Compare commits

...

52 Commits

Author SHA1 Message Date
Dave Bartolomeo
fc129e94e4 Merge remote-tracking branch 'origin/main' into dbartol/phi-escape 2024-06-11 14:56:08 -04:00
Owen Mansel-Chan
24c9062b35 Merge pull request #16671 from owen-mc/go/mad-builtin-taint-models-try-2
Go: Convert old-style models for built-ins to MaD
2024-06-11 19:45:34 +01:00
Geoffrey White
cf4736c8f6 Merge pull request #16545 from geoffw0/salvage
Swift: Salvage
2024-06-11 17:51:17 +01:00
Mathias Vorreiter Pedersen
67b327a0f7 Merge pull request #16725 from MathiasVP/rc-3.14-mergeback
Mergeback from `rc/3.14`
2024-06-11 17:37:40 +01:00
Tony Torralba
a299afaf51 Merge pull request #16712 from mbaluda/main
Java: Add `FileUtils` sinks to path injection
2024-06-11 17:50:08 +02:00
Mathias Vorreiter Pedersen
3351b9547d Merge branch 'rc/3.14' into rc-3.14-mergeback 2024-06-11 16:21:08 +01:00
Owen Mansel-Chan
2ae7fa4897 Tests: accept expected changes 2024-06-11 16:20:06 +01:00
Owen Mansel-Chan
6fd2ab7cef Tests: Accept model renumbering in edge provenance 2024-06-11 16:18:18 +01:00
Owen Mansel-Chan
700604a1c2 Convert old-style models for built-ins to MaD
These models are to cover the special cases where `append` can be used
with a second argument which is a string followed by `...`, and `copy`
can be used with a second argument which is a string. In this case the
taint is carried by the whole string, rather than in array elements.
2024-06-11 16:16:45 +01:00
Mauro Baluda
a464a8e48e @mbaluda
Update provenance in test expectations
2024-06-11 15:15:50 +02:00
Geoffrey White
214db5c20d Swift: Make CI more happy. 2024-06-11 12:49:58 +01:00
Cornelius Riemenschneider
3574b9fd4f Merge pull request #16716 from github/criemen/rust-bzlmod-new
Rust: Move to bzlmod.
2024-06-11 13:13:16 +02:00
Mauro Baluda
29e3816412 Apply suggestions from code review
Address reviewiew comments

Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
2024-06-11 12:05:14 +02:00
Cornelius Riemenschneider
4226270ef9 Merge branch 'main' into criemen/rust-bzlmod-new 2024-06-11 11:40:40 +02:00
Anders Schack-Mulligen
73caa48302 Merge pull request #16721 from aschackmull/dataflow/remove-unused-import
Dataflow: Remove unused import.
2024-06-11 09:54:05 +02:00
Anders Schack-Mulligen
939ae4a561 Dataflow: Remove unused import. 2024-06-11 08:55:44 +02:00
Mauro Baluda
bb5ef3ccd9 Update provenance in test expectations 2024-06-10 19:57:37 +02:00
Mauro Baluda
e9dba59f11 Merge branch 'main' into main 2024-06-10 19:57:00 +02:00
Geoffrey White
ae0bf037ac Swift: Make CI happy. 2024-06-10 18:54:16 +01:00
Geoffrey White
2f33b9422b Merge branch 'main' into salvage 2024-06-10 18:31:46 +01:00
Geoffrey White
83860acdde Swift: Test BuiltinLiteralExpr. 2024-06-10 18:20:25 +01:00
Geoffrey White
f2b1e09650 Swift: Add some conversion test cases. 2024-06-10 17:25:25 +01:00
Michael B. Gale
317790eac3 Merge pull request #16703 from github/mbg/go/improve-version-selection-v2
Go: Use toolchain directives for version selection if available, and add tests (v2)
2024-06-10 16:03:00 +00:00
Mathias Vorreiter Pedersen
ec34007a88 Merge pull request #16714 from MathiasVP/handle-unlikely-in-guards-2
C++: Support `__builtin_expect` in `IRGuards`
2024-06-10 16:54:01 +01:00
Tony Torralba
7336dd1ae5 Merge pull request #16482 from grakshith/rakshith/tune-java-crypto
Java: Add RSA/ECB/OEAP ciphers to the list of secure algorithms
2024-06-10 17:27:35 +02:00
Cornelius Riemenschneider
496fff4273 C#: Remove empty glob pattern. 2024-06-10 17:04:00 +02:00
Cornelius Riemenschneider
00319c5010 Upgrade bazel to 7.2.0.
This also bumps a bunch of external dependencies.
2024-06-10 17:03:59 +02:00
Cornelius Riemenschneider
092bc6445d Rust/bazel: Port to bzlmod.
This gets rid of our last workspace dependency.
In particular, this change also gets rid of the checked-in extra
lock files that took forever to generate.
2024-06-10 17:03:58 +02:00
Michael B. Gale
d4adc373c6 Replace if with else if in RequiredGoVersion 2024-06-10 15:48:29 +01:00
Mathias Vorreiter Pedersen
c3bba38950 C++: Fix QLDoc. 2024-06-10 13:39:34 +01:00
Mathias Vorreiter Pedersen
1aea120e89 C++: Add change note. 2024-06-10 13:01:01 +01:00
Mathias Vorreiter Pedersen
b0c4fcec57 C++: Cleanup. 2024-06-10 12:53:07 +01:00
Mathias Vorreiter Pedersen
9e088f3e4a C++: Accept test changes. 2024-06-10 12:53:06 +01:00
Mathias Vorreiter Pedersen
84c1341b62 C++: Support builtin expect in IRGuards. 2024-06-10 12:53:04 +01:00
Mathias Vorreiter Pedersen
d76700497b C++: Add testcases using the builtin expect operation. 2024-06-10 12:47:45 +01:00
Mathias Vorreiter Pedersen
9c98652116 C++: Handle 'unlikely' in IRGuards. 2024-06-10 12:47:44 +01:00
Mauro Baluda
1d44f45be2 Update org.apache.commons.io.model.yml 2024-06-10 12:03:57 +02:00
Mauro Baluda
71505f4003 Added more org.apache.commons.io.FileUtils-related sinks to the path injection query. 2024-06-10 11:29:51 +02:00
Michael B. Gale
881b2586e1 Go: Add tests for RequiredGoVersion 2024-06-07 12:20:44 +00:00
Michael B. Gale
504a233299 Go: Use Toolchain directives in go.mod files, if available 2024-06-07 12:20:43 +00:00
Michael B. Gale
1d6f09c750 Go: Refactor go.mod version retrieval into its own method 2024-06-07 12:20:42 +00:00
Michael B. Gale
44a16cef6c Go: Use Toolchain directives in go.work files, if available 2024-06-07 12:20:41 +00:00
Rakshith Gopalakrishna
798a736d16 fix: update changelog
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
2024-06-04 11:20:05 -07:00
Rakshith Gopalakrishna
65af2556ed fix: remove rsa/ecb/* from getASecureAlgorithmName
Co-authored-by: Tony Torralba <atorralba@users.noreply.github.com>
2024-06-04 11:20:05 -07:00
Rakshith Gopala krishna
97f9a882c6 fix: address PR comments 2024-06-04 11:20:05 -07:00
Rakshith Gopala krishna
0f63f0dda2 docs: add changenote 2024-06-04 11:20:05 -07:00
Rakshith Gopala krishna
80bf7cdb52 fix: remove the pkcs1 scheme 2024-06-04 11:20:05 -07:00
Rakshith Gopala krishna
dd223ed704 feat: add rsa/ecb/... variants to the list of secure algorithms 2024-06-04 11:20:05 -07:00
Geoffrey White
8dad622de2 Swift: Fix some inconsistencies. 2024-05-21 16:32:00 +01:00
Dave Bartolomeo
907c34bae2 Treat operands of Phi instructions as escaped 2024-05-09 11:18:50 -04:00
Geoffrey White
fc7fef3dd8 Swift: Add dataflow tests for dictionaries. 2024-04-15 18:50:41 +01:00
Geoffrey White
0c88d05a65 Swift: QLDoc BuiltinLiteralExpr subclasses and add BuiltinLiteral.getValueString. 2024-04-15 18:23:32 +01:00
87 changed files with 2469 additions and 10361 deletions

View File

@@ -1 +1 @@
7.1.2
7.2.0

View File

@@ -13,22 +13,45 @@ local_path_override(
# see https://registry.bazel.build/ for a list of available packages
bazel_dep(name = "platforms", version = "0.0.9")
bazel_dep(name = "rules_go", version = "0.47.0")
bazel_dep(name = "platforms", version = "0.0.10")
bazel_dep(name = "rules_go", version = "0.48.0")
bazel_dep(name = "rules_pkg", version = "0.10.1")
bazel_dep(name = "rules_nodejs", version = "6.0.3")
bazel_dep(name = "rules_python", version = "0.31.0")
bazel_dep(name = "bazel_skylib", version = "1.5.0")
bazel_dep(name = "rules_nodejs", version = "6.2.0")
bazel_dep(name = "rules_python", version = "0.32.2")
bazel_dep(name = "bazel_skylib", version = "1.6.1")
bazel_dep(name = "abseil-cpp", version = "20240116.0", repo_name = "absl")
bazel_dep(name = "nlohmann_json", version = "3.11.3", repo_name = "json")
bazel_dep(name = "fmt", version = "10.0.0")
bazel_dep(name = "rules_kotlin", version = "1.9.4-codeql.1")
bazel_dep(name = "gazelle", version = "0.36.0")
bazel_dep(name = "gazelle", version = "0.37.0")
bazel_dep(name = "rules_dotnet", version = "0.15.1")
bazel_dep(name = "googletest", version = "1.14.0.bcr.1")
bazel_dep(name = "rules_rust", version = "0.46.0")
bazel_dep(name = "buildifier_prebuilt", version = "6.4.0", dev_dependency = True)
crate = use_extension(
"@rules_rust//crate_universe:extension.bzl",
"crate",
)
crate.from_cargo(
name = "py_deps",
cargo_lockfile = "//python/extractor/tsg-python:Cargo.lock",
manifests = [
"//python/extractor/tsg-python:Cargo.toml",
"//python/extractor/tsg-python/tsp:Cargo.toml",
],
)
crate.from_cargo(
name = "ruby_deps",
cargo_lockfile = "//ruby/extractor:Cargo.lock",
manifests = [
"//ruby/extractor:Cargo.toml",
"//ruby/extractor/codeql-extractor-fake-crate:Cargo.toml",
],
)
use_repo(crate, "py_deps", "ruby_deps")
dotnet = use_extension("@rules_dotnet//dotnet:extensions.bzl", "dotnet")
dotnet.toolchain(dotnet_version = "8.0.101")
use_repo(dotnet, "dotnet_toolchains")

View File

@@ -0,0 +1,4 @@
---
category: minorAnalysis
---
* The "Guards" library (`semmle.code.cpp.controlflow.Guards`) now also infers guards from calls to the builtin operation `__builtin_expect`. As a result, some queries may produce fewer false positives.

View File

@@ -762,6 +762,8 @@ private predicate compares_eq(
exists(AbstractValue dual | value = dual.getDualValue() |
compares_eq(test.(LogicalNotInstruction).getUnary(), left, right, k, areEqual, dual)
)
or
compares_eq(test.(BuiltinExpectCallInstruction).getCondition(), left, right, k, areEqual, value)
}
/**
@@ -831,6 +833,9 @@ private predicate unary_compares_eq(
int_value(const) = k1 and
k = k1 + k2
)
or
unary_compares_eq(test.(BuiltinExpectCallInstruction).getCondition(), op, k, areEqual,
inNonZeroCase, value)
}
/** Rearrange various simple comparisons into `left == right + k` form. */
@@ -910,12 +915,68 @@ private predicate unary_simple_comparison_eq(
)
}
/** A call to the builtin operation `__builtin_expect`. */
private class BuiltinExpectCallInstruction extends CallInstruction {
BuiltinExpectCallInstruction() { this.getStaticCallTarget().hasName("__builtin_expect") }
/** Gets the condition of this call. */
Instruction getCondition() {
// The first parameter of `__builtin_expect` has type `long`. So we skip
// the conversion when inferring guards.
result = this.getArgument(0).(ConvertInstruction).getUnary()
}
}
/**
* Holds if `left == right + k` is `areEqual` if `cmp` evaluates to `value`,
* and `cmp` is an instruction that compares the value of
* `__builtin_expect(left == right + k, _)` to `0`.
*/
private predicate builtin_expect_eq(
CompareInstruction cmp, Operand left, Operand right, int k, boolean areEqual, AbstractValue value
) {
exists(BuiltinExpectCallInstruction call, Instruction const, AbstractValue innerValue |
int_value(const) = 0 and
cmp.hasOperands(call.getAUse(), const.getAUse()) and
compares_eq(call.getCondition(), left, right, k, areEqual, innerValue)
|
cmp instanceof CompareNEInstruction and
value = innerValue
or
cmp instanceof CompareEQInstruction and
value.getDualValue() = innerValue
)
}
private predicate complex_eq(
CompareInstruction cmp, Operand left, Operand right, int k, boolean areEqual, AbstractValue value
) {
sub_eq(cmp, left, right, k, areEqual, value)
or
add_eq(cmp, left, right, k, areEqual, value)
or
builtin_expect_eq(cmp, left, right, k, areEqual, value)
}
/**
* Holds if `op == k` is `areEqual` if `cmp` evaluates to `value`, and `cmp` is
* an instruction that compares the value of `__builtin_expect(op == k, _)` to `0`.
*/
private predicate unary_builtin_expect_eq(
CompareInstruction cmp, Operand op, int k, boolean areEqual, boolean inNonZeroCase,
AbstractValue value
) {
exists(BuiltinExpectCallInstruction call, Instruction const, AbstractValue innerValue |
int_value(const) = 0 and
cmp.hasOperands(call.getAUse(), const.getAUse()) and
unary_compares_eq(call.getCondition(), op, k, areEqual, inNonZeroCase, innerValue)
|
cmp instanceof CompareNEInstruction and
value = innerValue
or
cmp instanceof CompareEQInstruction and
value.getDualValue() = innerValue
)
}
private predicate unary_complex_eq(
@@ -924,6 +985,8 @@ private predicate unary_complex_eq(
unary_sub_eq(test, op, k, areEqual, inNonZeroCase, value)
or
unary_add_eq(test, op, k, areEqual, inNonZeroCase, value)
or
unary_builtin_expect_eq(test, op, k, areEqual, inNonZeroCase, value)
}
/*

View File

@@ -106,8 +106,8 @@ private predicate operandEscapesDomain(Operand operand) {
not isArgumentForParameter(_, operand, _) and
not isOnlyEscapesViaReturnArgument(operand) and
not operand.getUse() instanceof ReturnValueInstruction and
not operand.getUse() instanceof ReturnIndirectionInstruction and
not operand instanceof PhiInputOperand
not operand.getUse() instanceof ReturnIndirectionInstruction// and
// not operand instanceof PhiInputOperand
}
/**
@@ -211,9 +211,9 @@ private predicate operandEscapesNonReturn(Operand operand) {
)
or
isOnlyEscapesViaReturnArgument(operand) and resultEscapesNonReturn(operand.getUse())
or
operand instanceof PhiInputOperand and
resultEscapesNonReturn(operand.getUse())
// or
// operand instanceof PhiInputOperand and
// resultEscapesNonReturn(operand.getUse())
or
operandEscapesDomain(operand)
}
@@ -454,6 +454,9 @@ module Print {
|
value, ", "
)
or
key = "escapes" and
result = strictconcat(string value | operandEscapesNonReturn(operand) and value = "nonreturn" | value, ", ")
}
string getInstructionProperty(Instruction instr, string key) {

View File

@@ -45,3 +45,7 @@
| test.cpp:122:9:122:9 | b |
| test.cpp:125:13:125:20 | ! ... |
| test.cpp:125:14:125:17 | call to safe |
| test.cpp:131:6:131:21 | call to __builtin_expect |
| test.cpp:135:6:135:21 | call to __builtin_expect |
| test.cpp:141:6:141:21 | call to __builtin_expect |
| test.cpp:145:6:145:21 | call to __builtin_expect |

View File

@@ -164,10 +164,46 @@
| 126 | call to test3_condition != 0 when ... && ... is true |
| 126 | call to test3_condition != 0 when call to test3_condition is true |
| 126 | call to test3_condition == 0 when call to test3_condition is false |
| 131 | ... + ... != a+0 when call to __builtin_expect is false |
| 131 | ... + ... == a+0 when call to __builtin_expect is true |
| 131 | a != ... + ...+0 when call to __builtin_expect is false |
| 131 | a != b+42 when call to __builtin_expect is false |
| 131 | a == ... + ...+0 when call to __builtin_expect is true |
| 131 | a == b+42 when call to __builtin_expect is true |
| 131 | b != 0 when b is true |
| 131 | b != a+-42 when call to __builtin_expect is false |
| 131 | b == 0 when b is false |
| 131 | b == a+-42 when call to __builtin_expect is true |
| 131 | call to __builtin_expect != 0 when call to __builtin_expect is true |
| 131 | call to __builtin_expect == 0 when call to __builtin_expect is false |
| 135 | ... + ... != a+0 when call to __builtin_expect is true |
| 135 | ... + ... == a+0 when call to __builtin_expect is false |
| 135 | a != ... + ...+0 when call to __builtin_expect is true |
| 135 | a != b+42 when call to __builtin_expect is true |
| 135 | a == ... + ...+0 when call to __builtin_expect is false |
| 135 | a == b+42 when call to __builtin_expect is false |
| 135 | b != a+-42 when call to __builtin_expect is true |
| 135 | b == a+-42 when call to __builtin_expect is false |
| 135 | call to __builtin_expect != 0 when call to __builtin_expect is true |
| 135 | call to __builtin_expect == 0 when call to __builtin_expect is false |
| 137 | 0 != 0 when 0 is true |
| 137 | 0 == 0 when 0 is false |
| 141 | 42 != a+0 when call to __builtin_expect is false |
| 141 | 42 == a+0 when call to __builtin_expect is true |
| 141 | a != 42 when call to __builtin_expect is false |
| 141 | a != 42+0 when call to __builtin_expect is false |
| 141 | a == 42 when call to __builtin_expect is true |
| 141 | a == 42+0 when call to __builtin_expect is true |
| 141 | call to __builtin_expect != 0 when call to __builtin_expect is true |
| 141 | call to __builtin_expect == 0 when call to __builtin_expect is false |
| 145 | 42 != a+0 when call to __builtin_expect is true |
| 145 | 42 == a+0 when call to __builtin_expect is false |
| 145 | a != 42 when call to __builtin_expect is true |
| 145 | a != 42+0 when call to __builtin_expect is true |
| 145 | a == 42 when call to __builtin_expect is false |
| 145 | a == 42+0 when call to __builtin_expect is false |
| 145 | call to __builtin_expect != 0 when call to __builtin_expect is true |
| 145 | call to __builtin_expect == 0 when call to __builtin_expect is false |
| 146 | ! ... != 0 when ! ... is true |
| 146 | ! ... == 0 when ! ... is false |
| 146 | x != 0 when ! ... is false |

View File

@@ -104,3 +104,7 @@
| test.cpp:122:9:122:9 | b | true | 125 | 125 |
| test.cpp:125:13:125:20 | ! ... | true | 125 | 125 |
| test.cpp:125:14:125:17 | call to safe | false | 125 | 125 |
| test.cpp:131:6:131:21 | call to __builtin_expect | true | 131 | 132 |
| test.cpp:135:6:135:21 | call to __builtin_expect | true | 135 | 136 |
| test.cpp:141:6:141:21 | call to __builtin_expect | true | 141 | 142 |
| test.cpp:145:6:145:21 | call to __builtin_expect | true | 145 | 146 |

View File

@@ -159,6 +159,18 @@ binary
| test.cpp:105:6:105:14 | ... != ... | test.cpp:105:11:105:14 | 0.0 | != | test.cpp:105:6:105:6 | f | 0 | 105 | 106 |
| test.cpp:111:6:111:14 | ... != ... | test.cpp:111:6:111:6 | i | != | test.cpp:111:11:111:14 | 0.0 | 0 | 111 | 112 |
| test.cpp:111:6:111:14 | ... != ... | test.cpp:111:11:111:14 | 0.0 | != | test.cpp:111:6:111:6 | i | 0 | 111 | 112 |
| test.cpp:131:6:131:21 | call to __builtin_expect | test.cpp:131:23:131:23 | a | == | test.cpp:131:28:131:28 | b | 42 | 131 | 132 |
| test.cpp:131:6:131:21 | call to __builtin_expect | test.cpp:131:23:131:23 | a | == | test.cpp:131:28:131:33 | ... + ... | 0 | 131 | 132 |
| test.cpp:131:6:131:21 | call to __builtin_expect | test.cpp:131:28:131:28 | b | == | test.cpp:131:23:131:23 | a | -42 | 131 | 132 |
| test.cpp:131:6:131:21 | call to __builtin_expect | test.cpp:131:28:131:33 | ... + ... | == | test.cpp:131:23:131:23 | a | 0 | 131 | 132 |
| test.cpp:135:6:135:21 | call to __builtin_expect | test.cpp:135:23:135:23 | a | != | test.cpp:135:28:135:28 | b | 42 | 135 | 136 |
| test.cpp:135:6:135:21 | call to __builtin_expect | test.cpp:135:23:135:23 | a | != | test.cpp:135:28:135:33 | ... + ... | 0 | 135 | 136 |
| test.cpp:135:6:135:21 | call to __builtin_expect | test.cpp:135:28:135:28 | b | != | test.cpp:135:23:135:23 | a | -42 | 135 | 136 |
| test.cpp:135:6:135:21 | call to __builtin_expect | test.cpp:135:28:135:33 | ... + ... | != | test.cpp:135:23:135:23 | a | 0 | 135 | 136 |
| test.cpp:141:6:141:21 | call to __builtin_expect | test.cpp:141:23:141:23 | a | == | test.cpp:141:28:141:29 | 42 | 0 | 141 | 142 |
| test.cpp:141:6:141:21 | call to __builtin_expect | test.cpp:141:28:141:29 | 42 | == | test.cpp:141:23:141:23 | a | 0 | 141 | 142 |
| test.cpp:145:6:145:21 | call to __builtin_expect | test.cpp:145:23:145:23 | a | != | test.cpp:145:28:145:29 | 42 | 0 | 145 | 146 |
| test.cpp:145:6:145:21 | call to __builtin_expect | test.cpp:145:28:145:29 | 42 | != | test.cpp:145:23:145:23 | a | 0 | 145 | 146 |
unary
| test.c:7:9:7:13 | ... > ... | test.c:7:9:7:9 | x | < | 1 | 10 | 11 |
| test.c:7:9:7:13 | ... > ... | test.c:7:9:7:9 | x | >= | 1 | 7 | 9 |
@@ -270,3 +282,9 @@ unary
| test.cpp:122:9:122:9 | b | test.cpp:122:9:122:9 | b | != | 0 | 125 | 125 |
| test.cpp:125:13:125:20 | ! ... | test.cpp:125:13:125:20 | ! ... | != | 0 | 125 | 125 |
| test.cpp:125:14:125:17 | call to safe | test.cpp:125:14:125:17 | call to safe | == | 0 | 125 | 125 |
| test.cpp:131:6:131:21 | call to __builtin_expect | test.cpp:131:6:131:21 | call to __builtin_expect | != | 0 | 131 | 132 |
| test.cpp:135:6:135:21 | call to __builtin_expect | test.cpp:135:6:135:21 | call to __builtin_expect | != | 0 | 135 | 136 |
| test.cpp:141:6:141:21 | call to __builtin_expect | test.cpp:141:6:141:21 | call to __builtin_expect | != | 0 | 141 | 142 |
| test.cpp:141:6:141:21 | call to __builtin_expect | test.cpp:141:23:141:23 | a | == | 42 | 141 | 142 |
| test.cpp:145:6:145:21 | call to __builtin_expect | test.cpp:145:6:145:21 | call to __builtin_expect | != | 0 | 145 | 146 |
| test.cpp:145:6:145:21 | call to __builtin_expect | test.cpp:145:23:145:23 | a | != | 42 | 145 | 146 |

