipartForm() - requestCtx.URI().Path() // $ UntrustedFlowSource="call to Path" - requestCtx.URI().PathOriginal() // $ UntrustedFlowSource="call to PathOriginal" - requestCtx.URI().FullURI() // $ UntrustedFlowSource="call to FullURI" - requestCtx.URI().LastPathSegment() // $ UntrustedFlowSource="call to LastPathSegment" - requestCtx.URI().QueryString() // $ UntrustedFlowSource="call to QueryString" - requestCtx.URI().String() // $ UntrustedFlowSource="call to String" + requestCtx.URI().Path() // $ RemoteFlowSource="call to Path" + requestCtx.URI().PathOriginal() // $ RemoteFlowSource="call to PathOriginal" + requestCtx.URI().FullURI() // $ RemoteFlowSource="call to FullURI" + requestCtx.URI().LastPathSegment() // $ RemoteFlowSource="call to LastPathSegment" + requestCtx.URI().QueryString() // $ RemoteFlowSource="call to QueryString" + requestCtx.URI().String() // $ RemoteFlowSource="call to String" //or requestCtx.PostArgs() - requestCtx.URI().QueryArgs().Peek("arg1") // $ UntrustedFlowSource="call to Peek" - requestCtx.URI().QueryArgs().PeekBytes([]byte("arg1")) // $ UntrustedFlowSource="call to PeekBytes" - requestCtx.URI().QueryArgs().PeekMulti("arg1") // $ UntrustedFlowSource="call to PeekMulti" - requestCtx.URI().QueryArgs().PeekMultiBytes([]byte("arg1")) // $ UntrustedFlowSource="call to PeekMultiBytes" - requestCtx.URI().QueryArgs().QueryString() // $ UntrustedFlowSource="call to QueryString" - requestCtx.URI().QueryArgs().String() // $ UntrustedFlowSource="call to String" - requestCtx.String() // $ UntrustedFlowSource="call to String" + requestCtx.URI().QueryArgs().Peek("arg1") // $ RemoteFlowSource="call to Peek" + requestCtx.URI().QueryArgs().PeekBytes([]byte("arg1")) // $ RemoteFlowSource="call to PeekBytes" + requestCtx.URI().QueryArgs().PeekMulti("arg1") // $ RemoteFlowSource="call to PeekMulti" + requestCtx.URI().QueryArgs().PeekMultiBytes([]byte("arg1")) // $ RemoteFlowSource="call to PeekMultiBytes" + requestCtx.URI().QueryArgs().QueryString() // $ RemoteFlowSource="call to QueryString" + requestCtx.URI().QueryArgs().String() // $ RemoteFlowSource="call to String" + requestCtx.String() // $ RemoteFlowSource="call to String" - requestCtx.Path() // $ UntrustedFlowSource="call to Path" + requestCtx.Path() // $ RemoteFlowSource="call to Path" // multipart.Form is already implemented // requestCtx.FormFile("FileName") // requestCtx.FormValue("ValueName") - requestCtx.Referer() // $ UntrustedFlowSource="call to Referer" - requestCtx.PostBody() // $ UntrustedFlowSource="call to PostBody" - requestCtx.RequestBodyStream() // $ UntrustedFlowSource="call to RequestBodyStream" - requestCtx.RequestURI() // $ UntrustedFlowSource="call to RequestURI" - requestCtx.UserAgent() // $ UntrustedFlowSource="call to UserAgent" - requestCtx.Host() // $ UntrustedFlowSource="call to Host" + requestCtx.Referer() // $ RemoteFlowSource="call to Referer" + requestCtx.PostBody() // $ RemoteFlowSource="call to PostBody" + requestCtx.RequestBodyStream() // $ RemoteFlowSource="call to RequestBodyStream" + requestCtx.RequestURI() // $ RemoteFlowSource="call to RequestURI" + requestCtx.UserAgent() // $ RemoteFlowSource="call to UserAgent" + requestCtx.Host() // $ RemoteFlowSource="call to Host" - requestCtx.Request.Host() // $ UntrustedFlowSource="call to Host" - requestCtx.Request.Body() // $ UntrustedFlowSource="call to Body" - requestCtx.Request.RequestURI() // $ UntrustedFlowSource="call to RequestURI" - body1, _ := requestCtx.Request.BodyGunzip() // $ UntrustedFlowSource="... := ...[0]" - body2, _ := requestCtx.Request.BodyInflate() // $ UntrustedFlowSource="... := ...[0]" - body3, _ := requestCtx.Request.BodyUnbrotli() // $ UntrustedFlowSource="... := ...[0]" - body4, _ := requestCtx.Request.BodyUncompressed() // $ UntrustedFlowSource="... := ...