Owen Mansel-Chan
ac618e1cb2
Expand FileNameSource for stored xss
2026-06-25 22:50:21 +01:00
Owen Mansel-Chan
587f9c24ed
Fix inline test expectations comments
2026-06-25 18:11:03 +01:00
Owen Mansel-Chan
2d34b0be1b
Merge branch 'main' into copilot/make-go-use-ssa-library
2026-06-18 14:09:20 +01:00
Owen Mansel-Chan
6161922ba4
Merge pull request #21940 from owen-mc/go/unhandled-writable-file-close
...
Go: Improve precision of `go/unhandled-writable-file-close`
2026-06-17 10:58:08 +01:00
Owen Mansel-Chan
0b493c30cc
Preemptively change toString() for SSA classes
2026-06-12 22:20:51 +01:00
Owen Mansel-Chan
b4a9689341
Convert .qlref test to inline expectations
2026-06-11 07:15:54 +02:00
Owen Mansel-Chan
6a8e20a0c8
Fix pre-existing whitespace issues in go test files
2026-06-11 07:15:09 +02:00
Owen Mansel-Chan
c170002fb1
Update test output
2026-06-04 13:52:05 +01:00
Owen Mansel-Chan
05e21adc53
Accept test changes
2026-06-04 13:09:07 +01:00
Owen Mansel-Chan
59908124c1
Add test showing limits of DeferStmt in CFG
...
There are paths to the exit of the function which go through the defer
statement and paths which don't, so we add an optional call to the
deferred function. This causes FPs in the query as it stands.
2026-06-04 12:21:38 +01:00
Owen Mansel-Chan
9dbe9adb00
Update tests
2026-06-02 09:34:03 +01:00
Owen Mansel-Chan
adc9b7714b
Accept changed test output
2026-06-02 00:57:06 +01:00
Owen Mansel-Chan
e706c5f444
Improve test for non-returning fns
2026-06-02 00:56:12 +01:00
Owen Mansel-Chan
1cd0698453
Fix test for reflected xss sanitizer
...
It used to pass even without ErrorSanitizer because `cookie` is already
sanitized.
2026-01-14 11:50:08 +00:00
Owen Mansel-Chan
9bf20702c6
Remove identity steps
2025-12-04 11:59:58 +00:00
Owen Mansel-Chan
848677e580
Merge pull request #20917 from owen-mc/go/enable-data-flow-consistency-checks
...
Go: enable data flow consistency checks
2025-12-02 10:52:47 +00:00
Owen Mansel-Chan
eca9ec59c4
Add exclusions to data flow consistency checks
2025-11-26 11:12:44 +00:00
Owen Mansel-Chan
916fe69e65
Accept data flow consistency test results
2025-11-26 11:00:25 +00:00
Joe Farebrother
cece73bdbf
Remove references to gorilla
2025-11-25 14:36:16 +00:00
Joe Farebrother
c7b16a043e
Address reviews - update comments, remove unneeded stubs
2025-11-25 14:36:00 +00:00
Joe Farebrother
6282c34396
Update formatting
2025-11-25 14:35:09 +00:00
Joe Farebrother
536e885f18
Remove experimental query
2025-11-25 14:34:41 +00:00
Joe Farebrother
8d544e5b15
Add tests
2025-11-25 14:33:51 +00:00
Owen Mansel-Chan
a70d74220f
Add test for good password hashing
2025-11-19 14:36:26 +00:00
Owen Mansel-Chan
f562b3d26e
Make line differences in test comments relative
2025-11-19 14:36:26 +00:00
Owen Mansel-Chan
52d7e2dd18
Add query for hashing sensitive data with weak hashing algorithm
2025-11-19 14:36:26 +00:00
Owen Mansel-Chan
713e19f6f1
Make non-path query for encryption only
2025-11-19 14:36:26 +00:00
Owen Mansel-Chan
f34a625ac2
Model cryptographic operations
2025-11-19 14:36:26 +00:00
Owen Mansel-Chan
34b2e3e2bf
Copy the structure of the Javascript query
2025-11-19 14:36:26 +00:00
Owen Mansel-Chan
a71bb4ba9a
Convert test to inline expectations
2025-11-19 14:36:26 +00:00
Owen Mansel-Chan
3cbce80d0b
Add SimpleTypeSanitizer to go/request-forgery
2025-10-09 12:17:21 +01:00
Owen Mansel-Chan
7599fdd8fa