View File

@@ -125,4 +125,24 @@ void test(bool b)
if (!safe(x)) return;
}
use(x);
}
void binary_test_builtin_expected(int a, int b) {
if(__builtin_expect(a == b + 42, 0)) {
use(a);
}
if(__builtin_expect(a != b + 42, 0)) {
use(a);
}
}
void unary_test_builtin_expected(int a) {
if(__builtin_expect(a == 42, 0)) {
use(a);
}
if(__builtin_expect(a != 42, 0)) {
use(a);
}
}

View File

@@ -193,10 +193,11 @@ void Escape()
int passByRef3;
CallByReferenceParamEscape(ReturnReference(passByRef3));
int no_ssa_passByPtr4;
int no_ssa_passByPtr5;
int ssa_passByPtr4;
int ssa_passByPtr5;
bool no_b2 = false;
MaybeReturn(&no_ssa_passByPtr4, &no_ssa_passByPtr5, no_b2);
// Treated as escaped because we don't know _which_ address will be returned.
MaybeReturn(&ssa_passByPtr4, &ssa_passByPtr5, no_b2);
int passByRef6;
EscapeAndReturn(passByRef6);
@@ -251,3 +252,19 @@ void Escape()
CallByPointer(no_condTemp);
}
bool getBool();
void use(int);
void test_while() {
int r;
int *no_rP = &r;
while(getBool()) {
int s = 0;
*no_rP = s;
no_rP = &s;
}
use(r);
}

View File

@@ -11,7 +11,6 @@ codeql_csharp_library(
"Extractor/**/*.cs",
"Kinds/**/*.cs",
"Populators/**/*.cs",
"Properties/**/*.cs",
"*.cs",
]),
allow_unsafe_blocks = True,

View File

@@ -19,5 +19,8 @@ go_test(
name = "project_test",
srcs = ["project_test.go"],
embed = [":project"],
deps = ["//go/extractor/vendor/golang.org/x/mod/modfile"],
deps = [
"//go/extractor/util",
"//go/extractor/vendor/golang.org/x/mod/modfile",
],
)

View File

@@ -36,6 +36,17 @@ type GoModule struct {
Module *modfile.File // The parsed contents of the `go.mod` file
}
// Tries to find the Go toolchain version required for this module.
func (module *GoModule) RequiredGoVersion() util.SemVer {
if module.Module != nil && module.Module.Toolchain != nil {
return util.NewSemVer(module.Module.Toolchain.Name)
} else if module.Module != nil && module.Module.Go != nil {
return util.NewSemVer(module.Module.Go.Version)
} else {
return tryReadGoDirective(module.Path)
}
}
// Represents information about a Go project workspace: this may either be a folder containing
// a `go.work` file or a collection of `go.mod` files.
type GoWorkspace struct {
@@ -54,24 +65,23 @@ type GoVersionInfo = util.SemVer
// 1. The Go version specified in the `go.work` file, if any.
// 2. The greatest Go version specified in any `go.mod` file, if any.
func (workspace *GoWorkspace) RequiredGoVersion() util.SemVer {
if workspace.WorkspaceFile != nil && workspace.WorkspaceFile.Go != nil {
// If we have parsed a `go.work` file, return the version number from it.
// If we have parsed a `go.work` file, we prioritise versions from it over those in individual `go.mod`
// files. We are interested in toolchain versions, so if there is an explicit toolchain declaration in
// a `go.work` file, we use that. Otherwise, we fall back to the language version in the `go.work` file
// and use that as toolchain version. If we didn't parse a `go.work` file, then we try to find the
// greatest version contained in `go.mod` files.
if workspace.WorkspaceFile != nil && workspace.WorkspaceFile.Toolchain != nil {
return util.NewSemVer(workspace.WorkspaceFile.Toolchain.Name)
} else if workspace.WorkspaceFile != nil && workspace.WorkspaceFile.Go != nil {
return util.NewSemVer(workspace.WorkspaceFile.Go.Version)
} else if workspace.Modules != nil && len(workspace.Modules) > 0 {
// Otherwise, if we have `go.work` files, find the greatest Go version in those.
var greatestVersion util.SemVer = nil
for _, module := range workspace.Modules {
if module.Module != nil && module.Module.Go != nil {
// If we have parsed the file, retrieve the version number we have already obtained.
modVersion := util.NewSemVer(module.Module.Go.Version)
if greatestVersion == nil || modVersion.IsNewerThan(greatestVersion) {
greatestVersion = modVersion
}
} else {
modVersion := tryReadGoDirective(module.Path)
if modVersion != nil && (greatestVersion == nil || modVersion.IsNewerThan(greatestVersion)) {
greatestVersion = modVersion
}
modVersion := module.RequiredGoVersion()
if modVersion != nil && (greatestVersion == nil || modVersion.IsNewerThan(greatestVersion)) {
greatestVersion = modVersion
}
}

View File

@@ -4,6 +4,7 @@ import (
"path/filepath"
"testing"
"github.com/github/codeql-go/extractor/util"
"golang.org/x/mod/modfile"
)
@@ -28,14 +29,18 @@ func TestStartsWithAnyOf(t *testing.T) {
testStartsWithAnyOf(t, filepath.Join("foo", "bar"), filepath.Join("foo", "baz"), false)
}
func testHasInvalidToolchainVersion(t *testing.T, contents string) bool {
modFile, err := modfile.Parse("test.go", []byte(contents), nil)
func parseModFile(t *testing.T, contents string) *modfile.File {
modFile, err := modfile.Parse("go.mod", []byte(contents), nil)
if err != nil {
t.Errorf("Unable to parse %s: %s.\n", contents, err.Error())
}
return hasInvalidToolchainVersion(modFile)
return modFile
}
func testHasInvalidToolchainVersion(t *testing.T, contents string) bool {
return hasInvalidToolchainVersion(parseModFile(t, contents))
}
func TestHasInvalidToolchainVersion(t *testing.T) {
@@ -62,3 +67,74 @@ func TestHasInvalidToolchainVersion(t *testing.T) {
}
}
}
func parseWorkFile(t *testing.T, contents string) *modfile.WorkFile {
workFile, err := modfile.ParseWork("go.work", []byte(contents), nil)
if err != nil {
t.Errorf("Unable to parse %s: %s.\n", contents, err.Error())
}
return workFile
}
func TestRequiredGoVersion(t *testing.T) {
type ModVersionPair struct {
FileContents string
ExpectedVersion string
}
modules := []ModVersionPair{
{"go 1.20", "v1.20"},
{"go 1.21.2", "v1.21.2"},
{"go 1.21rc1", "v1.21.0-rc1"},
{"go 1.21rc1\ntoolchain go1.22.0", "v1.22.0"},
{"go 1.21rc1\ntoolchain go1.22rc1", "v1.22.0-rc1"},
}
for _, testData := range modules {
// `go.mod` and `go.work` files have mostly the same format
modFile := parseModFile(t, testData.FileContents)
workFile := parseWorkFile(t, testData.FileContents)
mod := GoModule{
Path: "test", // irrelevant
Module: modFile,
}
work := GoWorkspace{
WorkspaceFile: workFile,
}
result := mod.RequiredGoVersion()
if result == nil {
t.Errorf(
"Expected mod.RequiredGoVersion() to return %s for the below `go.mod` file, but got nothing:\n%s",
testData.ExpectedVersion,
testData.FileContents,
)
} else if result != util.NewSemVer(testData.ExpectedVersion) {
t.Errorf(
"Expected mod.RequiredGoVersion() to return %s for the below `go.mod` file, but got %s:\n%s",
testData.ExpectedVersion,
result,
testData.FileContents,
)
}
result = work.RequiredGoVersion()
if result == nil {
t.Errorf(
"Expected mod.RequiredGoVersion() to return %s for the below `go.work` file, but got nothing:\n%s",
testData.ExpectedVersion,
testData.FileContents,
)
} else if result != util.NewSemVer(testData.ExpectedVersion) {
t.Errorf(
"Expected mod.RequiredGoVersion() to return %s for the below `go.work` file, but got %s:\n%s",
testData.ExpectedVersion,
result,
testData.FileContents,
)
}
}
}

View File

@@ -3,8 +3,11 @@ extensions:
pack: codeql/go-all
extensible: summaryModel
data:
- ["", "", False, "append", "", "", "Argument[0]", "ReturnValue", "taint", "manual"] # special case for when arg[0] has core type []byte and second argument has core type bytestring and is followed by ...
- ["", "", False, "append", "", "", "Argument[0].ArrayElement", "ReturnValue.ArrayElement", "value", "manual"]
- ["", "", False, "append", "", "", "Argument[1]", "ReturnValue", "taint", "manual"] # special case for when arg[0] has core type []byte and second argument has core type bytestring and is followed by ...
- ["", "", False, "append", "", "", "Argument[1].ArrayElement", "ReturnValue.ArrayElement", "value", "manual"]
- ["", "", False, "copy", "", "", "Argument[1]", "Argument[0]", "taint", "manual"] # special case for when arg[0] has core type []byte and second argument has core type bytestring
- ["", "", False, "copy", "", "", "Argument[1].ArrayElement", "Argument[0].ArrayElement", "value", "manual"]
- ["", "", False, "max", "", "", "Argument[0..1000]", "ReturnValue", "value", "manual"]
- ["", "", False, "min", "", "", "Argument[0..1000]", "ReturnValue", "value", "manual"]

View File

@@ -44,30 +44,6 @@ import semmle.go.frameworks.stdlib.TextTabwriter
import semmle.go.frameworks.stdlib.TextTemplate
import semmle.go.frameworks.stdlib.Unsafe
/**
* A model of the built-in `append` function, which propagates taint from its arguments to its
* result.
*/
private class AppendFunction extends TaintTracking::FunctionModel {
AppendFunction() { this = Builtin::append() }
override predicate hasTaintFlow(FunctionInput inp, FunctionOutput outp) {
inp.isParameter(_) and outp.isResult()
}
}
/**
* A model of the built-in `copy` function, which propagates taint from its second argument
* to its first.
*/
private class CopyFunction extends TaintTracking::FunctionModel {
CopyFunction() { this = Builtin::copy() }
override predicate hasTaintFlow(FunctionInput inp, FunctionOutput outp) {
inp.isParameter(1) and outp.isParameter(0)
}
}
/** Provides a class for modeling functions which convert strings into integers. */
module IntegerParser {
/**

View File

@@ -1,18 +1,18 @@
edges
| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:59:3:59:11 | untrusted | provenance | Src:MaD:674 |
| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:61:3:61:51 | ...+... | provenance | Src:MaD:674 |
| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:62:3:62:33 | slice literal | provenance | Src:MaD:674 |
| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:62:24:62:32 | untrusted | provenance | Src:MaD:674 |
| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:66:3:66:11 | untrusted | provenance | Src:MaD:674 |
| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:68:3:68:51 | ...+... | provenance | Src:MaD:674 |
| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:69:3:69:33 | slice literal | provenance | Src:MaD:674 |
| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:69:24:69:32 | untrusted | provenance | Src:MaD:674 |
| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:73:3:73:11 | untrusted | provenance | Src:MaD:674 |
| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:75:3:75:51 | ...+... | provenance | Src:MaD:674 |
| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:76:3:76:33 | slice literal | provenance | Src:MaD:674 |
| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:76:24:76:32 | untrusted | provenance | Src:MaD:674 |
| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:80:22:80:30 | untrusted | provenance | Src:MaD:674 |
| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:81:25:81:33 | untrusted | provenance | Src:MaD:674 |
| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:59:3:59:11 | untrusted | provenance | Src:MaD:677 |
| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:61:3:61:51 | ...+... | provenance | Src:MaD:677 |
| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:62:3:62:33 | slice literal | provenance | Src:MaD:677 |
| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:62:24:62:32 | untrusted | provenance | Src:MaD:677 |
| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:66:3:66:11 | untrusted | provenance | Src:MaD:677 |
| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:68:3:68:51 | ...+... | provenance | Src:MaD:677 |
| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:69:3:69:33 | slice literal | provenance | Src:MaD:677 |
| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:69:24:69:32 | untrusted | provenance | Src:MaD:677 |
| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:73:3:73:11 | untrusted | provenance | Src:MaD:677 |
| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:75:3:75:51 | ...+... | provenance | Src:MaD:677 |
| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:76:3:76:33 | slice literal | provenance | Src:MaD:677 |
| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:76:24:76:32 | untrusted | provenance | Src:MaD:677 |
| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:80:22:80:30 | untrusted | provenance | Src:MaD:677 |
| LDAPInjection.go:57:15:57:29 | call to UserAgent | LDAPInjection.go:81:25:81:33 | untrusted | provenance | Src:MaD:677 |
| LDAPInjection.go:62:3:62:33 | slice literal [array] | LDAPInjection.go:62:3:62:33 | slice literal | provenance | |
| LDAPInjection.go:62:24:62:32 | untrusted | LDAPInjection.go:62:3:62:33 | slice literal [array] | provenance | |
| LDAPInjection.go:69:3:69:33 | slice literal [array] | LDAPInjection.go:69:3:69:33 | slice literal | provenance | |

View File

@@ -1,9 +1,9 @@
edges
| timing.go:15:18:15:27 | selection of Header | timing.go:15:18:15:45 | call to Get | provenance | MaD:655 |
| timing.go:15:18:15:27 | selection of Header | timing.go:15:18:15:45 | call to Get | provenance | MaD:658 |
| timing.go:15:18:15:45 | call to Get | timing.go:17:31:17:42 | headerSecret | provenance | |
| timing.go:28:18:28:27 | selection of Header | timing.go:28:18:28:45 | call to Get | provenance | MaD:655 |
| timing.go:28:18:28:27 | selection of Header | timing.go:28:18:28:45 | call to Get | provenance | MaD:658 |
| timing.go:28:18:28:45 | call to Get | timing.go:30:47:30:58 | headerSecret | provenance | |
| timing.go:41:18:41:27 | selection of Header | timing.go:41:18:41:45 | call to Get | provenance | MaD:655 |
| timing.go:41:18:41:27 | selection of Header | timing.go:41:18:41:45 | call to Get | provenance | MaD:658 |
| timing.go:41:18:41:45 | call to Get | timing.go:42:25:42:36 | headerSecret | provenance | |
nodes
| timing.go:15:18:15:27 | selection of Header | semmle.label | selection of Header |

View File

@@ -1,5 +1,5 @@
edges
| ImproperLdapAuth.go:18:18:18:24 | selection of URL | ImproperLdapAuth.go:18:18:18:32 | call to Query | provenance | MaD:735 |
| ImproperLdapAuth.go:18:18:18:24 | selection of URL | ImproperLdapAuth.go:18:18:18:32 | call to Query | provenance | MaD:738 |
| ImproperLdapAuth.go:18:18:18:32 | call to Query | ImproperLdapAuth.go:28:23:28:34 | bindPassword | provenance | |
| ImproperLdapAuth.go:87:18:87:19 | "" | ImproperLdapAuth.go:97:23:97:34 | bindPassword | provenance | |
nodes

View File

@@ -1,24 +1,24 @@
edges
| DivideByZero.go:10:12:10:16 | selection of URL | DivideByZero.go:10:12:10:24 | call to Query | provenance | MaD:735 |
| DivideByZero.go:10:12:10:16 | selection of URL | DivideByZero.go:10:12:10:24 | call to Query | provenance | MaD:738 |
| DivideByZero.go:10:12:10:24 | call to Query | DivideByZero.go:11:27:11:32 | param1 | provenance | |
| DivideByZero.go:11:2:11:33 | ... := ...[0] | DivideByZero.go:12:16:12:20 | value | provenance | |
| DivideByZero.go:11:27:11:32 | param1 | DivideByZero.go:11:2:11:33 | ... := ...[0] | provenance | Config |
| DivideByZero.go:17:12:17:16 | selection of URL | DivideByZero.go:17:12:17:24 | call to Query | provenance | MaD:735 |
| DivideByZero.go:17:12:17:16 | selection of URL | DivideByZero.go:17:12:17:24 | call to Query | provenance | MaD:738 |
| DivideByZero.go:17:12:17:24 | call to Query | DivideByZero.go:18:11:18:24 | type conversion | provenance | |
| DivideByZero.go:18:11:18:24 | type conversion | DivideByZero.go:19:16:19:20 | value | provenance | |
| DivideByZero.go:24:12:24:16 | selection of URL | DivideByZero.go:24:12:24:24 | call to Query | provenance | MaD:735 |
| DivideByZero.go:24:12:24:16 | selection of URL | DivideByZero.go:24:12:24:24 | call to Query | provenance | MaD:738 |
| DivideByZero.go:24:12:24:24 | call to Query | DivideByZero.go:25:31:25:36 | param1 | provenance | |
| DivideByZero.go:25:2:25:45 | ... := ...[0] | DivideByZero.go:26:16:26:20 | value | provenance | |
| DivideByZero.go:25:31:25:36 | param1 | DivideByZero.go:25:2:25:45 | ... := ...[0] | provenance | Config |
| DivideByZero.go:31:12:31:16 | selection of URL | DivideByZero.go:31:12:31:24 | call to Query | provenance | MaD:735 |
| DivideByZero.go:31:12:31:16 | selection of URL | DivideByZero.go:31:12:31:24 | call to Query | provenance | MaD:738 |
| DivideByZero.go:31:12:31:24 | call to Query | DivideByZero.go:32:33:32:38 | param1 | provenance | |
| DivideByZero.go:32:2:32:43 | ... := ...[0] | DivideByZero.go:33:16:33:20 | value | provenance | |
| DivideByZero.go:32:33:32:38 | param1 | DivideByZero.go:32:2:32:43 | ... := ...[0] | provenance | Config |
| DivideByZero.go:38:12:38:16 | selection of URL | DivideByZero.go:38:12:38:24 | call to Query | provenance | MaD:735 |
| DivideByZero.go:38:12:38:16 | selection of URL | DivideByZero.go:38:12:38:24 | call to Query | provenance | MaD:738 |
| DivideByZero.go:38:12:38:24 | call to Query | DivideByZero.go:39:32:39:37 | param1 | provenance | |
| DivideByZero.go:39:2:39:46 | ... := ...[0] | DivideByZero.go:40:16:40:20 | value | provenance | |
| DivideByZero.go:39:32:39:37 | param1 | DivideByZero.go:39:2:39:46 | ... := ...[0] | provenance | Config |
| DivideByZero.go:54:12:54:16 | selection of URL | DivideByZero.go:54:12:54:24 | call to Query | provenance | MaD:735 |
| DivideByZero.go:54:12:54:16 | selection of URL | DivideByZero.go:54:12:54:24 | call to Query | provenance | MaD:738 |
| DivideByZero.go:54:12:54:24 | call to Query | DivideByZero.go:55:11:55:24 | type conversion | provenance | |
| DivideByZero.go:55:11:55:24 | type conversion | DivideByZero.go:57:17:57:21 | value | provenance | |
nodes

View File

@@ -1,5 +1,5 @@
edges
| test.go:59:16:59:44 | call to FormValue | test.go:128:20:128:27 | definition of filename | provenance | Src:MaD:670 |
| test.go:59:16:59:44 | call to FormValue | test.go:128:20:128:27 | definition of filename | provenance | Src:MaD:673 |
| test.go:60:15:60:26 | selection of Body | test.go:158:19:158:22 | definition of file | provenance | |
| test.go:61:24:61:35 | selection of Body | test.go:169:28:169:31 | definition of file | provenance | |
| test.go:62:13:62:24 | selection of Body | test.go:181:17:181:20 | definition of file | provenance | |
@@ -31,18 +31,18 @@ edges
| test.go:145:12:145:19 | call to Open | test.go:147:37:147:38 | rc | provenance | |
| test.go:158:19:158:22 | definition of file | test.go:159:25:159:28 | file | provenance | |
| test.go:159:2:159:29 | ... := ...[0] | test.go:160:48:160:52 | file1 | provenance | |
| test.go:159:25:159:28 | file | test.go:159:2:159:29 | ... := ...[0] | provenance | MaD:547 |
| test.go:159:25:159:28 | file | test.go:159:2:159:29 | ... := ...[0] | provenance | MaD:550 |
| test.go:160:2:160:69 | ... := ...[0] | test.go:163:26:163:29 | file | provenance | |
| test.go:160:32:160:53 | call to NewReader | test.go:160:2:160:69 | ... := ...[0] | provenance | Config |
| test.go:160:48:160:52 | file1 | test.go:160:32:160:53 | call to NewReader | provenance | MaD:43 |
| test.go:160:48:160:52 | file1 | test.go:160:32:160:53 | call to NewReader | provenance | MaD:46 |
| test.go:163:3:163:36 | ... := ...[0] | test.go:164:36:164:51 | fileReaderCloser | provenance | |
| test.go:163:26:163:29 | file | test.go:163:3:163:36 | ... := ...[0] | provenance | MaD:8 |
| test.go:169:28:169:31 | definition of file | test.go:170:25:170:28 | file | provenance | |
| test.go:170:2:170:29 | ... := ...[0] | test.go:171:57:171:61 | file2 | provenance | |
| test.go:170:25:170:28 | file | test.go:170:2:170:29 | ... := ...[0] | provenance | MaD:547 |
| test.go:170:25:170:28 | file | test.go:170:2:170:29 | ... := ...[0] | provenance | MaD:550 |
| test.go:171:2:171:78 | ... := ...[0] | test.go:175:26:175:29 | file | provenance | |
| test.go:171:41:171:62 | call to NewReader | test.go:171:2:171:78 | ... := ...[0] | provenance | Config |
| test.go:171:57:171:61 | file2 | test.go:171:41:171:62 | call to NewReader | provenance | MaD:43 |
| test.go:171:57:171:61 | file2 | test.go:171:41:171:62 | call to NewReader | provenance | MaD:46 |
| test.go:175:26:175:29 | file | test.go:175:26:175:36 | call to Open | provenance | Config |
| test.go:175:26:175:36 | call to Open | test.go:176:36:176:51 | fileReaderCloser | provenance | |
| test.go:181:17:181:20 | definition of file | test.go:184:41:184:44 | file | provenance | |