[0]" + requestCtx.Request.Host() // $ RemoteFlowSource="call to Host" + requestCtx.Request.Body() // $ RemoteFlowSource="call to Body" + requestCtx.Request.RequestURI() // $ RemoteFlowSource="call to RequestURI" + body1, _ := requestCtx.Request.BodyGunzip() // $ RemoteFlowSource="... := ...[0]" + body2, _ := requestCtx.Request.BodyInflate() // $ RemoteFlowSource="... := ...[0]" + body3, _ := requestCtx.Request.BodyUnbrotli() // $ RemoteFlowSource="... := ...[0]" + body4, _ := requestCtx.Request.BodyUncompressed() // $ RemoteFlowSource="... := ...[0]" fmt.Println(body1, body2, body3, body4) - requestCtx.Request.BodyStream() // $ UntrustedFlowSource="call to BodyStream" + requestCtx.Request.BodyStream() // $ RemoteFlowSource="call to BodyStream" - requestCtx.Request.ReadBody(dstReader, 100, 1000) // $ UntrustedFlowSource="dstReader" - requestCtx.Request.ReadLimitBody(dstReader, 100) // $ UntrustedFlowSource="dstReader" - requestCtx.Request.ContinueReadBodyStream(dstReader, 100, true) // $ UntrustedFlowSource="dstReader" - requestCtx.Request.ContinueReadBody(dstReader, 100) // $ UntrustedFlowSource="dstReader" + requestCtx.Request.ReadBody(dstReader, 100, 1000) // $ RemoteFlowSource="dstReader" + requestCtx.Request.ReadLimitBody(dstReader, 100) // $ RemoteFlowSource="dstReader" + requestCtx.Request.ContinueReadBodyStream(dstReader, 100, true) // $ RemoteFlowSource="dstReader" + requestCtx.Request.ContinueReadBody(dstReader, 100) // $ RemoteFlowSource="dstReader" // Response methods // Xss Sinks Related method diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Gin/Gin.ql b/go/ql/test/library-tests/semmle/go/frameworks/Gin/Gin.ql index 100c3a8edc3..49973fe64ba 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Gin/Gin.ql +++ b/go/ql/test/library-tests/semmle/go/frameworks/Gin/Gin.ql @@ -1,3 +1,3 @@ import go -select any(UntrustedFlowSource src) +select any(RemoteFlowSource src) diff --git a/go/ql/test/library-tests/semmle/go/frameworks/GoKit/untrustedflowsource.expected b/go/ql/test/library-tests/semmle/go/frameworks/GoKit/RemoteFlowSources.expected similarity index 100% rename from go/ql/test/library-tests/semmle/go/frameworks/GoKit/untrustedflowsource.expected rename to go/ql/test/library-tests/semmle/go/frameworks/GoKit/RemoteFlowSources.expected diff --git a/go/ql/test/library-tests/semmle/go/frameworks/GoKit/untrustedflowsource.ql b/go/ql/test/library-tests/semmle/go/frameworks/GoKit/RemoteFlowSources.ql similarity index 79% rename from go/ql/test/library-tests/semmle/go/frameworks/GoKit/untrustedflowsource.ql rename to go/ql/test/library-tests/semmle/go/frameworks/GoKit/RemoteFlowSources.ql index a0320b7909e..fbc5bb8e173 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/GoKit/untrustedflowsource.ql +++ b/go/ql/test/library-tests/semmle/go/frameworks/GoKit/RemoteFlowSources.ql @@ -1,11 +1,11 @@ import go import TestUtilities.InlineExpectationsTest -module UntrustedFlowSourceTest implements TestSig { +module RemoteFlowSourceTest implements TestSig { string getARelevantTag() { result = "source" } predicate hasActualResult(Location location, string element, string tag, string value) { - exists(UntrustedFlowSource source | + exists(RemoteFlowSource source | source .hasLocationInfo(location.getFile().getAbsolutePath(), location.getStartLine(), location.getStartColumn(), location.getEndLine(), location.getEndColumn()) and @@ -16,4 +16,4 @@ module UntrustedFlowSourceTest implements TestSig { } } -import MakeTest +import MakeTest diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Macaron/Sources.ql b/go/ql/test/library-tests/semmle/go/frameworks/Macaron/Sources.ql index 710ac89a1de..5d201034133 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Macaron/Sources.ql +++ b/go/ql/test/library-tests/semmle/go/frameworks/Macaron/Sources.ql @@ -1,18 +1,18 @@ import go import TestUtilities.InlineExpectationsTest -module UntrustedFlowSourceTest implements TestSig { - string getARelevantTag() { result = "UntrustedFlowSource" } +module