Add request forgery test for numeric type
2025-10-09 12:17:19 +01:00
Owen Mansel-Chan
2629369c93
Improve additional flow step for Host field
2025-10-01 16:18:05 +01:00
Owen Mansel-Chan
6d6852fb8d
Test PathAssignmentBarrier for OpenUrlRedirect
2025-10-01 16:18:02 +01:00
Owen Mansel-Chan
c9a2816bfe
Fix OpenUrlRedirect barrier for write to Url.Host
2025-10-01 16:13:24 +01:00
Owen Mansel-Chan
414bab1f30
Add OpenUrlRedirect tests for Url.Host field
2025-10-01 16:13:22 +01:00
Owen Mansel-Chan
1144bb99b4
Convert OpenUrlRedirect tests to InlineExpectations
2025-10-01 16:13:21 +01:00
Owen Mansel-Chan
25f182302d
Fix email injection sink that needs local flow
2025-10-01 16:13:10 +01:00
Owen Mansel-Chan
5efc8ac1a4
Fix backwards flow through TaintTracking::FunctionModel
...
We only do this for taint models as there isn't any backwards flow
through data flow function models.
2025-10-01 16:13:01 +01:00
Owen Mansel-Chan
3906f2560d
Adjust Stack Exposure test so it passes
...
A minor bug in our CFG means that we evaluate the base of a
SliceExpr before the bounds. Since the bounds may have side
effects, as in this case, it would be better to evaluate them first.
But in the short term I am just adjusting the test to make it work.
2025-10-01 16:12:59 +01:00
Owen Mansel-Chan
cf6cfe2a1e
Non-initializing writes should target post-update nodes
2025-10-01 16:12:54 +01:00
Owen Mansel-Chan
8a3bd8408b
Fix test expectations for Cleartext Logging
...
One spurious alert was removed, one missing alert was added, and some
source locations changed.
2025-10-01 16:12:52 +01:00
Owen Mansel-Chan
d2230c531d
Expected changes in test output
2025-10-01 16:12:47 +01:00
Owen Mansel-Chan
a0c647ce83
Add Email Injection tests for reverse flow models
2025-10-01 16:12:43 +01:00
Owen Mansel-Chan
14301e0af4
Expected changes in dataflow edges
2025-10-01 16:12:28 +01:00
Owen Mansel-Chan
3594dba83c
Make insecure randomness test more realistic
2025-10-01 16:12:24 +01:00
Owen Mansel-Chan
b2a9cecd69
Fix Allocation Size Overflow for use-use flow
...
We have an operator expression like `x * 5`. We want to follow where the
value of the operator expression goes. We used to follow local flow from
an operand, but now there is flow from that operand to the next use of
the variable. The fix is to explicitly start local flow from the
operator expression.
There are also some expected edge changes due to use-use flow.
2025-10-01 16:12:18 +01:00
Owen Mansel-Chan
16a11b48ad
Switch to use-use dataflow. This will make post-update nodes easy to implement.
...
Queries / tests that required changes:
* The CleartextLogging and MissingErrorCheck queries are updated because they assumed def-use flow
* The CommandInjection query works around the shortcomings of use-use flow by essentially reintroducing def-use flow when it applies a sanitizer
* The OpenUrlRedirect query currently just accepts its fate; the tests are updated to avoid excess sanitization while the query comments on the problem. We should choose this approach or the CommandInjection one.
2025-10-01 16:12:07 +01:00
Chris Smowton
e9cccb46c0
Go: mistyped-exponentiation: notice constants with likely-bitmask values
2025-09-25 15:19:40 +01:00
Owen Mansel-Chan
2a45b28e5f
Merge pull request #20064 from Kwstubbs/go-path-separator
...
Update Go Path Injection Sanitizer and Sink
2025-09-03 16:45:15 +01:00