View File

@@ -1,6 +1,6 @@
edges
| Dsn.go:47:10:47:30 | call to FormValue | Dsn.go:49:102:49:105 | name | provenance | Src:MaD:670 |
| Dsn.go:49:11:49:106 | []type{args} [array] | Dsn.go:49:11:49:106 | call to Sprintf | provenance | MaD:245 |
| Dsn.go:47:10:47:30 | call to FormValue | Dsn.go:49:102:49:105 | name | provenance | Src:MaD:673 |
| Dsn.go:49:11:49:106 | []type{args} [array] | Dsn.go:49:11:49:106 | call to Sprintf | provenance | MaD:248 |
| Dsn.go:49:11:49:106 | call to Sprintf | Dsn.go:50:29:50:33 | dbDSN | provenance | |
| Dsn.go:49:102:49:105 | name | Dsn.go:49:11:49:106 | []type{args} [array] | provenance | |
| Dsn.go:49:102:49:105 | name | Dsn.go:49:11:49:106 | call to Sprintf | provenance | FunctionModel |

View File

@@ -1,6 +1,6 @@
edges
| Dsn.go:26:11:26:17 | selection of Args | Dsn.go:28:102:28:109 | index expression | provenance | |
| Dsn.go:28:11:28:110 | []type{args} [array] | Dsn.go:28:11:28:110 | call to Sprintf | provenance | MaD:245 |
| Dsn.go:28:11:28:110 | []type{args} [array] | Dsn.go:28:11:28:110 | call to Sprintf | provenance | MaD:248 |
| Dsn.go:28:11:28:110 | call to Sprintf | Dsn.go:29:29:29:33 | dbDSN | provenance | |
| Dsn.go:28:102:28:109 | index expression | Dsn.go:28:11:28:110 | []type{args} [array] | provenance | |
| Dsn.go:28:102:28:109 | index expression | Dsn.go:28:11:28:110 | call to Sprintf | provenance | FunctionModel |
@@ -12,7 +12,7 @@ edges
| Dsn.go:63:9:63:11 | implicit dereference | Dsn.go:67:102:67:108 | selection of dsn | provenance | |
| Dsn.go:63:19:63:25 | selection of Args | Dsn.go:63:19:63:29 | slice expression | provenance | |
| Dsn.go:63:19:63:29 | slice expression | Dsn.go:63:9:63:11 | implicit dereference | provenance | FunctionModel |
| Dsn.go:67:11:67:109 | []type{args} [array] | Dsn.go:67:11:67:109 | call to Sprintf | provenance | MaD:245 |
| Dsn.go:67:11:67:109 | []type{args} [array] | Dsn.go:67:11:67:109 | call to Sprintf | provenance | MaD:248 |
| Dsn.go:67:11:67:109 | call to Sprintf | Dsn.go:68:29:68:33 | dbDSN | provenance | |
| Dsn.go:67:102:67:104 | cfg [pointer] | Dsn.go:67:102:67:104 | implicit dereference | provenance | |
| Dsn.go:67:102:67:104 | implicit dereference | Dsn.go:63:9:63:11 | implicit dereference | provenance | |

View File

@@ -1,28 +1,28 @@
edges
| HTMLTemplateEscapingPassthrough.go:29:12:29:41 | type conversion | HTMLTemplateEscapingPassthrough.go:30:39:30:39 | a | provenance | |
| HTMLTemplateEscapingPassthrough.go:29:26:29:40 | call to UserAgent | HTMLTemplateEscapingPassthrough.go:29:12:29:41 | type conversion | provenance | Src:MaD:674 |
| HTMLTemplateEscapingPassthrough.go:29:26:29:40 | call to UserAgent | HTMLTemplateEscapingPassthrough.go:29:12:29:41 | type conversion | provenance | Src:MaD:677 |
| HTMLTemplateEscapingPassthrough.go:35:9:35:38 | type conversion | HTMLTemplateEscapingPassthrough.go:36:40:36:40 | a | provenance | |
| HTMLTemplateEscapingPassthrough.go:35:23:35:37 | call to UserAgent | HTMLTemplateEscapingPassthrough.go:35:9:35:38 | type conversion | provenance | Src:MaD:674 |
| HTMLTemplateEscapingPassthrough.go:35:23:35:37 | call to UserAgent | HTMLTemplateEscapingPassthrough.go:35:9:35:38 | type conversion | provenance | Src:MaD:677 |
| HTMLTemplateEscapingPassthrough.go:40:9:40:34 | type conversion | HTMLTemplateEscapingPassthrough.go:41:40:41:40 | a | provenance | |
| HTMLTemplateEscapingPassthrough.go:40:19:40:33 | call to UserAgent | HTMLTemplateEscapingPassthrough.go:40:9:40:34 | type conversion | provenance | Src:MaD:674 |
| HTMLTemplateEscapingPassthrough.go:40:19:40:33 | call to UserAgent | HTMLTemplateEscapingPassthrough.go:40:9:40:34 | type conversion | provenance | Src:MaD:677 |
| HTMLTemplateEscapingPassthrough.go:46:11:46:44 | type conversion | HTMLTemplateEscapingPassthrough.go:47:41:47:41 | c | provenance | |
| HTMLTemplateEscapingPassthrough.go:46:29:46:43 | call to UserAgent | HTMLTemplateEscapingPassthrough.go:46:11:46:44 | type conversion | provenance | Src:MaD:674 |
| HTMLTemplateEscapingPassthrough.go:46:29:46:43 | call to UserAgent | HTMLTemplateEscapingPassthrough.go:46:11:46:44 | type conversion | provenance | Src:MaD:677 |
| HTMLTemplateEscapingPassthrough.go:50:11:50:38 | type conversion | HTMLTemplateEscapingPassthrough.go:51:44:51:44 | d | provenance | |
| HTMLTemplateEscapingPassthrough.go:50:23:50:37 | call to UserAgent | HTMLTemplateEscapingPassthrough.go:50:11:50:38 | type conversion | provenance | Src:MaD:674 |
| HTMLTemplateEscapingPassthrough.go:50:23:50:37 | call to UserAgent | HTMLTemplateEscapingPassthrough.go:50:11:50:38 | type conversion | provenance | Src:MaD:677 |
| HTMLTemplateEscapingPassthrough.go:54:11:54:41 | type conversion | HTMLTemplateEscapingPassthrough.go:55:44:55:44 | e | provenance | |
| HTMLTemplateEscapingPassthrough.go:54:26:54:40 | call to UserAgent | HTMLTemplateEscapingPassthrough.go:54:11:54:41 | type conversion | provenance | Src:MaD:674 |
| HTMLTemplateEscapingPassthrough.go:54:26:54:40 | call to UserAgent | HTMLTemplateEscapingPassthrough.go:54:11:54:41 | type conversion | provenance | Src:MaD:677 |
| HTMLTemplateEscapingPassthrough.go:58:11:58:39 | type conversion | HTMLTemplateEscapingPassthrough.go:59:38:59:38 | b | provenance | |
| HTMLTemplateEscapingPassthrough.go:58:24:58:38 | call to UserAgent | HTMLTemplateEscapingPassthrough.go:58:11:58:39 | type conversion | provenance | Src:MaD:674 |
| HTMLTemplateEscapingPassthrough.go:58:24:58:38 | call to UserAgent | HTMLTemplateEscapingPassthrough.go:58:11:58:39 | type conversion | provenance | Src:MaD:677 |
| HTMLTemplateEscapingPassthrough.go:62:11:62:42 | type conversion | HTMLTemplateEscapingPassthrough.go:63:44:63:44 | f | provenance | |
| HTMLTemplateEscapingPassthrough.go:62:27:62:41 | call to UserAgent | HTMLTemplateEscapingPassthrough.go:62:11:62:42 | type conversion | provenance | Src:MaD:674 |
| HTMLTemplateEscapingPassthrough.go:62:27:62:41 | call to UserAgent | HTMLTemplateEscapingPassthrough.go:62:11:62:42 | type conversion | provenance | Src:MaD:677 |
| HTMLTemplateEscapingPassthrough.go:66:11:66:39 | type conversion | HTMLTemplateEscapingPassthrough.go:67:38:67:38 | g | provenance | |
| HTMLTemplateEscapingPassthrough.go:66:24:66:38 | call to UserAgent | HTMLTemplateEscapingPassthrough.go:66:11:66:39 | type conversion | provenance | Src:MaD:674 |
| HTMLTemplateEscapingPassthrough.go:75:17:75:31 | call to UserAgent | HTMLTemplateEscapingPassthrough.go:76:38:76:44 | escaped | provenance | Src:MaD:674 |
| HTMLTemplateEscapingPassthrough.go:81:10:81:24 | call to UserAgent | HTMLTemplateEscapingPassthrough.go:84:38:84:40 | src | provenance | Src:MaD:674 |
| HTMLTemplateEscapingPassthrough.go:89:10:89:24 | call to UserAgent | HTMLTemplateEscapingPassthrough.go:91:64:91:66 | src | provenance | Src:MaD:674 |
| HTMLTemplateEscapingPassthrough.go:66:24:66:38 | call to UserAgent | HTMLTemplateEscapingPassthrough.go:66:11:66:39 | type conversion | provenance | Src:MaD:677 |
| HTMLTemplateEscapingPassthrough.go:75:17:75:31 | call to UserAgent | HTMLTemplateEscapingPassthrough.go:76:38:76:44 | escaped | provenance | Src:MaD:677 |
| HTMLTemplateEscapingPassthrough.go:81:10:81:24 | call to UserAgent | HTMLTemplateEscapingPassthrough.go:84:38:84:40 | src | provenance | Src:MaD:677 |
| HTMLTemplateEscapingPassthrough.go:89:10:89:24 | call to UserAgent | HTMLTemplateEscapingPassthrough.go:91:64:91:66 | src | provenance | Src:MaD:677 |
| HTMLTemplateEscapingPassthrough.go:91:16:91:77 | type conversion | HTMLTemplateEscapingPassthrough.go:92:38:92:46 | converted | provenance | |
| HTMLTemplateEscapingPassthrough.go:91:38:91:67 | call to HTMLEscapeString | HTMLTemplateEscapingPassthrough.go:91:16:91:77 | type conversion | provenance | |
| HTMLTemplateEscapingPassthrough.go:91:64:91:66 | src | HTMLTemplateEscapingPassthrough.go:91:38:91:67 | call to HTMLEscapeString | provenance | MaD:522 |
| HTMLTemplateEscapingPassthrough.go:91:64:91:66 | src | HTMLTemplateEscapingPassthrough.go:91:38:91:67 | call to HTMLEscapeString | provenance | MaD:525 |
nodes
| HTMLTemplateEscapingPassthrough.go:29:12:29:41 | type conversion | semmle.label | type conversion |
| HTMLTemplateEscapingPassthrough.go:29:26:29:40 | call to UserAgent | semmle.label | call to UserAgent |

View File

@@ -1,44 +1,44 @@
edges
| builtin.go:19:12:19:34 | call to FormValue | builtin.go:22:21:22:62 | ...+... | provenance | Src:MaD:670 |
| builtin.go:83:21:83:31 | call to Referer | builtin.go:88:27:88:40 | untrustedInput | provenance | Src:MaD:673 |
| builtin.go:97:21:97:31 | call to Referer | builtin.go:101:36:101:49 | untrustedInput | provenance | Src:MaD:673 |
| builtin.go:111:21:111:31 | call to Referer | builtin.go:114:15:114:28 | untrustedInput | provenance | Src:MaD:673 |
| builtin.go:129:21:129:31 | call to Referer | builtin.go:132:38:132:51 | untrustedInput | provenance | Src:MaD:673 |
| builtin.go:19:12:19:34 | call to FormValue | builtin.go:22:21:22:62 | ...+... | provenance | Src:MaD:673 |
| builtin.go:83:21:83:31 | call to Referer | builtin.go:88:27:88:40 | untrustedInput | provenance | Src:MaD:676 |
| builtin.go:97:21:97:31 | call to Referer | builtin.go:101:36:101:49 | untrustedInput | provenance | Src:MaD:676 |
| builtin.go:111:21:111:31 | call to Referer | builtin.go:114:15:114:28 | untrustedInput | provenance | Src:MaD:676 |
| builtin.go:129:21:129:31 | call to Referer | builtin.go:132:38:132:51 | untrustedInput | provenance | Src:MaD:676 |
| new-tests.go:26:26:26:30 | &... | new-tests.go:31:48:31:56 | selection of word | provenance | |
| new-tests.go:26:26:26:30 | &... | new-tests.go:32:48:32:56 | selection of safe | provenance | |
| new-tests.go:26:26:26:30 | &... | new-tests.go:35:49:35:57 | selection of word | provenance | |
| new-tests.go:31:11:31:57 | []type{args} [array] | new-tests.go:31:11:31:57 | call to Sprintf | provenance | MaD:245 |
| new-tests.go:31:11:31:57 | []type{args} [array] | new-tests.go:31:11:31:57 | call to Sprintf | provenance | MaD:248 |
| new-tests.go:31:48:31:56 | selection of word | new-tests.go:31:11:31:57 | []type{args} [array] | provenance | |
| new-tests.go:31:48:31:56 | selection of word | new-tests.go:31:11:31:57 | call to Sprintf | provenance | FunctionModel |
| new-tests.go:32:11:32:57 | []type{args} [array] | new-tests.go:32:11:32:57 | call to Sprintf | provenance | MaD:245 |
| new-tests.go:32:11:32:57 | []type{args} [array] | new-tests.go:32:11:32:57 | call to Sprintf | provenance | MaD:248 |
| new-tests.go:32:48:32:56 | selection of safe | new-tests.go:32:11:32:57 | []type{args} [array] | provenance | |
| new-tests.go:32:48:32:56 | selection of safe | new-tests.go:32:11:32:57 | call to Sprintf | provenance | FunctionModel |
| new-tests.go:35:12:35:58 | []type{args} [array] | new-tests.go:35:12:35:58 | call to Sprintf | provenance | MaD:245 |
| new-tests.go:35:12:35:58 | []type{args} [array] | new-tests.go:35:12:35:58 | call to Sprintf | provenance | MaD:248 |
| new-tests.go:35:49:35:57 | selection of word | new-tests.go:35:12:35:58 | []type{args} [array] | provenance | |
| new-tests.go:35:49:35:57 | selection of word | new-tests.go:35:12:35:58 | call to Sprintf | provenance | FunctionModel |
| new-tests.go:39:18:39:30 | call to Param | new-tests.go:47:11:47:46 | ...+... | provenance | |
| new-tests.go:49:18:49:30 | call to Query | new-tests.go:50:11:50:46 | ...+... | provenance | |
| new-tests.go:62:2:62:39 | ... := ...[0] | new-tests.go:63:17:63:23 | reqBody | provenance | |
| new-tests.go:62:31:62:38 | selection of Body | new-tests.go:62:2:62:39 | ... := ...[0] | provenance | MaD:540 |
| new-tests.go:63:17:63:23 | reqBody | new-tests.go:63:26:63:30 | &... | provenance | MaD:184 |
| new-tests.go:62:31:62:38 | selection of Body | new-tests.go:62:2:62:39 | ... := ...[0] | provenance | MaD:543 |
| new-tests.go:63:17:63:23 | reqBody | new-tests.go:63:26:63:30 | &... | provenance | MaD:187 |
| new-tests.go:63:26:63:30 | &... | new-tests.go:68:48:68:56 | selection of word | provenance | |
| new-tests.go:63:26:63:30 | &... | new-tests.go:69:48:69:56 | selection of safe | provenance | |
| new-tests.go:63:26:63:30 | &... | new-tests.go:74:49:74:57 | selection of word | provenance | |
| new-tests.go:68:11:68:57 | []type{args} [array] | new-tests.go:68:11:68:57 | call to Sprintf | provenance | MaD:245 |
| new-tests.go:68:11:68:57 | []type{args} [array] | new-tests.go:68:11:68:57 | call to Sprintf | provenance | MaD:248 |
| new-tests.go:68:48:68:56 | selection of word | new-tests.go:68:11:68:57 | []type{args} [array] | provenance | |
| new-tests.go:68:48:68:56 | selection of word | new-tests.go:68:11:68:57 | call to Sprintf | provenance | FunctionModel |
| new-tests.go:69:11:69:57 | []type{args} [array] | new-tests.go:69:11:69:57 | call to Sprintf | provenance | MaD:245 |
| new-tests.go:69:11:69:57 | []type{args} [array] | new-tests.go:69:11:69:57 | call to Sprintf | provenance | MaD:248 |
| new-tests.go:69:48:69:56 | selection of safe | new-tests.go:69:11:69:57 | []type{args} [array] | provenance | |
| new-tests.go:69:48:69:56 | selection of safe | new-tests.go:69:11:69:57 | call to Sprintf | provenance | FunctionModel |
| new-tests.go:74:12:74:58 | []type{args} [array] | new-tests.go:74:12:74:58 | call to Sprintf | provenance | MaD:245 |
| new-tests.go:74:12:74:58 | []type{args} [array] | new-tests.go:74:12:74:58 | call to Sprintf | provenance | MaD:248 |
| new-tests.go:74:49:74:57 | selection of word | new-tests.go:74:12:74:58 | []type{args} [array] | provenance | |
| new-tests.go:74:49:74:57 | selection of word | new-tests.go:74:12:74:58 | call to Sprintf | provenance | FunctionModel |
| new-tests.go:78:18:78:24 | selection of URL | new-tests.go:78:18:78:32 | call to Query | provenance | MaD:735 |
| new-tests.go:78:18:78:32 | call to Query | new-tests.go:78:18:78:46 | call to Get | provenance | MaD:742 |
| new-tests.go:78:18:78:24 | selection of URL | new-tests.go:78:18:78:32 | call to Query | provenance | MaD:738 |
| new-tests.go:78:18:78:32 | call to Query | new-tests.go:78:18:78:46 | call to Get | provenance | MaD:745 |
| new-tests.go:78:18:78:46 | call to Get | new-tests.go:79:11:79:46 | ...+... | provenance | |
| new-tests.go:81:18:81:67 | call to TrimPrefix | new-tests.go:82:11:82:46 | ...+... | provenance | |
| new-tests.go:81:37:81:43 | selection of URL | new-tests.go:81:37:81:48 | selection of Path | provenance | |
| new-tests.go:81:37:81:48 | selection of Path | new-tests.go:81:18:81:67 | call to TrimPrefix | provenance | MaD:858 |
| new-tests.go:81:37:81:48 | selection of Path | new-tests.go:81:18:81:67 | call to TrimPrefix | provenance | MaD:861 |
| new-tests.go:86:10:86:20 | call to Vars | new-tests.go:88:11:88:46 | ...+... | provenance | |
| new-tests.go:95:18:95:45 | call to URLParam | new-tests.go:96:11:96:46 | ...+... | provenance | |
nodes

View File

@@ -1,6 +1,6 @@
edges
| Builtin.go:6:2:6:2 | definition of b | Builtin.go:8:9:8:17 | type conversion | provenance | |
| Builtin.go:7:2:7:15 | selection of Body | Builtin.go:6:2:6:2 | definition of b | provenance | MaD:553 |
| Builtin.go:7:2:7:15 | selection of Body | Builtin.go:6:2:6:2 | definition of b | provenance | MaD:556 |
nodes
| Builtin.go:6:2:6:2 | definition of b | semmle.label | definition of b |
| Builtin.go:7:2:7:15 | selection of Body | semmle.label | selection of Body |

View File

@@ -14,3 +14,6 @@ invalidModelRow
| test.go:79:13:79:25 | type assertion | test.go:79:12:79:40 | call to StepQualRes |
| test.go:83:3:83:15 | type assertion | test.go:82:6:82:11 | definition of taint6 |
| test.go:86:34:86:36 | src | test.go:86:12:86:37 | call to StepArgResNoQual |
| test.go:149:10:149:27 | []type{args} | test.go:149:10:149:27 | call to append |
| test.go:149:17:149:21 | slice | test.go:149:10:149:27 | call to append |
| test.go:155:15:155:20 | slice1 | test.go:154:2:154:7 | definition of slice2 |

View File

@@ -3,10 +3,8 @@
| main.go:38:13:38:13 | 1 | main.go:38:7:38:20 | slice literal |
| main.go:38:16:38:16 | 2 | main.go:38:7:38:20 | slice literal |
| main.go:38:19:38:19 | 3 | main.go:38:7:38:20 | slice literal |
| main.go:39:8:39:25 | []type{args} | main.go:39:8:39:25 | call to append |
| main.go:39:15:39:15 | s | main.go:39:8:39:25 | call to append |
| main.go:39:18:39:18 | 4 | main.go:39:8:39:25 | call to append |
| main.go:39:21:39:21 | 5 | main.go:39:8:39:25 | call to append |
| main.go:39:24:39:24 | 6 | main.go:39:8:39:25 | call to append |
| main.go:40:15:40:15 | s | main.go:40:8:40:23 | call to append |
| main.go:40:18:40:19 | s1 | main.go:40:8:40:23 | call to append |
| main.go:42:10:42:11 | s4 | main.go:38:2:38:2 | definition of s |