RemoteFlowSourceTest implements TestSig { + string getARelevantTag() { result = "RemoteFlowSource" } predicate hasActualResult(Location location, string element, string tag, string value) { - exists(UntrustedFlowSource src | + exists(RemoteFlowSource src | src.hasLocationInfo(location.getFile().getAbsolutePath(), location.getStartLine(), location.getStartColumn(), location.getEndLine(), location.getEndColumn()) and element = src.toString() and value = "" and - tag = "UntrustedFlowSource" + tag = "RemoteFlowSource" ) } } -import MakeTest +import MakeTest diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Macaron/sources.go b/go/ql/test/library-tests/semmle/go/frameworks/Macaron/sources.go index 569b032c05f..9cc46d5611e 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Macaron/sources.go +++ b/go/ql/test/library-tests/semmle/go/frameworks/Macaron/sources.go @@ -7,16 +7,16 @@ import ( ) func sources(ctx *macaron.Context, body *macaron.RequestBody) { - _ = ctx.AllParams() // $UntrustedFlowSource - _ = ctx.GetCookie("") // $UntrustedFlowSource - _, _ = ctx.GetSecureCookie("") // $UntrustedFlowSource - _, _ = ctx.GetSuperSecureCookie("", "") // $UntrustedFlowSource - _, _, _ = ctx.GetFile("") // $UntrustedFlowSource - _ = ctx.Params("") // $UntrustedFlowSource - _ = ctx.ParamsEscape("") // $UntrustedFlowSource - _ = ctx.Query("") // $UntrustedFlowSource - _ = ctx.QueryEscape("") // $UntrustedFlowSource - _ = ctx.QueryStrings("") // $UntrustedFlowSource - _, _ = body.Bytes() // $UntrustedFlowSource - _, _ = body.String() // $UntrustedFlowSource + _ = ctx.AllParams() // $RemoteFlowSource + _ = ctx.GetCookie("") // $RemoteFlowSource + _, _ = ctx.GetSecureCookie("") // $RemoteFlowSource + _, _ = ctx.GetSuperSecureCookie("", "") // $RemoteFlowSource + _, _, _ = ctx.GetFile("") // $RemoteFlowSource + _ = ctx.Params("") // $RemoteFlowSource + _ = ctx.ParamsEscape("") // $RemoteFlowSource + _ = ctx.Query("") // $RemoteFlowSource + _ = ctx.QueryEscape("") // $RemoteFlowSource + _ = ctx.QueryStrings("") // $RemoteFlowSource + _, _ = body.Bytes() // $RemoteFlowSource + _, _ = body.String() // $RemoteFlowSource } diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Mux/UntrustedFlowSources.expected b/go/ql/test/library-tests/semmle/go/frameworks/Mux/RemoteFlowSources.expected similarity index 100% rename from go/ql/test/library-tests/semmle/go/frameworks/Mux/UntrustedFlowSources.expected rename to go/ql/test/library-tests/semmle/go/frameworks/Mux/RemoteFlowSources.expected diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Mux/RemoteFlowSources.ql b/go/ql/test/library-tests/semmle/go/frameworks/Mux/RemoteFlowSources.ql new file mode 100644 index 00000000000..d56a98686e0 --- /dev/null +++ b/go/ql/test/library-tests/semmle/go/frameworks/Mux/RemoteFlowSources.ql @@ -0,0 +1,3 @@ +import go + +select any(RemoteFlowSource ufs) diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Mux/UntrustedFlowSources.ql b/go/ql/test/library-tests/semmle/go/frameworks/Mux/UntrustedFlowSources.ql deleted file mode 100644 index 0715d64f8e2..00000000000 --- a/go/ql/test/library-tests/semmle/go/frameworks/Mux/UntrustedFlowSources.ql +++ /dev/null @@ -1,3 +0,0 @@ -import go - -select any(UntrustedFlowSource ufs) diff --git a/go/ql/test/library-tests/semmle/go/frameworks/Revel/test.ql b/go/ql/test/library-tests/semmle/go/frameworks/Revel/test.ql index fce12204e61..6a12f0ebe7c 100644 --- a/go/ql/test/library-tests/semmle/go/frameworks/Revel/test.ql +++ b/go/ql/test/library-tests/semmle/go/frameworks/Revel/test.ql @@ -8,7 +8,7 @@ class Sink extends DataFlow::Node { } private module TestConfig implements DataFlow::ConfigSig { - predicate isSource(DataFlow::Node source) { source instanceof UntrustedFlowSource } + predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource } predicate isSink(DataFlow::Node sink) { sink instanceof Sink } }