View File

@@ -24,21 +24,21 @@ edges
| test.go:199:15:199:26 | call to Data | test.go:204:36:204:53 | type assertion | provenance | |
| test.go:199:15:199:26 | call to Data | test.go:205:34:205:51 | type assertion | provenance | |
| test.go:200:21:200:54 | call to HTML2str | test.go:200:14:200:55 | type conversion | provenance | |
| test.go:200:36:200:53 | type assertion | test.go:200:21:200:54 | call to HTML2str | provenance | MaD:249 |
| test.go:200:36:200:53 | type assertion | test.go:200:21:200:54 | call to HTML2str | provenance | MaD:252 |
| test.go:201:21:201:57 | call to Htmlunquote | test.go:201:14:201:58 | type conversion | provenance | |
| test.go:201:39:201:56 | type assertion | test.go:201:21:201:57 | call to Htmlunquote | provenance | MaD:251 |
| test.go:201:39:201:56 | type assertion | test.go:201:21:201:57 | call to Htmlunquote | provenance | MaD:254 |
| test.go:202:2:202:68 | ... := ...[0] | test.go:203:14:203:28 | type assertion | provenance | |
| test.go:202:28:202:56 | type assertion | test.go:202:2:202:68 | ... := ...[0] | provenance | MaD:252 |
| test.go:202:28:202:56 | type assertion | test.go:202:2:202:68 | ... := ...[0] | provenance | MaD:255 |
| test.go:204:21:204:54 | call to Str2html | test.go:204:14:204:55 | type conversion | provenance | |
| test.go:204:36:204:53 | type assertion | test.go:204:21:204:54 | call to Str2html | provenance | MaD:254 |
| test.go:204:36:204:53 | type assertion | test.go:204:21:204:54 | call to Str2html | provenance | MaD:257 |
| test.go:205:21:205:58 | call to Substr | test.go:205:14:205:59 | type conversion | provenance | |
| test.go:205:34:205:51 | type assertion | test.go:205:21:205:58 | call to Substr | provenance | MaD:255 |
| test.go:205:34:205:51 | type assertion | test.go:205:21:205:58 | call to Substr | provenance | MaD:258 |
| test.go:207:6:207:6 | definition of s | test.go:209:14:209:28 | type conversion | provenance | |
| test.go:208:18:208:33 | selection of Form | test.go:207:6:207:6 | definition of s | provenance | MaD:253 |
| test.go:208:18:208:33 | selection of Form | test.go:207:6:207:6 | definition of s | provenance | MaD:256 |
| test.go:223:2:223:34 | ... := ...[0] | test.go:225:31:225:31 | f | provenance | |
| test.go:223:2:223:34 | ... := ...[1] | test.go:224:14:224:32 | type conversion | provenance | |
| test.go:225:2:225:32 | ... := ...[0] | test.go:226:14:226:20 | content | provenance | |
| test.go:225:31:225:31 | f | test.go:225:2:225:32 | ... := ...[0] | provenance | MaD:540 |
| test.go:225:31:225:31 | f | test.go:225:2:225:32 | ... := ...[0] | provenance | MaD:543 |
| test.go:228:2:228:40 | ... := ...[0] | test.go:229:14:229:38 | type conversion | provenance | |
| test.go:231:7:231:28 | call to GetString | test.go:232:14:232:22 | type conversion | provenance | |
| test.go:234:8:234:35 | call to GetStrings | test.go:235:14:235:26 | type conversion | provenance | |
@@ -66,39 +66,39 @@ edges
| test.go:278:21:278:28 | index expression | test.go:276:2:276:13 | definition of genericFiles [array] | provenance | |
| test.go:283:44:283:60 | selection of Filename | test.go:283:21:283:61 | call to GetDisplayString | provenance | FunctionModel |
| test.go:284:21:284:53 | call to SliceChunk | test.go:284:21:284:92 | selection of Filename | provenance | |
| test.go:284:38:284:49 | genericFiles | test.go:284:21:284:53 | call to SliceChunk | provenance | MaD:263 |
| test.go:284:38:284:49 | genericFiles | test.go:284:21:284:53 | call to SliceChunk | provenance | MaD:266 |
| test.go:285:21:285:60 | call to SliceDiff | test.go:285:21:285:96 | selection of Filename | provenance | |
| test.go:285:37:285:48 | genericFiles | test.go:285:21:285:60 | call to SliceDiff | provenance | MaD:264 |
| test.go:285:37:285:48 | genericFiles | test.go:285:21:285:60 | call to SliceDiff | provenance | MaD:267 |
| test.go:290:3:292:44 | call to SliceFilter | test.go:290:3:292:80 | selection of Filename | provenance | |
| test.go:291:4:291:15 | genericFiles | test.go:290:3:292:44 | call to SliceFilter | provenance | MaD:265 |
| test.go:291:4:291:15 | genericFiles | test.go:290:3:292:44 | call to SliceFilter | provenance | MaD:268 |
| test.go:293:21:293:65 | call to SliceIntersect | test.go:293:21:293:101 | selection of Filename | provenance | |
| test.go:293:42:293:53 | genericFiles | test.go:293:21:293:65 | call to SliceIntersect | provenance | MaD:266 |
| test.go:293:42:293:53 | genericFiles | test.go:293:21:293:65 | call to SliceIntersect | provenance | MaD:269 |
| test.go:294:21:294:65 | call to SliceIntersect | test.go:294:21:294:101 | selection of Filename | provenance | |
| test.go:294:53:294:64 | genericFiles | test.go:294:21:294:65 | call to SliceIntersect | provenance | MaD:266 |
| test.go:294:53:294:64 | genericFiles | test.go:294:21:294:65 | call to SliceIntersect | provenance | MaD:269 |
| test.go:295:21:295:61 | call to SliceMerge | test.go:295:21:295:97 | selection of Filename | provenance | |
| test.go:295:38:295:49 | genericFiles | test.go:295:21:295:61 | call to SliceMerge | provenance | MaD:267 |
| test.go:295:38:295:49 | genericFiles | test.go:295:21:295:61 | call to SliceMerge | provenance | MaD:270 |
| test.go:296:21:296:61 | call to SliceMerge | test.go:296:21:296:97 | selection of Filename | provenance | |
| test.go:296:49:296:60 | genericFiles | test.go:296:21:296:61 | call to SliceMerge | provenance | MaD:267 |
| test.go:296:49:296:60 | genericFiles | test.go:296:21:296:61 | call to SliceMerge | provenance | MaD:270 |
| test.go:297:21:297:66 | call to SlicePad | test.go:297:21:297:102 | selection of Filename | provenance | |
| test.go:297:51:297:62 | genericFiles [array] | test.go:297:51:297:65 | index expression | provenance | |
| test.go:297:51:297:65 | index expression | test.go:297:21:297:66 | call to SlicePad | provenance | MaD:268 |
| test.go:297:51:297:65 | index expression | test.go:297:21:297:66 | call to SlicePad | provenance | MaD:271 |
| test.go:298:21:298:66 | call to SlicePad | test.go:298:21:298:102 | selection of Filename | provenance | |
| test.go:298:36:298:47 | genericFiles | test.go:298:21:298:66 | call to SlicePad | provenance | MaD:268 |
| test.go:298:36:298:47 | genericFiles | test.go:298:21:298:66 | call to SlicePad | provenance | MaD:271 |
| test.go:299:21:299:49 | call to SliceRand | test.go:299:21:299:82 | selection of Filename | provenance | |
| test.go:299:37:299:48 | genericFiles | test.go:299:21:299:49 | call to SliceRand | provenance | MaD:269 |
| test.go:299:37:299:48 | genericFiles | test.go:299:21:299:49 | call to SliceRand | provenance | MaD:272 |
| test.go:301:21:301:97 | call to SliceReduce | test.go:301:21:301:133 | selection of Filename | provenance | |
| test.go:301:39:301:50 | genericFiles | test.go:301:21:301:97 | call to SliceReduce | provenance | MaD:270 |
| test.go:301:39:301:50 | genericFiles | test.go:301:21:301:97 | call to SliceReduce | provenance | MaD:273 |
| test.go:302:21:302:52 | call to SliceShuffle | test.go:302:21:302:88 | selection of Filename | provenance | |
| test.go:302:40:302:51 | genericFiles | test.go:302:21:302:52 | call to SliceShuffle | provenance | MaD:271 |
| test.go:302:40:302:51 | genericFiles | test.go:302:21:302:52 | call to SliceShuffle | provenance | MaD:274 |
| test.go:303:21:303:51 | call to SliceUnique | test.go:303:21:303:87 | selection of Filename | provenance | |
| test.go:303:39:303:50 | genericFiles | test.go:303:21:303:51 | call to SliceUnique | provenance | MaD:272 |
| test.go:303:39:303:50 | genericFiles | test.go:303:21:303:51 | call to SliceUnique | provenance | MaD:275 |
| test.go:308:2:308:5 | definition of bMap | test.go:311:21:311:24 | bMap | provenance | |
| test.go:308:2:308:5 | definition of bMap | test.go:312:21:312:24 | bMap | provenance | |
| test.go:309:15:309:36 | call to GetString | test.go:310:22:310:30 | untrusted | provenance | |
| test.go:310:22:310:30 | untrusted | test.go:308:2:308:5 | definition of bMap | provenance | MaD:275 |
| test.go:311:21:311:24 | bMap | test.go:311:21:311:39 | call to Get | provenance | MaD:273 |
| test.go:310:22:310:30 | untrusted | test.go:308:2:308:5 | definition of bMap | provenance | MaD:278 |
| test.go:311:21:311:24 | bMap | test.go:311:21:311:39 | call to Get | provenance | MaD:276 |
| test.go:311:21:311:39 | call to Get | test.go:311:21:311:48 | type assertion | provenance | |
| test.go:312:21:312:24 | bMap | test.go:312:21:312:32 | call to Items | provenance | MaD:274 |
| test.go:312:21:312:24 | bMap | test.go:312:21:312:32 | call to Items | provenance | MaD:277 |
| test.go:312:21:312:32 | call to Items | test.go:312:21:312:52 | type assertion | provenance | |
nodes
| test.go:33:6:33:10 | definition of bound | semmle.label | definition of bound |

View File

@@ -2,7 +2,7 @@ edges
| test.go:215:15:215:26 | call to Data | test.go:216:18:216:26 | untrusted | provenance | |
| test.go:215:15:215:26 | call to Data | test.go:217:10:217:18 | untrusted | provenance | |
| test.go:215:15:215:26 | call to Data | test.go:218:35:218:43 | untrusted | provenance | |
| test.go:324:17:324:37 | selection of RequestBody | test.go:324:40:324:43 | &... | provenance | MaD:184 |
| test.go:324:17:324:37 | selection of RequestBody | test.go:324:40:324:43 | &... | provenance | MaD:187 |
| test.go:324:40:324:43 | &... | test.go:326:35:326:43 | untrusted | provenance | |
| test.go:332:15:332:26 | call to Data | test.go:334:23:334:31 | untrusted | provenance | |
| test.go:340:15:340:26 | call to Data | test.go:342:53:342:61 | untrusted | provenance | |

View File

@@ -1,36 +1,36 @@
edges
| test.go:10:15:10:41 | call to UserAgent | test.go:12:11:12:19 | untrusted | provenance | Src:MaD:674 |
| test.go:10:15:10:41 | call to UserAgent | test.go:13:23:13:31 | untrusted | provenance | Src:MaD:674 |
| test.go:10:15:10:41 | call to UserAgent | test.go:14:14:14:22 | untrusted | provenance | Src:MaD:674 |
| test.go:10:15:10:41 | call to UserAgent | test.go:15:26:15:34 | untrusted | provenance | Src:MaD:674 |
| test.go:10:15:10:41 | call to UserAgent | test.go:16:12:16:20 | untrusted | provenance | Src:MaD:674 |
| test.go:10:15:10:41 | call to UserAgent | test.go:17:24:17:32 | untrusted | provenance | Src:MaD:674 |
| test.go:10:15:10:41 | call to UserAgent | test.go:18:15:18:23 | untrusted | provenance | Src:MaD:674 |
| test.go:10:15:10:41 | call to UserAgent | test.go:19:27:19:35 | untrusted | provenance | Src:MaD:674 |
| test.go:24:15:24:41 | call to UserAgent | test.go:26:12:26:20 | untrusted | provenance | Src:MaD:674 |
| test.go:24:15:24:41 | call to UserAgent | test.go:27:10:27:18 | untrusted | provenance | Src:MaD:674 |
| test.go:24:15:24:41 | call to UserAgent | test.go:28:15:28:23 | untrusted | provenance | Src:MaD:674 |
| test.go:24:15:24:41 | call to UserAgent | test.go:29:14:29:22 | untrusted | provenance | Src:MaD:674 |
| test.go:24:15:24:41 | call to UserAgent | test.go:30:15:30:23 | untrusted | provenance | Src:MaD:674 |
| test.go:24:15:24:41 | call to UserAgent | test.go:31:8:31:16 | untrusted | provenance | Src:MaD:674 |
| test.go:24:15:24:41 | call to UserAgent | test.go:32:11:32:19 | untrusted | provenance | Src:MaD:674 |
| test.go:24:15:24:41 | call to UserAgent | test.go:33:9:33:17 | untrusted | provenance | Src:MaD:674 |
| test.go:24:15:24:41 | call to UserAgent | test.go:34:8:34:16 | untrusted | provenance | Src:MaD:674 |
| test.go:24:15:24:41 | call to UserAgent | test.go:35:8:35:16 | untrusted | provenance | Src:MaD:674 |
| test.go:24:15:24:41 | call to UserAgent | test.go:36:13:36:21 | untrusted | provenance | Src:MaD:674 |
| test.go:24:15:24:41 | call to UserAgent | test.go:37:13:37:21 | untrusted | provenance | Src:MaD:674 |
| test.go:24:15:24:41 | call to UserAgent | test.go:38:12:38:20 | untrusted | provenance | Src:MaD:674 |
| test.go:24:15:24:41 | call to UserAgent | test.go:39:12:39:20 | untrusted | provenance | Src:MaD:674 |
| test.go:24:15:24:41 | call to UserAgent | test.go:40:9:40:17 | untrusted | provenance | Src:MaD:674 |
| test.go:24:15:24:41 | call to UserAgent | test.go:41:12:41:20 | untrusted | provenance | Src:MaD:674 |
| test.go:24:15:24:41 | call to UserAgent | test.go:42:16:42:24 | untrusted | provenance | Src:MaD:674 |
| test.go:24:15:24:41 | call to UserAgent | test.go:42:27:42:35 | untrusted | provenance | Src:MaD:674 |
| test.go:24:15:24:41 | call to UserAgent | test.go:43:12:43:20 | untrusted | provenance | Src:MaD:674 |
| test.go:24:15:24:41 | call to UserAgent | test.go:44:14:44:22 | untrusted | provenance | Src:MaD:674 |
| test.go:24:15:24:41 | call to UserAgent | test.go:44:25:44:33 | untrusted | provenance | Src:MaD:674 |
| test.go:48:15:48:41 | call to UserAgent | test.go:49:12:49:20 | untrusted | provenance | Src:MaD:674 |
| test.go:54:15:54:41 | call to UserAgent | test.go:56:31:56:39 | untrusted | provenance | Src:MaD:674 |
| test.go:60:15:60:41 | call to UserAgent | test.go:62:19:62:27 | untrusted | provenance | Src:MaD:674 |
| test.go:10:15:10:41 | call to UserAgent | test.go:12:11:12:19 | untrusted | provenance | Src:MaD:677 |
| test.go:10:15:10:41 | call to UserAgent | test.go:13:23:13:31 | untrusted | provenance | Src:MaD:677 |
| test.go:10:15:10:41 | call to UserAgent | test.go:14:14:14:22 | untrusted | provenance | Src:MaD:677 |
| test.go:10:15:10:41 | call to UserAgent | test.go:15:26:15:34 | untrusted | provenance | Src:MaD:677 |
| test.go:10:15:10:41 | call to UserAgent | test.go:16:12:16:20 | untrusted | provenance | Src:MaD:677 |
| test.go:10:15:10:41 | call to UserAgent | test.go:17:24:17:32 | untrusted | provenance | Src:MaD:677 |
| test.go:10:15:10:41 | call to UserAgent | test.go:18:15:18:23 | untrusted | provenance | Src:MaD:677 |
| test.go:10:15:10:41 | call to UserAgent | test.go:19:27:19:35 | untrusted | provenance | Src:MaD:677 |
| test.go:24:15:24:41 | call to UserAgent | test.go:26:12:26:20 | untrusted | provenance | Src:MaD:677 |
| test.go:24:15:24:41 | call to UserAgent | test.go:27:10:27:18 | untrusted | provenance | Src:MaD:677 |
| test.go:24:15:24:41 | call to UserAgent | test.go:28:15:28:23 | untrusted | provenance | Src:MaD:677 |
| test.go:24:15:24:41 | call to UserAgent | test.go:29:14:29:22 | untrusted | provenance | Src:MaD:677 |
| test.go:24:15:24:41 | call to UserAgent | test.go:30:15:30:23 | untrusted | provenance | Src:MaD:677 |
| test.go:24:15:24:41 | call to UserAgent | test.go:31:8:31:16 | untrusted | provenance | Src:MaD:677 |
| test.go:24:15:24:41 | call to UserAgent | test.go:32:11:32:19 | untrusted | provenance | Src:MaD:677 |
| test.go:24:15:24:41 | call to UserAgent | test.go:33:9:33:17 | untrusted | provenance | Src:MaD:677 |
| test.go:24:15:24:41 | call to UserAgent | test.go:34:8:34:16 | untrusted | provenance | Src:MaD:677 |
| test.go:24:15:24:41 | call to UserAgent | test.go:35:8:35:16 | untrusted | provenance | Src:MaD:677 |
| test.go:24:15:24:41 | call to UserAgent | test.go:36:13:36:21 | untrusted | provenance | Src:MaD:677 |
| test.go:24:15:24:41 | call to UserAgent | test.go:37:13:37:21 | untrusted | provenance | Src:MaD:677 |
| test.go:24:15:24:41 | call to UserAgent | test.go:38:12:38:20 | untrusted | provenance | Src:MaD:677 |
| test.go:24:15:24:41 | call to UserAgent | test.go:39:12:39:20 | untrusted | provenance | Src:MaD:677 |
| test.go:24:15:24:41 | call to UserAgent | test.go:40:9:40:17 | untrusted | provenance | Src:MaD:677 |
| test.go:24:15:24:41 | call to UserAgent | test.go:41:12:41:20 | untrusted | provenance | Src:MaD:677 |
| test.go:24:15:24:41 | call to UserAgent | test.go:42:16:42:24 | untrusted | provenance | Src:MaD:677 |
| test.go:24:15:24:41 | call to UserAgent | test.go:42:27:42:35 | untrusted | provenance | Src:MaD:677 |
| test.go:24:15:24:41 | call to UserAgent | test.go:43:12:43:20 | untrusted | provenance | Src:MaD:677 |
| test.go:24:15:24:41 | call to UserAgent | test.go:44:14:44:22 | untrusted | provenance | Src:MaD:677 |
| test.go:24:15:24:41 | call to UserAgent | test.go:44:25:44:33 | untrusted | provenance | Src:MaD:677 |
| test.go:48:15:48:41 | call to UserAgent | test.go:49:12:49:20 | untrusted | provenance | Src:MaD:677 |
| test.go:54:15:54:41 | call to UserAgent | test.go:56:31:56:39 | untrusted | provenance | Src:MaD:677 |
| test.go:60:15:60:41 | call to UserAgent | test.go:62:19:62:27 | untrusted | provenance | Src:MaD:677 |
nodes
| test.go:10:15:10:41 | call to UserAgent | semmle.label | call to UserAgent |
| test.go:12:11:12:19 | untrusted | semmle.label | untrusted |

View File

@@ -8,28 +8,28 @@ edges
| test.go:51:2:51:30 | ... := ...[0] | test.go:52:16:52:37 | index expression | provenance | |
| test.go:57:2:57:46 | ... := ...[0] | test.go:58:13:58:22 | fileHeader | provenance | |
| test.go:58:2:58:29 | ... := ...[0] | test.go:60:2:60:5 | file | provenance | |
| test.go:58:13:58:22 | fileHeader | test.go:58:2:58:29 | ... := ...[0] | provenance | MaD:627 |
| test.go:58:13:58:22 | fileHeader | test.go:58:2:58:29 | ... := ...[0] | provenance | MaD:630 |
| test.go:59:2:59:7 | definition of buffer | test.go:61:20:61:25 | buffer | provenance | |
| test.go:60:2:60:5 | file | test.go:59:2:59:7 | definition of buffer | provenance | MaD:553 |
| test.go:60:2:60:5 | file | test.go:59:2:59:7 | definition of buffer | provenance | MaD:556 |
| test.go:66:2:66:31 | ... := ...[0] | test.go:67:16:67:41 | index expression | provenance | |
| test.go:72:2:72:31 | ... := ...[0] | test.go:74:13:74:22 | fileHeader | provenance | |
| test.go:74:2:74:29 | ... := ...[0] | test.go:76:2:76:5 | file | provenance | |
| test.go:74:13:74:22 | fileHeader | test.go:74:2:74:29 | ... := ...[0] | provenance | MaD:627 |
| test.go:74:13:74:22 | fileHeader | test.go:74:2:74:29 | ... := ...[0] | provenance | MaD:630 |
| test.go:75:2:75:7 | definition of buffer | test.go:77:20:77:25 | buffer | provenance | |
| test.go:76:2:76:5 | file | test.go:75:2:75:7 | definition of buffer | provenance | MaD:553 |
| test.go:76:2:76:5 | file | test.go:75:2:75:7 | definition of buffer | provenance | MaD:556 |
| test.go:82:2:82:32 | ... := ...[0] | test.go:83:16:83:24 | selection of Value | provenance | |
| test.go:88:13:88:25 | call to Cookies | test.go:89:16:89:31 | selection of Value | provenance | |
| test.go:99:11:99:15 | &... | test.go:100:16:100:21 | selection of s | provenance | |
| test.go:112:17:112:19 | definition of ctx | test.go:114:16:114:18 | ctx | provenance | |
| test.go:113:21:113:42 | call to Param | test.go:112:17:112:19 | definition of ctx | provenance | MaD:358 |
| test.go:114:16:114:18 | ctx | test.go:114:16:114:33 | call to Get | provenance | MaD:357 |
| test.go:113:21:113:42 | call to Param | test.go:112:17:112:19 | definition of ctx | provenance | MaD:361 |
| test.go:114:16:114:18 | ctx | test.go:114:16:114:33 | call to Get | provenance | MaD:360 |
| test.go:114:16:114:33 | call to Get | test.go:114:16:114:42 | type assertion | provenance | |
| test.go:124:11:124:32 | call to Param | test.go:125:16:125:20 | param | provenance | |
| test.go:130:11:130:32 | call to Param | test.go:131:20:131:32 | type conversion | provenance | |
| test.go:136:11:136:32 | call to Param | test.go:137:29:137:41 | type conversion | provenance | |
| test.go:148:11:148:32 | call to Param | test.go:149:30:149:34 | param | provenance | |
| test.go:149:12:149:35 | call to NewReader | test.go:150:31:150:36 | reader | provenance | |
| test.go:149:30:149:34 | param | test.go:149:12:149:35 | call to NewReader | provenance | MaD:836 |
| test.go:149:30:149:34 | param | test.go:149:12:149:35 | call to NewReader | provenance | MaD:839 |
| test.go:164:11:164:32 | call to Param | test.go:165:23:165:35 | type conversion | provenance | |
nodes
| test.go:15:11:15:32 | call to Param | semmle.label | call to Param |

View File

@@ -4,13 +4,13 @@ edges
| jsoniter.go:23:20:23:38 | call to getUntrustedBytes | jsoniter.go:31:21:31:34 | untrustedInput | provenance | |
| jsoniter.go:24:21:24:40 | call to getUntrustedString | jsoniter.go:35:27:35:41 | untrustedString | provenance | |
| jsoniter.go:24:21:24:40 | call to getUntrustedString | jsoniter.go:39:31:39:45 | untrustedString | provenance | |
| jsoniter.go:27:17:27:30 | untrustedInput | jsoniter.go:27:33:27:37 | &... | provenance | MaD:349 |
| jsoniter.go:27:17:27:30 | untrustedInput | jsoniter.go:27:33:27:37 | &... | provenance | MaD:352 |
| jsoniter.go:27:33:27:37 | &... | jsoniter.go:28:15:28:24 | selection of field | provenance | |
| jsoniter.go:31:21:31:34 | untrustedInput | jsoniter.go:31:37:31:42 | &... | provenance | MaD:347 |
| jsoniter.go:31:21:31:34 | untrustedInput | jsoniter.go:31:37:31:42 | &... | provenance | MaD:350 |
| jsoniter.go:31:37:31:42 | &... | jsoniter.go:32:15:32:25 | selection of field | provenance | |
| jsoniter.go:35:27:35:41 | untrustedString | jsoniter.go:35:44:35:49 | &... | provenance | MaD:350 |
| jsoniter.go:35:27:35:41 | untrustedString | jsoniter.go:35:44:35:49 | &... | provenance | MaD:353 |
| jsoniter.go:35:44:35:49 | &... | jsoniter.go:36:15:36:25 | selection of field | provenance | |
| jsoniter.go:39:31:39:45 | untrustedString | jsoniter.go:39:48:39:53 | &... | provenance | MaD:348 |
| jsoniter.go:39:31:39:45 | untrustedString | jsoniter.go:39:48:39:53 | &... | provenance | MaD:351 |
| jsoniter.go:39:48:39:53 | &... | jsoniter.go:40:15:40:25 | selection of field | provenance | |
nodes
| jsoniter.go:23:20:23:38 | call to getUntrustedBytes | semmle.label | call to getUntrustedBytes |

View File

@@ -1,10 +1,10 @@
edges
| EndToEnd.go:35:2:35:4 | definition of buf | EndToEnd.go:37:24:37:26 | buf | provenance | |
| EndToEnd.go:36:18:36:25 | selection of Params | EndToEnd.go:36:18:36:30 | selection of Form | provenance | |
| EndToEnd.go:36:18:36:30 | selection of Form | EndToEnd.go:36:18:36:47 | call to Get | provenance | MaD:742 |
| EndToEnd.go:36:18:36:47 | call to Get | EndToEnd.go:35:2:35:4 | definition of buf | provenance | MaD:556 |
| EndToEnd.go:36:18:36:30 | selection of Form | EndToEnd.go:36:18:36:47 | call to Get | provenance | MaD:745 |
| EndToEnd.go:36:18:36:47 | call to Get | EndToEnd.go:35:2:35:4 | definition of buf | provenance | MaD:559 |
| EndToEnd.go:69:22:69:29 | selection of Params | EndToEnd.go:69:22:69:34 | selection of Form | provenance | |
| EndToEnd.go:69:22:69:34 | selection of Form | EndToEnd.go:69:22:69:51 | call to Get | provenance | MaD:742 |
| EndToEnd.go:69:22:69:34 | selection of Form | EndToEnd.go:69:22:69:51 | call to Get | provenance | MaD:745 |
| Revel.go:70:22:70:29 | selection of Params | Revel.go:70:22:70:35 | selection of Query | provenance | |
| examples/booking/app/init.go:36:44:36:48 | selection of URL | examples/booking/app/init.go:36:44:36:53 | selection of Path | provenance | |
| examples/booking/app/init.go:40:49:40:53 | selection of URL | examples/booking/app/init.go:40:49:40:58 | selection of Path | provenance | |

View File

@@ -1,8 +1,8 @@
edges
| EndToEnd.go:58:18:58:25 | selection of Params | EndToEnd.go:58:18:58:30 | selection of Form | provenance | |
| EndToEnd.go:58:18:58:30 | selection of Form | EndToEnd.go:58:18:58:47 | call to Get | provenance | MaD:742 |
| EndToEnd.go:58:18:58:30 | selection of Form | EndToEnd.go:58:18:58:47 | call to Get | provenance | MaD:745 |
| EndToEnd.go:64:26:64:33 | selection of Params | EndToEnd.go:64:26:64:38 | selection of Form | provenance | |
| EndToEnd.go:64:26:64:38 | selection of Form | EndToEnd.go:64:26:64:55 | call to Get | provenance | MaD:742 |
| EndToEnd.go:64:26:64:38 | selection of Form | EndToEnd.go:64:26:64:55 | call to Get | provenance | MaD:745 |
nodes
| EndToEnd.go:58:18:58:25 | selection of Params | semmle.label | selection of Params |
| EndToEnd.go:58:18:58:30 | selection of Form | semmle.label | selection of Form |

View File

@@ -6,9 +6,9 @@ edges
| rpc/notes/service.twirp.go:493:2:493:2 | capture variable reqContent | rpc/notes/service.twirp.go:495:35:495:44 | reqContent | provenance | |
| rpc/notes/service.twirp.go:495:35:495:44 | reqContent | server/main.go:19:56:19:61 | definition of params | provenance | |
| rpc/notes/service.twirp.go:538:2:538:33 | ... := ...[0] | rpc/notes/service.twirp.go:544:27:544:29 | buf | provenance | |
| rpc/notes/service.twirp.go:538:25:538:32 | selection of Body | rpc/notes/service.twirp.go:538:2:538:33 | ... := ...[0] | provenance | MaD:547 |
| rpc/notes/service.twirp.go:538:25:538:32 | selection of Body | rpc/notes/service.twirp.go:538:2:538:33 | ... := ...[0] | provenance | MaD:550 |
| rpc/notes/service.twirp.go:543:2:543:11 | definition of reqContent | rpc/notes/service.twirp.go:574:2:574:2 | capture variable reqContent | provenance | |
| rpc/notes/service.twirp.go:544:27:544:29 | buf | rpc/notes/service.twirp.go:543:2:543:11 | definition of reqContent | provenance | MaD:432 |
| rpc/notes/service.twirp.go:544:27:544:29 | buf | rpc/notes/service.twirp.go:543:2:543:11 | definition of reqContent | provenance | MaD:435 |
| rpc/notes/service.twirp.go:554:6:554:13 | definition of typedReq | rpc/notes/service.twirp.go:558:44:558:51 | typedReq | provenance | |
| rpc/notes/service.twirp.go:558:44:558:51 | typedReq | server/main.go:19:56:19:61 | definition of params | provenance | |
| rpc/notes/service.twirp.go:574:2:574:2 | capture variable reqContent | rpc/notes/service.twirp.go:576:35:576:44 | reqContent | provenance | |

View File

@@ -1,40 +1,40 @@
edges
| test.go:12:12:12:22 | selection of URL | test.go:12:12:12:30 | call to Query | provenance | MaD:735 |
| test.go:12:12:12:30 | call to Query | test.go:12:12:12:44 | call to Get | provenance | MaD:742 |
| test.go:12:12:12:22 | selection of URL | test.go:12:12:12:30 | call to Query | provenance | MaD:738 |
| test.go:12:12:12:30 | call to Query | test.go:12:12:12:44 | call to Get | provenance | MaD:745 |
| test.go:12:12:12:44 | call to Get | test.go:15:42:15:47 | param1 | provenance | |
| test.go:15:22:15:48 | call to UnescapeString | test.go:15:15:15:49 | type conversion | provenance | |
| test.go:15:42:15:47 | param1 | test.go:15:22:15:48 | call to UnescapeString | provenance | MaD:414 |
| test.go:15:42:15:47 | param1 | test.go:15:22:15:48 | call to UnescapeString | provenance | MaD:417 |
| test.go:17:2:17:36 | ... := ...[0] | test.go:18:15:18:31 | type conversion | provenance | |
| test.go:17:2:17:36 | ... := ...[0] | test.go:29:22:29:25 | node | provenance | |
| test.go:17:24:17:35 | selection of Body | test.go:17:2:17:36 | ... := ...[0] | provenance | MaD:409 |
| test.go:17:24:17:35 | selection of Body | test.go:17:2:17:36 | ... := ...[0] | provenance | MaD:412 |
| test.go:20:2:20:48 | ... := ...[0] | test.go:21:15:21:32 | type conversion | provenance | |
| test.go:20:36:20:47 | selection of Body | test.go:20:2:20:48 | ... := ...[0] | provenance | MaD:412 |
| test.go:20:36:20:47 | selection of Body | test.go:20:2:20:48 | ... := ...[0] | provenance | MaD:415 |
| test.go:23:2:23:50 | ... := ...[0] | test.go:24:15:24:35 | type conversion | provenance | |
| test.go:23:33:23:44 | selection of Body | test.go:23:2:23:50 | ... := ...[0] | provenance | MaD:410 |
| test.go:23:33:23:44 | selection of Body | test.go:23:2:23:50 | ... := ...[0] | provenance | MaD:413 |
| test.go:26:2:26:62 | ... := ...[0] | test.go:27:15:27:36 | type conversion | provenance | |
| test.go:26:45:26:56 | selection of Body | test.go:26:2:26:62 | ... := ...[0] | provenance | MaD:411 |
| test.go:26:45:26:56 | selection of Body | test.go:26:2:26:62 | ... := ...[0] | provenance | MaD:414 |
| test.go:31:15:31:45 | call to NewTokenizer | test.go:32:15:32:23 | tokenizer | provenance | |
| test.go:31:15:31:45 | call to NewTokenizer | test.go:33:15:33:23 | tokenizer | provenance | |
| test.go:31:15:31:45 | call to NewTokenizer | test.go:34:17:34:25 | tokenizer | provenance | |
| test.go:31:15:31:45 | call to NewTokenizer | test.go:36:15:36:23 | tokenizer | provenance | |
| test.go:31:15:31:45 | call to NewTokenizer | test.go:37:22:37:30 | tokenizer | provenance | |
| test.go:31:33:31:44 | selection of Body | test.go:31:15:31:45 | call to NewTokenizer | provenance | MaD:407 |
| test.go:32:15:32:23 | tokenizer | test.go:32:15:32:34 | call to Buffered | provenance | MaD:417 |
| test.go:33:15:33:23 | tokenizer | test.go:33:15:33:29 | call to Raw | provenance | MaD:418 |
| test.go:31:33:31:44 | selection of Body | test.go:31:15:31:45 | call to NewTokenizer | provenance | MaD:410 |
| test.go:32:15:32:23 | tokenizer | test.go:32:15:32:34 | call to Buffered | provenance | MaD:420 |
| test.go:33:15:33:23 | tokenizer | test.go:33:15:33:29 | call to Raw | provenance | MaD:421 |
| test.go:34:2:34:35 | ... := ...[1] | test.go:35:15:35:19 | value | provenance | |
| test.go:34:17:34:25 | tokenizer | test.go:34:2:34:35 | ... := ...[1] | provenance | MaD:419 |
| test.go:36:15:36:23 | tokenizer | test.go:36:15:36:30 | call to Text | provenance | MaD:420 |
| test.go:37:22:37:30 | tokenizer | test.go:37:22:37:38 | call to Token | provenance | MaD:421 |
| test.go:34:17:34:25 | tokenizer | test.go:34:2:34:35 | ... := ...[1] | provenance | MaD:422 |
| test.go:36:15:36:23 | tokenizer | test.go:36:15:36:30 | call to Text | provenance | MaD:423 |
| test.go:37:22:37:30 | tokenizer | test.go:37:22:37:38 | call to Token | provenance | MaD:424 |
| test.go:37:22:37:38 | call to Token | test.go:37:15:37:44 | type conversion | provenance | |
| test.go:39:23:39:77 | call to NewTokenizerFragment | test.go:40:15:40:31 | tokenizerFragment | provenance | |
| test.go:39:49:39:60 | selection of Body | test.go:39:23:39:77 | call to NewTokenizerFragment | provenance | MaD:408 |
| test.go:40:15:40:31 | tokenizerFragment | test.go:40:15:40:42 | call to Buffered | provenance | MaD:417 |
| test.go:39:49:39:60 | selection of Body | test.go:39:23:39:77 | call to NewTokenizerFragment | provenance | MaD:411 |
| test.go:40:15:40:31 | tokenizerFragment | test.go:40:15:40:42 | call to Buffered | provenance | MaD:420 |
| test.go:42:6:42:14 | definition of cleanNode | test.go:45:22:45:31 | &... | provenance | |
| test.go:42:6:42:14 | definition of cleanNode | test.go:45:22:45:31 | &... | provenance | |
| test.go:42:6:42:14 | definition of cleanNode | test.go:45:23:45:31 | cleanNode | provenance | |
| test.go:43:2:43:43 | ... := ...[0] | test.go:44:24:44:34 | taintedNode | provenance | |
| test.go:43:31:43:42 | selection of Body | test.go:43:2:43:43 | ... := ...[0] | provenance | MaD:409 |
| test.go:44:24:44:34 | taintedNode | test.go:42:6:42:14 | definition of cleanNode | provenance | MaD:415 |
| test.go:43:31:43:42 | selection of Body | test.go:43:2:43:43 | ... := ...[0] | provenance | MaD:412 |
| test.go:44:24:44:34 | taintedNode | test.go:42:6:42:14 | definition of cleanNode | provenance | MaD:418 |
| test.go:45:22:45:31 | &... | test.go:45:22:45:31 | &... | provenance | |
| test.go:45:22:45:31 | &... | test.go:45:22:45:31 | &... | provenance | |
| test.go:45:22:45:31 | &... | test.go:45:23:45:31 | cleanNode | provenance | |
@@ -46,8 +46,8 @@ edges
| test.go:47:6:47:15 | definition of cleanNode2 | test.go:50:22:50:32 | &... | provenance | |
| test.go:47:6:47:15 | definition of cleanNode2 | test.go:50:23:50:32 | cleanNode2 | provenance | |
| test.go:48:2:48:44 | ... := ...[0] | test.go:49:26:49:37 | taintedNode2 | provenance | |
| test.go:48:32:48:43 | selection of Body | test.go:48:2:48:44 | ... := ...[0] | provenance | MaD:409 |
| test.go:49:26:49:37 | taintedNode2 | test.go:47:6:47:15 | definition of cleanNode2 | provenance | MaD:416 |
| test.go:48:32:48:43 | selection of Body | test.go:48:2:48:44 | ... := ...[0] | provenance | MaD:412 |
| test.go:49:26:49:37 | taintedNode2 | test.go:47:6:47:15 | definition of cleanNode2 | provenance | MaD:419 |
| test.go:50:22:50:32 | &... | test.go:50:22:50:32 | &... | provenance | |
| test.go:50:22:50:32 | &... | test.go:50:22:50:32 | &... | provenance | |
| test.go:50:22:50:32 | &... | test.go:50:23:50:32 | cleanNode2 | provenance | |

View File

@@ -1,6 +1,6 @@
edges
| test.go:56:2:56:42 | ... := ...[0] | test.go:57:29:57:40 | selection of Value | provenance | Src:MaD:667 |
| test.go:57:29:57:40 | selection of Value | test.go:57:11:57:41 | call to EscapeString | provenance | MaD:406 |
| test.go:56:2:56:42 | ... := ...[0] | test.go:57:29:57:40 | selection of Value | provenance | Src:MaD:670 |
| test.go:57:29:57:40 | selection of Value | test.go:57:11:57:41 | call to EscapeString | provenance | MaD:409 |
nodes
| test.go:56:2:56:42 | ... := ...[0] | semmle.label | ... := ...[0] |
| test.go:57:11:57:41 | call to EscapeString | semmle.label | call to EscapeString |

View File

@@ -7,9 +7,9 @@ edges
| UnsafeUnzipSymlinkGood.go:76:70:76:80 | selection of Name | UnsafeUnzipSymlinkGood.go:52:24:52:32 | definition of candidate | provenance | |
| ZipSlip.go:11:2:15:2 | range statement[1] | ZipSlip.go:12:24:12:29 | selection of Name | provenance | |
| ZipSlip.go:12:3:12:30 | ... := ...[0] | ZipSlip.go:14:20:14:20 | p | provenance | |
| ZipSlip.go:12:24:12:29 | selection of Name | ZipSlip.go:12:3:12:30 | ... := ...[0] | provenance | MaD:747 |
| ZipSlip.go:12:24:12:29 | selection of Name | ZipSlip.go:12:3:12:30 | ... := ...[0] | provenance | MaD:750 |
| tarslip.go:15:2:15:30 | ... := ...[0] | tarslip.go:16:23:16:33 | selection of Name | provenance | |
| tarslip.go:16:23:16:33 | selection of Name | tarslip.go:16:14:16:34 | call to Dir | provenance | MaD:762 |
| tarslip.go:16:23:16:33 | selection of Name | tarslip.go:16:14:16:34 | call to Dir | provenance | MaD:765 |
| tst.go:23:2:43:2 | range statement[1] | tst.go:29:20:29:23 | path | provenance | |
nodes
| UnsafeUnzipSymlinkGood.go:52:24:52:32 | definition of candidate | semmle.label | definition of candidate |

View File

@@ -1,27 +1,27 @@
edges
| ArgumentInjection.go:9:10:9:16 | selection of URL | ArgumentInjection.go:9:10:9:24 | call to Query | provenance | MaD:735 |
| ArgumentInjection.go:9:10:9:16 | selection of URL | ArgumentInjection.go:9:10:9:24 | call to Query | provenance | MaD:738 |
| ArgumentInjection.go:9:10:9:24 | call to Query | ArgumentInjection.go:10:31:10:34 | path | provenance | |
| CommandInjection2.go:13:15:13:21 | selection of URL | CommandInjection2.go:13:15:13:29 | call to Query | provenance | MaD:735 |
| CommandInjection2.go:13:15:13:21 | selection of URL | CommandInjection2.go:13:15:13:29 | call to Query | provenance | MaD:738 |
| CommandInjection2.go:13:15:13:29 | call to Query | CommandInjection2.go:15:67:15:75 | imageName | provenance | |
| CommandInjection2.go:15:34:15:88 | []type{args} [array] | CommandInjection2.go:15:34:15:88 | call to Sprintf | provenance | MaD:245 |
| CommandInjection2.go:15:34:15:88 | []type{args} [array] | CommandInjection2.go:15:34:15:88 | call to Sprintf | provenance | MaD:248 |
| CommandInjection2.go:15:67:15:75 | imageName | CommandInjection2.go:15:34:15:88 | []type{args} [array] | provenance | |
| CommandInjection2.go:15:67:15:75 | imageName | CommandInjection2.go:15:34:15:88 | call to Sprintf | provenance | FunctionModel |
| CommandInjection2.go:41:15:41:21 | selection of URL | CommandInjection2.go:41:15:41:29 | call to Query | provenance | MaD:735 |
| CommandInjection2.go:41:15:41:21 | selection of URL | CommandInjection2.go:41:15:41:29 | call to Query | provenance | MaD:738 |
| CommandInjection2.go:41:15:41:29 | call to Query | CommandInjection2.go:44:67:44:75 | imageName | provenance | |
| CommandInjection2.go:44:34:44:88 | []type{args} [array] | CommandInjection2.go:44:34:44:88 | call to Sprintf | provenance | MaD:245 |
| CommandInjection2.go:44:34:44:88 | []type{args} [array] | CommandInjection2.go:44:34:44:88 | call to Sprintf | provenance | MaD:248 |
| CommandInjection2.go:44:67:44:75 | imageName | CommandInjection2.go:44:34:44:88 | []type{args} [array] | provenance | |
| CommandInjection2.go:44:67:44:75 | imageName | CommandInjection2.go:44:34:44:88 | call to Sprintf | provenance | FunctionModel |
| CommandInjection.go:9:13:9:19 | selection of URL | CommandInjection.go:9:13:9:27 | call to Query | provenance | MaD:735 |
| CommandInjection.go:9:13:9:19 | selection of URL | CommandInjection.go:9:13:9:27 | call to Query | provenance | MaD:738 |
| CommandInjection.go:9:13:9:27 | call to Query | CommandInjection.go:10:22:10:28 | cmdName | provenance | |
| GitSubcommands.go:11:13:11:19 | selection of URL | GitSubcommands.go:11:13:11:27 | call to Query | provenance | MaD:735 |
| GitSubcommands.go:11:13:11:19 | selection of URL | GitSubcommands.go:11:13:11:27 | call to Query | provenance | MaD:738 |
| GitSubcommands.go:11:13:11:27 | call to Query | GitSubcommands.go:13:31:13:37 | tainted | provenance | |
| GitSubcommands.go:11:13:11:27 | call to Query | GitSubcommands.go:14:31:14:37 | tainted | provenance | |
| GitSubcommands.go:11:13:11:27 | call to Query | GitSubcommands.go:15:30:15:36 | tainted | provenance | |
| GitSubcommands.go:11:13:11:27 | call to Query | GitSubcommands.go:16:35:16:41 | tainted | provenance | |
| GitSubcommands.go:11:13:11:27 | call to Query | GitSubcommands.go:17:36:17:42 | tainted | provenance | |
| GitSubcommands.go:33:13:33:19 | selection of URL | GitSubcommands.go:33:13:33:27 | call to Query | provenance | MaD:735 |
| GitSubcommands.go:33:13:33:19 | selection of URL | GitSubcommands.go:33:13:33:27 | call to Query | provenance | MaD:738 |
| GitSubcommands.go:33:13:33:27 | call to Query | GitSubcommands.go:38:32:38:38 | tainted | provenance | |
| SanitizingDoubleDash.go:9:13:9:19 | selection of URL | SanitizingDoubleDash.go:9:13:9:27 | call to Query | provenance | MaD:735 |
| SanitizingDoubleDash.go:9:13:9:19 | selection of URL | SanitizingDoubleDash.go:9:13:9:27 | call to Query | provenance | MaD:738 |
| SanitizingDoubleDash.go:9:13:9:27 | call to Query | SanitizingDoubleDash.go:13:25:13:31 | tainted | provenance | |
| SanitizingDoubleDash.go:9:13:9:27 | call to Query | SanitizingDoubleDash.go:14:23:14:33 | slice expression | provenance | |
| SanitizingDoubleDash.go:9:13:9:27 | call to Query | SanitizingDoubleDash.go:39:31:39:37 | tainted | provenance | |
@@ -34,31 +34,29 @@ edges
| SanitizingDoubleDash.go:14:23:14:30 | arrayLit [array] | SanitizingDoubleDash.go:14:23:14:33 | slice element node | provenance | |
| SanitizingDoubleDash.go:14:23:14:33 | slice element node | SanitizingDoubleDash.go:14:23:14:33 | slice expression [array] | provenance | |
| SanitizingDoubleDash.go:14:23:14:33 | slice expression [array] | SanitizingDoubleDash.go:14:23:14:33 | slice expression | provenance | |
| SanitizingDoubleDash.go:39:14:39:44 | []type{args} [array] | SanitizingDoubleDash.go:39:14:39:44 | call to append | provenance | MaD:29 |
| SanitizingDoubleDash.go:39:14:39:44 | []type{args} [array] | SanitizingDoubleDash.go:39:14:39:44 | call to append [array] | provenance | MaD:29 |
| SanitizingDoubleDash.go:39:14:39:44 | []type{args} [array] | SanitizingDoubleDash.go:39:14:39:44 | call to append | provenance | MaD:31 |
| SanitizingDoubleDash.go:39:14:39:44 | []type{args} [array] | SanitizingDoubleDash.go:39:14:39:44 | call to append [array] | provenance | MaD:31 |
| SanitizingDoubleDash.go:39:14:39:44 | call to append | SanitizingDoubleDash.go:40:23:40:30 | arrayLit | provenance | |
| SanitizingDoubleDash.go:39:14:39:44 | call to append [array] | SanitizingDoubleDash.go:40:23:40:30 | arrayLit | provenance | |
| SanitizingDoubleDash.go:39:31:39:37 | tainted | SanitizingDoubleDash.go:39:14:39:44 | []type{args} [array] | provenance | |
| SanitizingDoubleDash.go:39:31:39:37 | tainted | SanitizingDoubleDash.go:39:14:39:44 | call to append | provenance | FunctionModel |
| SanitizingDoubleDash.go:52:15:52:31 | slice literal [array] | SanitizingDoubleDash.go:53:21:53:28 | arrayLit [array] | provenance | |
| SanitizingDoubleDash.go:52:24:52:30 | tainted | SanitizingDoubleDash.go:52:15:52:31 | slice literal [array] | provenance | |
| SanitizingDoubleDash.go:53:14:53:35 | call to append | SanitizingDoubleDash.go:54:23:54:30 | arrayLit | provenance | |
| SanitizingDoubleDash.go:53:14:53:35 | call to append [array] | SanitizingDoubleDash.go:54:23:54:30 | arrayLit | provenance | |
| SanitizingDoubleDash.go:53:21:53:28 | arrayLit | SanitizingDoubleDash.go:53:14:53:35 | call to append | provenance | FunctionModel |
| SanitizingDoubleDash.go:53:21:53:28 | arrayLit [array] | SanitizingDoubleDash.go:53:14:53:35 | call to append | provenance | MaD:28 |
| SanitizingDoubleDash.go:53:21:53:28 | arrayLit [array] | SanitizingDoubleDash.go:53:14:53:35 | call to append [array] | provenance | MaD:28 |
| SanitizingDoubleDash.go:68:14:68:38 | []type{args} [array] | SanitizingDoubleDash.go:68:14:68:38 | call to append | provenance | MaD:29 |
| SanitizingDoubleDash.go:68:14:68:38 | []type{args} [array] | SanitizingDoubleDash.go:68:14:68:38 | call to append [array] | provenance | MaD:29 |
| SanitizingDoubleDash.go:53:21:53:28 | arrayLit | SanitizingDoubleDash.go:53:14:53:35 | call to append | provenance | MaD:28 |
| SanitizingDoubleDash.go:53:21:53:28 | arrayLit [array] | SanitizingDoubleDash.go:53:14:53:35 | call to append | provenance | MaD:29 |
| SanitizingDoubleDash.go:53:21:53:28 | arrayLit [array] | SanitizingDoubleDash.go:53:14:53:35 | call to append [array] | provenance | MaD:29 |
| SanitizingDoubleDash.go:68:14:68:38 | []type{args} [array] | SanitizingDoubleDash.go:68:14:68:38 | call to append | provenance | MaD:31 |
| SanitizingDoubleDash.go:68:14:68:38 | []type{args} [array] | SanitizingDoubleDash.go:68:14:68:38 | call to append [array] | provenance | MaD:31 |
| SanitizingDoubleDash.go:68:14:68:38 | call to append | SanitizingDoubleDash.go:69:21:69:28 | arrayLit | provenance | |
| SanitizingDoubleDash.go:68:14:68:38 | call to append [array] | SanitizingDoubleDash.go:69:21:69:28 | arrayLit [array] | provenance | |
| SanitizingDoubleDash.go:68:31:68:37 | tainted | SanitizingDoubleDash.go:68:14:68:38 | []type{args} [array] | provenance | |
| SanitizingDoubleDash.go:68:31:68:37 | tainted | SanitizingDoubleDash.go:68:14:68:38 | call to append | provenance | FunctionModel |
| SanitizingDoubleDash.go:69:14:69:35 | call to append | SanitizingDoubleDash.go:70:23:70:30 | arrayLit | provenance | |
| SanitizingDoubleDash.go:69:14:69:35 | call to append [array] | SanitizingDoubleDash.go:70:23:70:30 | arrayLit | provenance | |
| SanitizingDoubleDash.go:69:21:69:28 | arrayLit | SanitizingDoubleDash.go:69:14:69:35 | call to append | provenance | FunctionModel |
| SanitizingDoubleDash.go:69:21:69:28 | arrayLit [array] | SanitizingDoubleDash.go:69:14:69:35 | call to append | provenance | MaD:28 |
| SanitizingDoubleDash.go:69:21:69:28 | arrayLit [array] | SanitizingDoubleDash.go:69:14:69:35 | call to append [array] | provenance | MaD:28 |
| SanitizingDoubleDash.go:92:13:92:19 | selection of URL | SanitizingDoubleDash.go:92:13:92:27 | call to Query | provenance | MaD:735 |
| SanitizingDoubleDash.go:69:21:69:28 | arrayLit | SanitizingDoubleDash.go:69:14:69:35 | call to append | provenance | MaD:28 |
| SanitizingDoubleDash.go:69:21:69:28 | arrayLit [array] | SanitizingDoubleDash.go:69:14:69:35 | call to append | provenance | MaD:29 |
| SanitizingDoubleDash.go:69:21:69:28 | arrayLit [array] | SanitizingDoubleDash.go:69:14:69:35 | call to append [array] | provenance | MaD:29 |
| SanitizingDoubleDash.go:92:13:92:19 | selection of URL | SanitizingDoubleDash.go:92:13:92:27 | call to Query | provenance | MaD:738 |
| SanitizingDoubleDash.go:92:13:92:27 | call to Query | SanitizingDoubleDash.go:95:25:95:31 | tainted | provenance | |
| SanitizingDoubleDash.go:92:13:92:27 | call to Query | SanitizingDoubleDash.go:96:24:96:34 | slice expression | provenance | |
| SanitizingDoubleDash.go:92:13:92:27 | call to Query | SanitizingDoubleDash.go:100:31:100:37 | tainted | provenance | |
@@ -86,48 +84,43 @@ edges
| SanitizingDoubleDash.go:101:24:101:34 | slice expression [array] | SanitizingDoubleDash.go:101:24:101:34 | slice expression | provenance | |
| SanitizingDoubleDash.go:105:15:105:37 | slice literal [array] | SanitizingDoubleDash.go:106:24:106:31 | arrayLit | provenance | |
| SanitizingDoubleDash.go:105:30:105:36 | tainted | SanitizingDoubleDash.go:105:15:105:37 | slice literal [array] | provenance | |
| SanitizingDoubleDash.go:111:14:111:44 | []type{args} [array] | SanitizingDoubleDash.go:111:14:111:44 | call to append | provenance | MaD:29 |
| SanitizingDoubleDash.go:111:14:111:44 | []type{args} [array] | SanitizingDoubleDash.go:111:14:111:44 | call to append [array] | provenance | MaD:29 |
| SanitizingDoubleDash.go:111:14:111:44 | []type{args} [array] | SanitizingDoubleDash.go:111:14:111:44 | call to append | provenance | MaD:31 |
| SanitizingDoubleDash.go:111:14:111:44 | []type{args} [array] | SanitizingDoubleDash.go:111:14:111:44 | call to append [array] | provenance | MaD:31 |
| SanitizingDoubleDash.go:111:14:111:44 | call to append | SanitizingDoubleDash.go:112:24:112:31 | arrayLit | provenance | |
| SanitizingDoubleDash.go:111:14:111:44 | call to append [array] | SanitizingDoubleDash.go:112:24:112:31 | arrayLit | provenance | |
| SanitizingDoubleDash.go:111:37:111:43 | tainted | SanitizingDoubleDash.go:111:14:111:44 | []type{args} [array] | provenance | |
| SanitizingDoubleDash.go:111:37:111:43 | tainted | SanitizingDoubleDash.go:111:14:111:44 | call to append | provenance | FunctionModel |
| SanitizingDoubleDash.go:117:14:117:44 | []type{args} [array] | SanitizingDoubleDash.go:117:14:117:44 | call to append | provenance | MaD:29 |
| SanitizingDoubleDash.go:117:14:117:44 | []type{args} [array] | SanitizingDoubleDash.go:117:14:117:44 | call to append [array] | provenance | MaD:29 |
| SanitizingDoubleDash.go:117:14:117:44 | []type{args} [array] | SanitizingDoubleDash.go:117:14:117:44 | call to append | provenance | MaD:31 |
| SanitizingDoubleDash.go:117:14:117:44 | []type{args} [array] | SanitizingDoubleDash.go:117:14:117:44 | call to append [array] | provenance | MaD:31 |
| SanitizingDoubleDash.go:117:14:117:44 | call to append | SanitizingDoubleDash.go:118:24:118:31 | arrayLit | provenance | |
| SanitizingDoubleDash.go:117:14:117:44 | call to append [array] | SanitizingDoubleDash.go:118:24:118:31 | arrayLit | provenance | |
| SanitizingDoubleDash.go:117:31:117:37 | tainted | SanitizingDoubleDash.go:117:14:117:44 | []type{args} [array] | provenance | |
| SanitizingDoubleDash.go:117:31:117:37 | tainted | SanitizingDoubleDash.go:117:14:117:44 | call to append | provenance | FunctionModel |
| SanitizingDoubleDash.go:123:14:123:38 | []type{args} [array] | SanitizingDoubleDash.go:123:14:123:38 | call to append | provenance | MaD:29 |
| SanitizingDoubleDash.go:123:14:123:38 | []type{args} [array] | SanitizingDoubleDash.go:123:14:123:38 | call to append [array] | provenance | MaD:29 |
| SanitizingDoubleDash.go:123:14:123:38 | []type{args} [array] | SanitizingDoubleDash.go:123:14:123:38 | call to append | provenance | MaD:31 |
| SanitizingDoubleDash.go:123:14:123:38 | []type{args} [array] | SanitizingDoubleDash.go:123:14:123:38 | call to append [array] | provenance | MaD:31 |
| SanitizingDoubleDash.go:123:14:123:38 | call to append | SanitizingDoubleDash.go:124:24:124:31 | arrayLit | provenance | |
| SanitizingDoubleDash.go:123:14:123:38 | call to append [array] | SanitizingDoubleDash.go:124:24:124:31 | arrayLit | provenance | |
| SanitizingDoubleDash.go:123:31:123:37 | tainted | SanitizingDoubleDash.go:123:14:123:38 | []type{args} [array] | provenance | |
| SanitizingDoubleDash.go:123:31:123:37 | tainted | SanitizingDoubleDash.go:123:14:123:38 | call to append | provenance | FunctionModel |
| SanitizingDoubleDash.go:128:15:128:31 | slice literal [array] | SanitizingDoubleDash.go:129:21:129:28 | arrayLit [array] | provenance | |
| SanitizingDoubleDash.go:128:24:128:30 | tainted | SanitizingDoubleDash.go:128:15:128:31 | slice literal [array] | provenance | |
| SanitizingDoubleDash.go:129:14:129:35 | call to append | SanitizingDoubleDash.go:130:24:130:31 | arrayLit | provenance | |
| SanitizingDoubleDash.go:129:14:129:35 | call to append [array] | SanitizingDoubleDash.go:130:24:130:31 | arrayLit | provenance | |
| SanitizingDoubleDash.go:129:21:129:28 | arrayLit | SanitizingDoubleDash.go:129:14:129:35 | call to append | provenance | FunctionModel |
| SanitizingDoubleDash.go:129:21:129:28 | arrayLit [array] | SanitizingDoubleDash.go:129:14:129:35 | call to append | provenance | MaD:28 |
| SanitizingDoubleDash.go:129:21:129:28 | arrayLit [array] | SanitizingDoubleDash.go:129:14:129:35 | call to append [array] | provenance | MaD:28 |
| SanitizingDoubleDash.go:136:14:136:38 | []type{args} [array] | SanitizingDoubleDash.go:136:14:136:38 | call to append | provenance | MaD:29 |
| SanitizingDoubleDash.go:136:14:136:38 | []type{args} [array] | SanitizingDoubleDash.go:136:14:136:38 | call to append [array] | provenance | MaD:29 |
| SanitizingDoubleDash.go:129:21:129:28 | arrayLit | SanitizingDoubleDash.go:129:14:129:35 | call to append | provenance | MaD:28 |
| SanitizingDoubleDash.go:129:21:129:28 | arrayLit [array] | SanitizingDoubleDash.go:129:14:129:35 | call to append | provenance | MaD:29 |
| SanitizingDoubleDash.go:129:21:129:28 | arrayLit [array] | SanitizingDoubleDash.go:129:14:129:35 | call to append [array] | provenance | MaD:29 |
| SanitizingDoubleDash.go:136:14:136:38 | []type{args} [array] | SanitizingDoubleDash.go:136:14:136:38 | call to append | provenance | MaD:31 |
| SanitizingDoubleDash.go:136:14:136:38 | []type{args} [array] | SanitizingDoubleDash.go:136:14:136:38 | call to append [array] | provenance | MaD:31 |
| SanitizingDoubleDash.go:136:14:136:38 | call to append | SanitizingDoubleDash.go:137:24:137:31 | arrayLit | provenance | |
| SanitizingDoubleDash.go:136:14:136:38 | call to append [array] | SanitizingDoubleDash.go:137:24:137:31 | arrayLit | provenance | |
| SanitizingDoubleDash.go:136:31:136:37 | tainted | SanitizingDoubleDash.go:136:14:136:38 | []type{args} [array] | provenance | |
| SanitizingDoubleDash.go:136:31:136:37 | tainted | SanitizingDoubleDash.go:136:14:136:38 | call to append | provenance | FunctionModel |
| SanitizingDoubleDash.go:142:14:142:38 | []type{args} [array] | SanitizingDoubleDash.go:142:14:142:38 | call to append | provenance | MaD:29 |
| SanitizingDoubleDash.go:142:14:142:38 | []type{args} [array] | SanitizingDoubleDash.go:142:14:142:38 | call to append [array] | provenance | MaD:29 |
| SanitizingDoubleDash.go:142:14:142:38 | []type{args} [array] | SanitizingDoubleDash.go:142:14:142:38 | call to append | provenance | MaD:31 |
| SanitizingDoubleDash.go:142:14:142:38 | []type{args} [array] | SanitizingDoubleDash.go:142:14:142:38 | call to append [array] | provenance | MaD:31 |
| SanitizingDoubleDash.go:142:14:142:38 | call to append | SanitizingDoubleDash.go:143:21:143:28 | arrayLit | provenance | |
| SanitizingDoubleDash.go:142:14:142:38 | call to append [array] | SanitizingDoubleDash.go:143:21:143:28 | arrayLit [array] | provenance | |
| SanitizingDoubleDash.go:142:31:142:37 | tainted | SanitizingDoubleDash.go:142:14:142:38 | []type{args} [array] | provenance | |
| SanitizingDoubleDash.go:142:31:142:37 | tainted | SanitizingDoubleDash.go:142:14:142:38 | call to append | provenance | FunctionModel |
| SanitizingDoubleDash.go:143:14:143:35 | call to append | SanitizingDoubleDash.go:144:24:144:31 | arrayLit | provenance | |
| SanitizingDoubleDash.go:143:14:143:35 | call to append [array] | SanitizingDoubleDash.go:144:24:144:31 | arrayLit | provenance | |
| SanitizingDoubleDash.go:143:21:143:28 | arrayLit | SanitizingDoubleDash.go:143:14:143:35 | call to append | provenance | FunctionModel |
| SanitizingDoubleDash.go:143:21:143:28 | arrayLit [array] | SanitizingDoubleDash.go:143:14:143:35 | call to append | provenance | MaD:28 |
| SanitizingDoubleDash.go:143:21:143:28 | arrayLit [array] | SanitizingDoubleDash.go:143:14:143:35 | call to append [array] | provenance | MaD:28 |
| SanitizingDoubleDash.go:143:21:143:28 | arrayLit | SanitizingDoubleDash.go:143:14:143:35 | call to append | provenance | MaD:28 |
| SanitizingDoubleDash.go:143:21:143:28 | arrayLit [array] | SanitizingDoubleDash.go:143:14:143:35 | call to append | provenance | MaD:29 |
| SanitizingDoubleDash.go:143:21:143:28 | arrayLit [array] | SanitizingDoubleDash.go:143:14:143:35 | call to append [array] | provenance | MaD:29 |
nodes
| ArgumentInjection.go:9:10:9:16 | selection of URL | semmle.label | selection of URL |
| ArgumentInjection.go:9:10:9:24 | call to Query | semmle.label | call to Query |

View File

@@ -1,45 +1,45 @@
edges
| ReflectedXss.go:11:15:11:20 | selection of Form | ReflectedXss.go:11:15:11:36 | call to Get | provenance | MaD:742 |
| ReflectedXss.go:11:15:11:20 | selection of Form | ReflectedXss.go:11:15:11:36 | call to Get | provenance | MaD:745 |
| ReflectedXss.go:11:15:11:36 | call to Get | ReflectedXss.go:14:44:14:51 | username | provenance | |
| contenttype.go:11:11:11:16 | selection of Form | contenttype.go:11:11:11:28 | call to Get | provenance | MaD:742 |
| contenttype.go:11:11:11:16 | selection of Form | contenttype.go:11:11:11:28 | call to Get | provenance | MaD:745 |
| contenttype.go:11:11:11:28 | call to Get | contenttype.go:17:11:17:22 | type conversion | provenance | |
| contenttype.go:49:11:49:16 | selection of Form | contenttype.go:49:11:49:28 | call to Get | provenance | MaD:742 |
| contenttype.go:49:11:49:16 | selection of Form | contenttype.go:49:11:49:28 | call to Get | provenance | MaD:745 |
| contenttype.go:49:11:49:28 | call to Get | contenttype.go:53:34:53:37 | data | provenance | |
| contenttype.go:63:10:63:28 | call to FormValue | contenttype.go:64:52:64:55 | data | provenance | Src:MaD:670 |
| contenttype.go:73:10:73:28 | call to FormValue | contenttype.go:79:11:79:14 | data | provenance | Src:MaD:670 |
| contenttype.go:88:10:88:28 | call to FormValue | contenttype.go:91:4:91:7 | data | provenance | Src:MaD:670 |
| contenttype.go:113:10:113:28 | call to FormValue | contenttype.go:114:50:114:53 | data | provenance | Src:MaD:670 |
| reflectedxsstest.go:31:2:31:44 | ... := ...[0] | reflectedxsstest.go:32:34:32:37 | file | provenance | Src:MaD:669 |
| reflectedxsstest.go:31:2:31:44 | ... := ...[1] | reflectedxsstest.go:34:46:34:60 | selection of Filename | provenance | Src:MaD:669 |
| contenttype.go:63:10:63:28 | call to FormValue | contenttype.go:64:52:64:55 | data | provenance | Src:MaD:673 |
| contenttype.go:73:10:73:28 | call to FormValue | contenttype.go:79:11:79:14 | data | provenance | Src:MaD:673 |
| contenttype.go:88:10:88:28 | call to FormValue | contenttype.go:91:4:91:7 | data | provenance | Src:MaD:673 |
| contenttype.go:113:10:113:28 | call to FormValue | contenttype.go:114:50:114:53 | data | provenance | Src:MaD:673 |
| reflectedxsstest.go:31:2:31:44 | ... := ...[0] | reflectedxsstest.go:32:34:32:37 | file | provenance | Src:MaD:672 |
| reflectedxsstest.go:31:2:31:44 | ... := ...[1] | reflectedxsstest.go:34:46:34:60 | selection of Filename | provenance | Src:MaD:672 |
| reflectedxsstest.go:32:2:32:38 | ... := ...[0] | reflectedxsstest.go:33:49:33:55 | content | provenance | |
| reflectedxsstest.go:32:34:32:37 | file | reflectedxsstest.go:32:2:32:38 | ... := ...[0] | provenance | MaD:540 |
| reflectedxsstest.go:33:17:33:56 | []type{args} [array] | reflectedxsstest.go:33:17:33:56 | call to Sprintf | provenance | MaD:245 |
| reflectedxsstest.go:32:34:32:37 | file | reflectedxsstest.go:32:2:32:38 | ... := ...[0] | provenance | MaD:543 |
| reflectedxsstest.go:33:17:33:56 | []type{args} [array] | reflectedxsstest.go:33:17:33:56 | call to Sprintf | provenance | MaD:248 |
| reflectedxsstest.go:33:17:33:56 | call to Sprintf | reflectedxsstest.go:33:10:33:57 | type conversion | provenance | |
| reflectedxsstest.go:33:49:33:55 | content | reflectedxsstest.go:33:17:33:56 | []type{args} [array] | provenance | |
| reflectedxsstest.go:33:49:33:55 | content | reflectedxsstest.go:33:17:33:56 | call to Sprintf | provenance | FunctionModel |
| reflectedxsstest.go:34:17:34:61 | []type{args} [array] | reflectedxsstest.go:34:17:34:61 | call to Sprintf | provenance | MaD:245 |
| reflectedxsstest.go:34:17:34:61 | []type{args} [array] | reflectedxsstest.go:34:17:34:61 | call to Sprintf | provenance | MaD:248 |
| reflectedxsstest.go:34:17:34:61 | call to Sprintf | reflectedxsstest.go:34:10:34:62 | type conversion | provenance | |
| reflectedxsstest.go:34:46:34:60 | selection of Filename | reflectedxsstest.go:34:17:34:61 | []type{args} [array] | provenance | |
| reflectedxsstest.go:34:46:34:60 | selection of Filename | reflectedxsstest.go:34:17:34:61 | call to Sprintf | provenance | FunctionModel |
| reflectedxsstest.go:38:2:38:35 | ... := ...[0] | reflectedxsstest.go:39:16:39:21 | reader | provenance | Src:MaD:671 |
| reflectedxsstest.go:38:2:38:35 | ... := ...[0] | reflectedxsstest.go:39:16:39:21 | reader | provenance | Src:MaD:674 |
| reflectedxsstest.go:39:2:39:32 | ... := ...[0] | reflectedxsstest.go:40:14:40:17 | part | provenance | |
| reflectedxsstest.go:39:2:39:32 | ... := ...[0] | reflectedxsstest.go:42:2:42:5 | part | provenance | |
| reflectedxsstest.go:39:16:39:21 | reader | reflectedxsstest.go:39:2:39:32 | ... := ...[0] | provenance | MaD:630 |
| reflectedxsstest.go:40:14:40:17 | part | reflectedxsstest.go:40:14:40:28 | call to FileName | provenance | MaD:628 |
| reflectedxsstest.go:39:16:39:21 | reader | reflectedxsstest.go:39:2:39:32 | ... := ...[0] | provenance | MaD:633 |
| reflectedxsstest.go:40:14:40:17 | part | reflectedxsstest.go:40:14:40:28 | call to FileName | provenance | MaD:631 |
| reflectedxsstest.go:40:14:40:28 | call to FileName | reflectedxsstest.go:44:46:44:53 | partName | provenance | |
| reflectedxsstest.go:41:2:41:10 | definition of byteSlice | reflectedxsstest.go:45:10:45:18 | byteSlice | provenance | |
| reflectedxsstest.go:42:2:42:5 | part | reflectedxsstest.go:41:2:41:10 | definition of byteSlice | provenance | MaD:553 |
| reflectedxsstest.go:44:17:44:54 | []type{args} [array] | reflectedxsstest.go:44:17:44:54 | call to Sprintf | provenance | MaD:245 |
| reflectedxsstest.go:42:2:42:5 | part | reflectedxsstest.go:41:2:41:10 | definition of byteSlice | provenance | MaD:556 |
| reflectedxsstest.go:44:17:44:54 | []type{args} [array] | reflectedxsstest.go:44:17:44:54 | call to Sprintf | provenance | MaD:248 |
| reflectedxsstest.go:44:17:44:54 | call to Sprintf | reflectedxsstest.go:44:10:44:55 | type conversion | provenance | |
| reflectedxsstest.go:44:46:44:53 | partName | reflectedxsstest.go:44:17:44:54 | []type{args} [array] | provenance | |
| reflectedxsstest.go:44:46:44:53 | partName | reflectedxsstest.go:44:17:44:54 | call to Sprintf | provenance | FunctionModel |
| reflectedxsstest.go:51:14:51:18 | selection of URL | reflectedxsstest.go:51:14:51:26 | call to Query | provenance | MaD:735 |
| reflectedxsstest.go:51:14:51:18 | selection of URL | reflectedxsstest.go:51:14:51:26 | call to Query | provenance | MaD:738 |
| reflectedxsstest.go:51:14:51:26 | call to Query | reflectedxsstest.go:54:11:54:21 | type conversion | provenance | |
| tst.go:14:15:14:20 | selection of Form | tst.go:14:15:14:36 | call to Get | provenance | MaD:742 |
| tst.go:14:15:14:20 | selection of Form | tst.go:14:15:14:36 | call to Get | provenance | MaD:745 |
| tst.go:14:15:14:36 | call to Get | tst.go:18:32:18:32 | a | provenance | |
| tst.go:18:19:18:38 | call to Join | tst.go:18:12:18:39 | type conversion | provenance | |
| tst.go:18:32:18:32 | a | tst.go:18:19:18:38 | call to Join | provenance | MaD:834 |
| tst.go:48:14:48:19 | selection of Form | tst.go:48:14:48:34 | call to Get | provenance | MaD:742 |
| tst.go:18:32:18:32 | a | tst.go:18:19:18:38 | call to Join | provenance | MaD:837 |
| tst.go:48:14:48:19 | selection of Form | tst.go:48:14:48:34 | call to Get | provenance | MaD:745 |
| tst.go:48:14:48:34 | call to Get | tst.go:53:12:53:26 | type conversion | provenance | |
| websocketXss.go:30:7:30:10 | definition of xnet | websocketXss.go:32:24:32:27 | xnet | provenance | |
| websocketXss.go:34:3:34:7 | definition of xnet2 | websocketXss.go:36:24:36:28 | xnet2 | provenance | |

View File

@@ -1,50 +1,50 @@
edges
| SqlInjection.go:10:7:11:30 | []type{args} [array] | SqlInjection.go:10:7:11:30 | call to Sprintf | provenance | MaD:245 |
| SqlInjection.go:10:7:11:30 | []type{args} [array] | SqlInjection.go:10:7:11:30 | call to Sprintf | provenance | MaD:248 |
| SqlInjection.go:10:7:11:30 | call to Sprintf | SqlInjection.go:12:11:12:11 | q | provenance | |
| SqlInjection.go:11:3:11:9 | selection of URL | SqlInjection.go:11:3:11:17 | call to Query | provenance | MaD:735 |
| SqlInjection.go:11:3:11:9 | selection of URL | SqlInjection.go:11:3:11:17 | call to Query | provenance | MaD:738 |
| SqlInjection.go:11:3:11:17 | call to Query | SqlInjection.go:11:3:11:29 | index expression | provenance | |
| SqlInjection.go:11:3:11:29 | index expression | SqlInjection.go:10:7:11:30 | []type{args} [array] | provenance | |
| SqlInjection.go:11:3:11:29 | index expression | SqlInjection.go:10:7:11:30 | call to Sprintf | provenance | FunctionModel |
| issue48.go:17:2:17:33 | ... := ...[0] | issue48.go:18:17:18:17 | b | provenance | |
| issue48.go:17:25:17:32 | selection of Body | issue48.go:17:2:17:33 | ... := ...[0] | provenance | MaD:540 |
| issue48.go:18:17:18:17 | b | issue48.go:18:20:18:39 | &... | provenance | MaD:184 |
| issue48.go:17:25:17:32 | selection of Body | issue48.go:17:2:17:33 | ... := ...[0] | provenance | MaD:543 |
| issue48.go:18:17:18:17 | b | issue48.go:18:20:18:39 | &... | provenance | MaD:187 |
| issue48.go:18:20:18:39 | &... | issue48.go:21:3:21:33 | index expression | provenance | |
| issue48.go:20:8:21:34 | []type{args} [array] | issue48.go:20:8:21:34 | call to Sprintf | provenance | MaD:245 |
| issue48.go:20:8:21:34 | []type{args} [array] | issue48.go:20:8:21:34 | call to Sprintf | provenance | MaD:248 |
| issue48.go:20:8:21:34 | call to Sprintf | issue48.go:22:11:22:12 | q3 | provenance | |
| issue48.go:21:3:21:33 | index expression | issue48.go:20:8:21:34 | []type{args} [array] | provenance | |
| issue48.go:21:3:21:33 | index expression | issue48.go:20:8:21:34 | call to Sprintf | provenance | FunctionModel |
| issue48.go:27:2:27:34 | ... := ...[0] | issue48.go:28:17:28:18 | b2 | provenance | |
| issue48.go:27:26:27:33 | selection of Body | issue48.go:27:2:27:34 | ... := ...[0] | provenance | MaD:540 |
| issue48.go:28:17:28:18 | b2 | issue48.go:28:21:28:41 | &... | provenance | MaD:184 |
| issue48.go:27:26:27:33 | selection of Body | issue48.go:27:2:27:34 | ... := ...[0] | provenance | MaD:543 |
| issue48.go:28:17:28:18 | b2 | issue48.go:28:21:28:41 | &... | provenance | MaD:187 |
| issue48.go:28:21:28:41 | &... | issue48.go:31:3:31:31 | selection of Category | provenance | |
| issue48.go:30:8:31:32 | []type{args} [array] | issue48.go:30:8:31:32 | call to Sprintf | provenance | MaD:245 |
| issue48.go:30:8:31:32 | []type{args} [array] | issue48.go:30:8:31:32 | call to Sprintf | provenance | MaD:248 |
| issue48.go:30:8:31:32 | call to Sprintf | issue48.go:32:11:32:12 | q4 | provenance | |
| issue48.go:31:3:31:31 | selection of Category | issue48.go:30:8:31:32 | []type{args} [array] | provenance | |
| issue48.go:31:3:31:31 | selection of Category | issue48.go:30:8:31:32 | call to Sprintf | provenance | FunctionModel |
| issue48.go:37:17:37:50 | type conversion | issue48.go:37:53:37:73 | &... | provenance | MaD:184 |
| issue48.go:37:24:37:30 | selection of URL | issue48.go:37:24:37:38 | call to Query | provenance | MaD:735 |
| issue48.go:37:17:37:50 | type conversion | issue48.go:37:53:37:73 | &... | provenance | MaD:187 |
| issue48.go:37:24:37:30 | selection of URL | issue48.go:37:24:37:38 | call to Query | provenance | MaD:738 |
| issue48.go:37:24:37:38 | call to Query | issue48.go:37:17:37:50 | type conversion | provenance | |
| issue48.go:37:53:37:73 | &... | issue48.go:40:3:40:31 | selection of Category | provenance | |
| issue48.go:39:8:40:32 | []type{args} [array] | issue48.go:39:8:40:32 | call to Sprintf | provenance | MaD:245 |
| issue48.go:39:8:40:32 | []type{args} [array] | issue48.go:39:8:40:32 | call to Sprintf | provenance | MaD:248 |
| issue48.go:39:8:40:32 | call to Sprintf | issue48.go:41:11:41:12 | q5 | provenance | |
| issue48.go:40:3:40:31 | selection of Category | issue48.go:39:8:40:32 | []type{args} [array] | provenance | |
| issue48.go:40:3:40:31 | selection of Category | issue48.go:39:8:40:32 | call to Sprintf | provenance | FunctionModel |
| main.go:11:11:11:16 | selection of Form | main.go:11:11:11:28 | index expression | provenance | |
| main.go:15:11:15:84 | []type{args} [array] | main.go:15:11:15:84 | call to Sprintf | provenance | MaD:245 |
| main.go:15:63:15:67 | selection of URL | main.go:15:63:15:75 | call to Query | provenance | MaD:735 |
| main.go:15:11:15:84 | []type{args} [array] | main.go:15:11:15:84 | call to Sprintf | provenance | MaD:248 |
| main.go:15:63:15:67 | selection of URL | main.go:15:63:15:75 | call to Query | provenance | MaD:738 |
| main.go:15:63:15:75 | call to Query | main.go:15:63:15:83 | index expression | provenance | |
| main.go:15:63:15:83 | index expression | main.go:15:11:15:84 | []type{args} [array] | provenance | |
| main.go:15:63:15:83 | index expression | main.go:15:11:15:84 | call to Sprintf | provenance | FunctionModel |
| main.go:16:11:16:85 | []type{args} [array] | main.go:16:11:16:85 | call to Sprintf | provenance | MaD:245 |
| main.go:16:63:16:70 | selection of Header | main.go:16:63:16:84 | call to Get | provenance | MaD:655 |
| main.go:16:11:16:85 | []type{args} [array] | main.go:16:11:16:85 | call to Sprintf | provenance | MaD:248 |
| main.go:16:63:16:70 | selection of Header | main.go:16:63:16:84 | call to Get | provenance | MaD:658 |
| main.go:16:63:16:84 | call to Get | main.go:16:11:16:85 | []type{args} [array] | provenance | |
| main.go:16:63:16:84 | call to Get | main.go:16:11:16:85 | call to Sprintf | provenance | FunctionModel |
| main.go:28:17:31:2 | &... [pointer, Category] | main.go:34:3:34:13 | RequestData [pointer, Category] | provenance | |
| main.go:28:18:31:2 | struct literal [Category] | main.go:28:17:31:2 | &... [pointer, Category] | provenance | |
| main.go:30:13:30:19 | selection of URL | main.go:30:13:30:27 | call to Query | provenance | MaD:735 |
| main.go:30:13:30:19 | selection of URL | main.go:30:13:30:27 | call to Query | provenance | MaD:738 |
| main.go:30:13:30:27 | call to Query | main.go:30:13:30:39 | index expression | provenance | |
| main.go:30:13:30:39 | index expression | main.go:28:18:31:2 | struct literal [Category] | provenance | |
| main.go:33:7:34:23 | []type{args} [array] | main.go:33:7:34:23 | call to Sprintf | provenance | MaD:245 |
| main.go:33:7:34:23 | []type{args} [array] | main.go:33:7:34:23 | call to Sprintf | provenance | MaD:248 |
| main.go:33:7:34:23 | call to Sprintf | main.go:35:11:35:11 | q | provenance | |
| main.go:34:3:34:13 | RequestData [pointer, Category] | main.go:34:3:34:13 | implicit dereference [Category] | provenance | |
| main.go:34:3:34:13 | implicit dereference [Category] | main.go:34:3:34:22 | selection of Category | provenance | |
@@ -54,10 +54,10 @@ edges
| main.go:39:2:39:12 | definition of RequestData [pointer, Category] | main.go:43:3:43:13 | RequestData [pointer, Category] | provenance | |
| main.go:40:2:40:12 | RequestData [pointer, Category] | main.go:40:2:40:12 | implicit dereference [Category] | provenance | |
| main.go:40:2:40:12 | implicit dereference [Category] | main.go:39:2:39:12 | definition of RequestData [pointer, Category] | provenance | |
| main.go:40:25:40:31 | selection of URL | main.go:40:25:40:39 | call to Query | provenance | MaD:735 |
| main.go:40:25:40:31 | selection of URL | main.go:40:25:40:39 | call to Query | provenance | MaD:738 |
| main.go:40:25:40:39 | call to Query | main.go:40:25:40:51 | index expression | provenance | |
| main.go:40:25:40:51 | index expression | main.go:40:2:40:12 | implicit dereference [Category] | provenance | |
| main.go:42:7:43:23 | []type{args} [array] | main.go:42:7:43:23 | call to Sprintf | provenance | MaD:245 |
| main.go:42:7:43:23 | []type{args} [array] | main.go:42:7:43:23 | call to Sprintf | provenance | MaD:248 |
| main.go:42:7:43:23 | call to Sprintf | main.go:44:11:44:11 | q | provenance | |
| main.go:43:3:43:13 | RequestData [pointer, Category] | main.go:43:3:43:13 | implicit dereference [Category] | provenance | |
| main.go:43:3:43:13 | implicit dereference [Category] | main.go:43:3:43:22 | selection of Category | provenance | |
@@ -67,10 +67,10 @@ edges
| main.go:48:2:48:12 | definition of RequestData [pointer, Category] | main.go:52:3:52:13 | RequestData [pointer, Category] | provenance | |
| main.go:49:3:49:14 | star expression [Category] | main.go:48:2:48:12 | definition of RequestData [pointer, Category] | provenance | |
| main.go:49:4:49:14 | RequestData [pointer, Category] | main.go:49:3:49:14 | star expression [Category] | provenance | |
| main.go:49:28:49:34 | selection of URL | main.go:49:28:49:42 | call to Query | provenance | MaD:735 |
| main.go:49:28:49:34 | selection of URL | main.go:49:28:49:42 | call to Query | provenance | MaD:738 |
| main.go:49:28:49:42 | call to Query | main.go:49:28:49:54 | index expression | provenance | |
| main.go:49:28:49:54 | index expression | main.go:49:3:49:14 | star expression [Category] | provenance | |
| main.go:51:7:52:23 | []type{args} [array] | main.go:51:7:52:23 | call to Sprintf | provenance | MaD:245 |
| main.go:51:7:52:23 | []type{args} [array] | main.go:51:7:52:23 | call to Sprintf | provenance | MaD:248 |
| main.go:51:7:52:23 | call to Sprintf | main.go:53:11:53:11 | q | provenance | |
| main.go:52:3:52:13 | RequestData [pointer, Category] | main.go:52:3:52:13 | implicit dereference [Category] | provenance | |
| main.go:52:3:52:13 | implicit dereference [Category] | main.go:52:3:52:22 | selection of Category | provenance | |
@@ -80,16 +80,16 @@ edges
| main.go:57:2:57:12 | definition of RequestData [pointer, Category] | main.go:61:5:61:15 | RequestData [pointer, Category] | provenance | |
| main.go:58:3:58:14 | star expression [Category] | main.go:57:2:57:12 | definition of RequestData [pointer, Category] | provenance | |
| main.go:58:4:58:14 | RequestData [pointer, Category] | main.go:58:3:58:14 | star expression [Category] | provenance | |
| main.go:58:28:58:34 | selection of URL | main.go:58:28:58:42 | call to Query | provenance | MaD:735 |
| main.go:58:28:58:34 | selection of URL | main.go:58:28:58:42 | call to Query | provenance | MaD:738 |
| main.go:58:28:58:42 | call to Query | main.go:58:28:58:54 | index expression | provenance | |
| main.go:58:28:58:54 | index expression | main.go:58:3:58:14 | star expression [Category] | provenance | |
| main.go:60:7:61:26 | []type{args} [array] | main.go:60:7:61:26 | call to Sprintf | provenance | MaD:245 |
| main.go:60:7:61:26 | []type{args} [array] | main.go:60:7:61:26 | call to Sprintf | provenance | MaD:248 |
| main.go:60:7:61:26 | call to Sprintf | main.go:62:11:62:11 | q | provenance | |
| main.go:61:3:61:25 | selection of Category | main.go:60:7:61:26 | []type{args} [array] | provenance | |
| main.go:61:3:61:25 | selection of Category | main.go:60:7:61:26 | call to Sprintf | provenance | FunctionModel |
| main.go:61:4:61:15 | star expression [Category] | main.go:61:3:61:25 | selection of Category | provenance | |
| main.go:61:5:61:15 | RequestData [pointer, Category] | main.go:61:4:61:15 | star expression [Category] | provenance | |
| mongoDB.go:40:20:40:30 | call to Referer | mongoDB.go:42:28:42:41 | untrustedInput | provenance | Src:MaD:673 |
| mongoDB.go:40:20:40:30 | call to Referer | mongoDB.go:42:28:42:41 | untrustedInput | provenance | Src:MaD:676 |
| mongoDB.go:42:19:42:42 | struct literal | mongoDB.go:50:34:50:39 | filter | provenance | |
| mongoDB.go:42:19:42:42 | struct literal | mongoDB.go:61:27:61:32 | filter | provenance | |
| mongoDB.go:42:19:42:42 | struct literal | mongoDB.go:63:23:63:28 | filter | provenance | |

View File

@@ -2,10 +2,10 @@ edges
| StringBreak.go:10:2:10:40 | ... := ...[0] | StringBreak.go:14:47:14:57 | versionJSON | provenance | |
| StringBreakMismatched.go:12:2:12:40 | ... := ...[0] | StringBreakMismatched.go:13:29:13:47 | type conversion | provenance | |
| StringBreakMismatched.go:13:13:13:62 | call to Replace | StringBreakMismatched.go:17:26:17:32 | escaped | provenance | |
| StringBreakMismatched.go:13:29:13:47 | type conversion | StringBreakMismatched.go:13:13:13:62 | call to Replace | provenance | MaD:838 |
| StringBreakMismatched.go:13:29:13:47 | type conversion | StringBreakMismatched.go:13:13:13:62 | call to Replace | provenance | MaD:841 |
| StringBreakMismatched.go:24:2:24:40 | ... := ...[0] | StringBreakMismatched.go:25:29:25:47 | type conversion | provenance | |
| StringBreakMismatched.go:25:13:25:61 | call to Replace | StringBreakMismatched.go:29:27:29:33 | escaped | provenance | |
| StringBreakMismatched.go:25:29:25:47 | type conversion | StringBreakMismatched.go:25:13:25:61 | call to Replace | provenance | MaD:838 |
| StringBreakMismatched.go:25:29:25:47 | type conversion | StringBreakMismatched.go:25:13:25:61 | call to Replace | provenance | MaD:841 |
nodes
| StringBreak.go:10:2:10:40 | ... := ...[0] | semmle.label | ... := ...[0] |
| StringBreak.go:14:47:14:57 | versionJSON | semmle.label | versionJSON |

View File

@@ -13,35 +13,31 @@ edges
| UnsafeTLS.go:297:5:297:38 | selection of TLS_ECDHE_RSA_WITH_RC4_128_SHA | UnsafeTLS.go:296:18:298:4 | slice literal | provenance | |
| UnsafeTLS.go:305:5:305:47 | selection of TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 | UnsafeTLS.go:304:18:306:4 | slice literal | provenance | |
| UnsafeTLS.go:313:5:313:45 | selection of TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 | UnsafeTLS.go:312:18:314:4 | slice literal | provenance | |
| UnsafeTLS.go:329:25:329:94 | []type{args} [array] | UnsafeTLS.go:329:25:329:94 | call to append | provenance | MaD:29 |
| UnsafeTLS.go:329:25:329:94 | []type{args} [array] | UnsafeTLS.go:329:25:329:94 | call to append | provenance | MaD:31 |
| UnsafeTLS.go:329:53:329:93 | selection of TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 | UnsafeTLS.go:329:25:329:94 | []type{args} [array] | provenance | |
| UnsafeTLS.go:329:53:329:93 | selection of TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 | UnsafeTLS.go:329:25:329:94 | call to append | provenance | FunctionModel |
| UnsafeTLS.go:334:13:334:38 | call to InsecureCipherSuites | UnsafeTLS.go:336:54:336:57 | selection of ID | provenance | |
| UnsafeTLS.go:336:26:336:58 | []type{args} [array] | UnsafeTLS.go:336:26:336:58 | call to append | provenance | MaD:29 |
| UnsafeTLS.go:336:26:336:58 | []type{args} [array] | UnsafeTLS.go:336:26:336:58 | call to append | provenance | MaD:31 |
| UnsafeTLS.go:336:54:336:57 | selection of ID | UnsafeTLS.go:336:26:336:58 | []type{args} [array] | provenance | |
| UnsafeTLS.go:336:54:336:57 | selection of ID | UnsafeTLS.go:336:26:336:58 | call to append | provenance | FunctionModel |
| UnsafeTLS.go:342:13:342:38 | call to InsecureCipherSuites | UnsafeTLS.go:344:40:344:43 | selection of ID | provenance | |
| UnsafeTLS.go:344:19:344:44 | []type{args} [array] | UnsafeTLS.go:344:19:344:44 | call to append | provenance | MaD:29 |
| UnsafeTLS.go:344:19:344:44 | []type{args} [array] | UnsafeTLS.go:344:19:344:44 | call to append [array] | provenance | MaD:29 |
| UnsafeTLS.go:344:19:344:44 | []type{args} [array] | UnsafeTLS.go:344:19:344:44 | call to append | provenance | MaD:31 |
| UnsafeTLS.go:344:19:344:44 | []type{args} [array] | UnsafeTLS.go:344:19:344:44 | call to append [array] | provenance | MaD:31 |
| UnsafeTLS.go:344:19:344:44 | call to append | UnsafeTLS.go:344:26:344:37 | cipherSuites | provenance | |
| UnsafeTLS.go:344:19:344:44 | call to append | UnsafeTLS.go:346:25:346:36 | cipherSuites | provenance | |
| UnsafeTLS.go:344:19:344:44 | call to append [array] | UnsafeTLS.go:344:26:344:37 | cipherSuites [array] | provenance | |
| UnsafeTLS.go:344:26:344:37 | cipherSuites | UnsafeTLS.go:344:19:344:44 | call to append | provenance | FunctionModel |
| UnsafeTLS.go:344:26:344:37 | cipherSuites [array] | UnsafeTLS.go:344:19:344:44 | call to append | provenance | MaD:28 |
| UnsafeTLS.go:344:26:344:37 | cipherSuites [array] | UnsafeTLS.go:344:19:344:44 | call to append [array] | provenance | MaD:28 |
| UnsafeTLS.go:344:26:344:37 | cipherSuites | UnsafeTLS.go:344:19:344:44 | call to append | provenance | MaD:28 |
| UnsafeTLS.go:344:26:344:37 | cipherSuites [array] | UnsafeTLS.go:344:19:344:44 | call to append | provenance | MaD:29 |
| UnsafeTLS.go:344:26:344:37 | cipherSuites [array] | UnsafeTLS.go:344:19:344:44 | call to append [array] | provenance | MaD:29 |
| UnsafeTLS.go:344:40:344:43 | selection of ID | UnsafeTLS.go:344:19:344:44 | []type{args} [array] | provenance | |
| UnsafeTLS.go:344:40:344:43 | selection of ID | UnsafeTLS.go:344:19:344:44 | call to append | provenance | FunctionModel |
| UnsafeTLS.go:351:13:351:38 | call to InsecureCipherSuites | UnsafeTLS.go:353:40:353:51 | selection of ID | provenance | |
| UnsafeTLS.go:353:19:353:52 | []type{args} [array] | UnsafeTLS.go:353:19:353:52 | call to append | provenance | MaD:29 |
| UnsafeTLS.go:353:19:353:52 | []type{args} [array] | UnsafeTLS.go:353:19:353:52 | call to append [array] | provenance | MaD:29 |
| UnsafeTLS.go:353:19:353:52 | []type{args} [array] | UnsafeTLS.go:353:19:353:52 | call to append | provenance | MaD:31 |
| UnsafeTLS.go:353:19:353:52 | []type{args} [array] | UnsafeTLS.go:353:19:353:52 | call to append [array] | provenance | MaD:31 |
| UnsafeTLS.go:353:19:353:52 | call to append | UnsafeTLS.go:353:26:353:37 | cipherSuites | provenance | |
| UnsafeTLS.go:353:19:353:52 | call to append | UnsafeTLS.go:355:25:355:36 | cipherSuites | provenance | |
| UnsafeTLS.go:353:19:353:52 | call to append [array] | UnsafeTLS.go:353:26:353:37 | cipherSuites [array] | provenance | |
| UnsafeTLS.go:353:26:353:37 | cipherSuites | UnsafeTLS.go:353:19:353:52 | call to append | provenance | FunctionModel |
| UnsafeTLS.go:353:26:353:37 | cipherSuites [array] | UnsafeTLS.go:353:19:353:52 | call to append | provenance | MaD:28 |
| UnsafeTLS.go:353:26:353:37 | cipherSuites [array] | UnsafeTLS.go:353:19:353:52 | call to append [array] | provenance | MaD:28 |
| UnsafeTLS.go:353:26:353:37 | cipherSuites | UnsafeTLS.go:353:19:353:52 | call to append | provenance | MaD:28 |
| UnsafeTLS.go:353:26:353:37 | cipherSuites [array] | UnsafeTLS.go:353:19:353:52 | call to append | provenance | MaD:29 |
| UnsafeTLS.go:353:26:353:37 | cipherSuites [array] | UnsafeTLS.go:353:19:353:52 | call to append [array] | provenance | MaD:29 |
| UnsafeTLS.go:353:40:353:51 | selection of ID | UnsafeTLS.go:353:19:353:52 | []type{args} [array] | provenance | |
| UnsafeTLS.go:353:40:353:51 | selection of ID | UnsafeTLS.go:353:19:353:52 | call to append | provenance | FunctionModel |
| UnsafeTLS.go:363:5:363:47 | selection of TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 | UnsafeTLS.go:362:18:364:4 | slice literal | provenance | |
| UnsafeTLS.go:371:5:371:47 | selection of TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 | UnsafeTLS.go:370:18:372:4 | slice literal | provenance | |
| UnsafeTLS.go:379:5:379:47 | selection of TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 | UnsafeTLS.go:378:18:380:4 | slice literal | provenance | |

View File

@@ -1,7 +1,7 @@
edges
| sample.go:15:10:15:64 | call to Sum256 | sample.go:16:9:16:15 | slice expression | provenance | |
| sample.go:15:24:15:63 | type conversion | sample.go:15:10:15:64 | call to Sum256 | provenance | FunctionModel |
| sample.go:15:31:15:62 | []type{args} [array] | sample.go:15:31:15:62 | call to Sprintf | provenance | MaD:245 |
| sample.go:15:31:15:62 | []type{args} [array] | sample.go:15:31:15:62 | call to Sprintf | provenance | MaD:248 |
| sample.go:15:31:15:62 | call to Sprintf | sample.go:15:24:15:63 | type conversion | provenance | |
| sample.go:15:49:15:61 | call to Uint32 | sample.go:15:31:15:62 | []type{args} [array] | provenance | |
| sample.go:15:49:15:61 | call to Uint32 | sample.go:15:31:15:62 | call to Sprintf | provenance | FunctionModel |
@@ -9,7 +9,7 @@ edges
| sample.go:33:2:33:6 | definition of nonce | sample.go:37:25:37:29 | nonce | provenance | |
| sample.go:33:2:33:6 | definition of nonce | sample.go:37:32:37:36 | nonce | provenance | |
| sample.go:34:12:34:40 | call to New | sample.go:35:14:35:19 | random | provenance | |
| sample.go:35:14:35:19 | random | sample.go:33:2:33:6 | definition of nonce | provenance | MaD:549 |
| sample.go:35:14:35:19 | random | sample.go:33:2:33:6 | definition of nonce | provenance | MaD:552 |
| sample.go:55:17:55:42 | call to Intn | sample.go:56:29:56:38 | randNumber | provenance | |
| sample.go:56:11:56:40 | type conversion | sample.go:58:32:58:43 | type conversion | provenance | |
| sample.go:56:18:56:39 | index expression | sample.go:56:11:56:40 | type conversion | provenance | |

View File

@@ -1,16 +1,16 @@
edges
| go-jose.v3.go:25:16:25:20 | selection of URL | go-jose.v3.go:25:16:25:28 | call to Query | provenance | MaD:735 |
| go-jose.v3.go:25:16:25:28 | call to Query | go-jose.v3.go:25:16:25:47 | call to Get | provenance | MaD:742 |
| go-jose.v3.go:25:16:25:20 | selection of URL | go-jose.v3.go:25:16:25:28 | call to Query | provenance | MaD:738 |
| go-jose.v3.go:25:16:25:28 | call to Query | go-jose.v3.go:25:16:25:47 | call to Get | provenance | MaD:745 |
| go-jose.v3.go:25:16:25:47 | call to Get | go-jose.v3.go:26:15:26:25 | signedToken | provenance | |
| go-jose.v3.go:26:15:26:25 | signedToken | go-jose.v3.go:29:19:29:29 | definition of signedToken | provenance | |
| go-jose.v3.go:29:19:29:29 | definition of signedToken | go-jose.v3.go:31:37:31:47 | signedToken | provenance | |
| go-jose.v3.go:31:2:31:48 | ... := ...[0] | go-jose.v3.go:33:12:33:23 | DecodedToken | provenance | Sink:MaD:321 |
| go-jose.v3.go:31:37:31:47 | signedToken | go-jose.v3.go:31:2:31:48 | ... := ...[0] | provenance | MaD:323 |
| golang-jwt-v5.go:28:16:28:20 | selection of URL | golang-jwt-v5.go:28:16:28:28 | call to Query | provenance | MaD:735 |
| golang-jwt-v5.go:28:16:28:28 | call to Query | golang-jwt-v5.go:28:16:28:47 | call to Get | provenance | MaD:742 |
| go-jose.v3.go:31:2:31:48 | ... := ...[0] | go-jose.v3.go:33:12:33:23 | DecodedToken | provenance | Sink:MaD:324 |
| go-jose.v3.go:31:37:31:47 | signedToken | go-jose.v3.go:31:2:31:48 | ... := ...[0] | provenance | MaD:326 |
| golang-jwt-v5.go:28:16:28:20 | selection of URL | golang-jwt-v5.go:28:16:28:28 | call to Query | provenance | MaD:738 |
| golang-jwt-v5.go:28:16:28:28 | call to Query | golang-jwt-v5.go:28:16:28:47 | call to Get | provenance | MaD:745 |
| golang-jwt-v5.go:28:16:28:47 | call to Get | golang-jwt-v5.go:29:25:29:35 | signedToken | provenance | |
| golang-jwt-v5.go:29:25:29:35 | signedToken | golang-jwt-v5.go:32:29:32:39 | definition of signedToken | provenance | |
| golang-jwt-v5.go:32:29:32:39 | definition of signedToken | golang-jwt-v5.go:34:58:34:68 | signedToken | provenance | Sink:MaD:335 |
| golang-jwt-v5.go:32:29:32:39 | definition of signedToken | golang-jwt-v5.go:34:58:34:68 | signedToken | provenance | Sink:MaD:338 |
nodes
| go-jose.v3.go:25:16:25:20 | selection of URL | semmle.label | selection of URL |
| go-jose.v3.go:25:16:25:28 | call to Query | semmle.label | call to Query |

View File

@@ -12,8 +12,8 @@ edges
| main.go:68:17:68:24 | argument corresponding to redirect | main.go:73:20:73:27 | redirect | provenance | |
| main.go:68:17:68:24 | definition of redirect | main.go:73:20:73:27 | redirect | provenance | |
| main.go:73:9:73:28 | call to Clean | main.go:77:25:77:39 | call to getTarget1 | provenance | |
| main.go:73:20:73:27 | redirect | main.go:73:9:73:28 | call to Clean | provenance | MaD:761 |
| main.go:73:20:73:27 | redirect | main.go:73:9:73:28 | call to Clean | provenance | MaD:761 |
| main.go:73:20:73:27 | redirect | main.go:73:9:73:28 | call to Clean | provenance | MaD:764 |
| main.go:73:20:73:27 | redirect | main.go:73:9:73:28 | call to Clean | provenance | MaD:764 |
| main.go:76:19:76:21 | argument corresponding to url | main.go:77:36:77:38 | url | provenance | |
| main.go:77:36:77:38 | url | main.go:68:17:68:24 | definition of redirect | provenance | |
| main.go:77:36:77:38 | url | main.go:77:25:77:39 | call to getTarget1 | provenance | |

View File

@@ -43,11 +43,11 @@ edges
| stdlib.go:162:24:162:26 | url | stdlib.go:162:24:162:35 | call to String | provenance | Config |
| stdlib.go:173:35:173:39 | selection of URL | stdlib.go:173:35:173:52 | call to RequestURI | provenance | Config |
| stdlib.go:173:35:173:52 | call to RequestURI | stdlib.go:173:24:173:52 | ...+... | provenance | Config |
| stdlib.go:182:13:182:33 | call to FormValue | stdlib.go:184:23:184:28 | target | provenance | Src:MaD:670 |
| stdlib.go:182:13:182:33 | call to FormValue | stdlib.go:184:23:184:28 | target | provenance | Src:MaD:673 |
| stdlib.go:190:3:190:8 | definition of target | stdlib.go:192:23:192:28 | target | provenance | |
| stdlib.go:190:3:190:8 | definition of target | stdlib.go:194:23:194:28 | target | provenance | |
| stdlib.go:190:3:190:57 | ... := ...[0] | stdlib.go:190:3:190:8 | definition of target | provenance | |
| stdlib.go:190:36:190:56 | call to FormValue | stdlib.go:190:3:190:57 | ... := ...[0] | provenance | Src:MaD:670 Config |
| stdlib.go:190:36:190:56 | call to FormValue | stdlib.go:190:3:190:57 | ... := ...[0] | provenance | Src:MaD:673 Config |
| stdlib.go:192:23:192:28 | implicit dereference | stdlib.go:190:3:190:8 | definition of target | provenance | Config |
| stdlib.go:192:23:192:28 | implicit dereference | stdlib.go:192:23:192:33 | selection of Path | provenance | Config |
| stdlib.go:192:23:192:28 | target | stdlib.go:192:23:192:28 | implicit dereference | provenance | Config |

View File

@@ -1,23 +1,23 @@
edges
| EmailBad.go:9:10:9:17 | selection of Header | EmailBad.go:9:10:9:29 | call to Get | provenance | MaD:655 |
| EmailBad.go:9:10:9:17 | selection of Header | EmailBad.go:9:10:9:29 | call to Get | provenance | MaD:658 |
| EmailBad.go:9:10:9:29 | call to Get | EmailBad.go:12:56:12:67 | type conversion | provenance | |
| main.go:29:21:29:31 | call to Referer | main.go:31:57:31:78 | type conversion | provenance | Src:MaD:673 |
| main.go:37:21:37:31 | call to Referer | main.go:41:25:41:38 | untrustedInput | provenance | Src:MaD:673 |
| main.go:41:25:41:38 | untrustedInput | main.go:40:3:40:7 | definition of write | provenance | MaD:552 |
| main.go:46:21:46:31 | call to Referer | main.go:52:46:52:59 | untrustedInput | provenance | Src:MaD:673 |
| main.go:46:21:46:31 | call to Referer | main.go:53:52:53:65 | untrustedInput | provenance | Src:MaD:673 |
| main.go:58:21:58:31 | call to Referer | main.go:60:47:60:60 | untrustedInput | provenance | Src:MaD:673 |
| main.go:29:21:29:31 | call to Referer | main.go:31:57:31:78 | type conversion | provenance | Src:MaD:676 |
| main.go:37:21:37:31 | call to Referer | main.go:41:25:41:38 | untrustedInput | provenance | Src:MaD:676 |
| main.go:41:25:41:38 | untrustedInput | main.go:40:3:40:7 | definition of write | provenance | MaD:555 |
| main.go:46:21:46:31 | call to Referer | main.go:52:46:52:59 | untrustedInput | provenance | Src:MaD:676 |
| main.go:46:21:46:31 | call to Referer | main.go:53:52:53:65 | untrustedInput | provenance | Src:MaD:676 |
| main.go:58:21:58:31 | call to Referer | main.go:60:47:60:60 | untrustedInput | provenance | Src:MaD:676 |
| main.go:60:14:60:61 | call to NewContent | main.go:63:16:63:22 | content | provenance | |
| main.go:60:47:60:60 | untrustedInput | main.go:60:14:60:61 | call to NewContent | provenance | MaD:384 |
| main.go:68:21:68:31 | call to Referer | main.go:74:47:74:60 | untrustedInput | provenance | Src:MaD:673 |
| main.go:60:47:60:60 | untrustedInput | main.go:60:14:60:61 | call to NewContent | provenance | MaD:387 |
| main.go:68:21:68:31 | call to Referer | main.go:74:47:74:60 | untrustedInput | provenance | Src:MaD:676 |
| main.go:74:14:74:61 | call to NewContent | main.go:76:50:76:56 | content | provenance | |
| main.go:74:14:74:61 | call to NewContent | main.go:76:59:76:65 | content | provenance | |
| main.go:74:14:74:61 | call to NewContent | main.go:77:16:77:22 | content | provenance | |
| main.go:74:47:74:60 | untrustedInput | main.go:74:14:74:61 | call to NewContent | provenance | MaD:384 |
| main.go:82:21:82:31 | call to Referer | main.go:89:37:89:50 | untrustedInput | provenance | Src:MaD:673 |
| main.go:82:21:82:31 | call to Referer | main.go:91:48:91:61 | untrustedInput | provenance | Src:MaD:673 |
| main.go:74:47:74:60 | untrustedInput | main.go:74:14:74:61 | call to NewContent | provenance | MaD:387 |
| main.go:82:21:82:31 | call to Referer | main.go:89:37:89:50 | untrustedInput | provenance | Src:MaD:676 |
| main.go:82:21:82:31 | call to Referer | main.go:91:48:91:61 | untrustedInput | provenance | Src:MaD:676 |
| main.go:91:15:91:62 | call to NewContent | main.go:93:16:93:23 | content2 | provenance | |
| main.go:91:48:91:61 | untrustedInput | main.go:91:15:91:62 | call to NewContent | provenance | MaD:384 |
| main.go:91:48:91:61 | untrustedInput | main.go:91:15:91:62 | call to NewContent | provenance | MaD:387 |
nodes
| EmailBad.go:9:10:9:17 | selection of Header | semmle.label | selection of Header |
| EmailBad.go:9:10:9:29 | call to Get | semmle.label | call to Get |

View File

@@ -1,16 +1,16 @@
edges
| XPathInjection.go:13:14:13:19 | selection of Form | XPathInjection.go:13:14:13:35 | call to Get | provenance | MaD:742 |
| XPathInjection.go:13:14:13:19 | selection of Form | XPathInjection.go:13:14:13:35 | call to Get | provenance | MaD:745 |
| XPathInjection.go:13:14:13:35 | call to Get | XPathInjection.go:16:29:16:91 | ...+... | provenance | |
| tst.go:34:14:34:19 | selection of Form | tst.go:34:14:34:35 | call to Get | provenance | MaD:742 |
| tst.go:34:14:34:19 | selection of Form | tst.go:34:14:34:35 | call to Get | provenance | MaD:745 |
| tst.go:34:14:34:35 | call to Get | tst.go:37:23:37:85 | ...+... | provenance | |
| tst.go:34:14:34:35 | call to Get | tst.go:40:24:40:86 | ...+... | provenance | |
| tst.go:34:14:34:35 | call to Get | tst.go:43:24:43:82 | ...+... | provenance | |
| tst.go:48:14:48:19 | selection of Form | tst.go:48:14:48:35 | call to Get | provenance | MaD:742 |
| tst.go:48:14:48:19 | selection of Form | tst.go:48:14:48:35 | call to Get | provenance | MaD:745 |
| tst.go:48:14:48:35 | call to Get | tst.go:51:26:51:84 | ...+... | provenance | |
| tst.go:48:14:48:35 | call to Get | tst.go:54:29:54:87 | ...+... | provenance | |
| tst.go:48:14:48:35 | call to Get | tst.go:57:33:57:91 | ...+... | provenance | |
| tst.go:48:14:48:35 | call to Get | tst.go:60:30:60:88 | ...+... | provenance | |
| tst.go:65:14:65:19 | selection of Form | tst.go:65:14:65:35 | call to Get | provenance | MaD:742 |
| tst.go:65:14:65:19 | selection of Form | tst.go:65:14:65:35 | call to Get | provenance | MaD:745 |
| tst.go:65:14:65:35 | call to Get | tst.go:68:25:68:83 | ...+... | provenance | |
| tst.go:65:14:65:35 | call to Get | tst.go:71:28:71:86 | ...+... | provenance | |
| tst.go:65:14:65:35 | call to Get | tst.go:74:25:74:83 | ...+... | provenance | |
@@ -19,38 +19,38 @@ edges
| tst.go:65:14:65:35 | call to Get | tst.go:83:29:83:87 | ...+... | provenance | |
| tst.go:65:14:65:35 | call to Get | tst.go:86:23:86:85 | ...+... | provenance | |
| tst.go:65:14:65:35 | call to Get | tst.go:89:22:89:84 | ...+... | provenance | |
| tst.go:94:14:94:19 | selection of Form | tst.go:94:14:94:35 | call to Get | provenance | MaD:742 |
| tst.go:94:14:94:19 | selection of Form | tst.go:94:14:94:35 | call to Get | provenance | MaD:745 |
| tst.go:94:14:94:35 | call to Get | tst.go:97:26:97:84 | ...+... | provenance | |
| tst.go:94:14:94:35 | call to Get | tst.go:100:29:100:87 | ...+... | provenance | |
| tst.go:94:14:94:35 | call to Get | tst.go:103:33:103:91 | ...+... | provenance | |
| tst.go:94:14:94:35 | call to Get | tst.go:106:30:106:88 | ...+... | provenance | |
| tst.go:111:14:111:19 | selection of Form | tst.go:111:14:111:35 | call to Get | provenance | MaD:742 |
| tst.go:111:14:111:19 | selection of Form | tst.go:111:14:111:35 | call to Get | provenance | MaD:745 |
| tst.go:111:14:111:35 | call to Get | tst.go:114:25:114:87 | ...+... | provenance | |
| tst.go:111:14:111:35 | call to Get | tst.go:117:26:117:88 | ...+... | provenance | |
| tst.go:122:14:122:19 | selection of Form | tst.go:122:14:122:35 | call to Get | provenance | MaD:742 |
| tst.go:122:14:122:19 | selection of Form | tst.go:122:14:122:35 | call to Get | provenance | MaD:745 |
| tst.go:122:14:122:35 | call to Get | tst.go:126:23:126:126 | ...+... | provenance | |
| tst.go:122:14:122:35 | call to Get | tst.go:129:24:129:127 | ...+... | provenance | |
| tst.go:122:14:122:35 | call to Get | tst.go:132:27:132:122 | ...+... | provenance | |
| tst.go:123:14:123:19 | selection of Form | tst.go:123:14:123:35 | call to Get | provenance | MaD:742 |
| tst.go:123:14:123:19 | selection of Form | tst.go:123:14:123:35 | call to Get | provenance | MaD:745 |
| tst.go:123:14:123:35 | call to Get | tst.go:126:23:126:126 | ...+... | provenance | |
| tst.go:123:14:123:35 | call to Get | tst.go:129:24:129:127 | ...+... | provenance | |
| tst.go:123:14:123:35 | call to Get | tst.go:132:27:132:122 | ...+... | provenance | |
| tst.go:140:14:140:19 | selection of Form | tst.go:140:14:140:35 | call to Get | provenance | MaD:742 |
| tst.go:140:14:140:19 | selection of Form | tst.go:140:14:140:35 | call to Get | provenance | MaD:745 |
| tst.go:140:14:140:35 | call to Get | tst.go:143:27:143:89 | ...+... | provenance | |
| tst.go:140:14:140:35 | call to Get | tst.go:146:28:146:90 | ...+... | provenance | |
| tst.go:151:14:151:19 | selection of Form | tst.go:151:14:151:35 | call to Get | provenance | MaD:742 |
| tst.go:151:14:151:19 | selection of Form | tst.go:151:14:151:35 | call to Get | provenance | MaD:745 |
| tst.go:151:14:151:35 | call to Get | tst.go:155:33:155:136 | ...+... | provenance | |
| tst.go:151:14:151:35 | call to Get | tst.go:158:18:158:121 | ...+... | provenance | |
| tst.go:151:14:151:35 | call to Get | tst.go:164:31:164:126 | ...+... | provenance | |
| tst.go:151:14:151:35 | call to Get | tst.go:173:21:173:116 | ...+... | provenance | |
| tst.go:151:14:151:35 | call to Get | tst.go:182:27:182:122 | ...+... | provenance | |
| tst.go:152:14:152:19 | selection of Form | tst.go:152:14:152:35 | call to Get | provenance | MaD:742 |
| tst.go:152:14:152:19 | selection of Form | tst.go:152:14:152:35 | call to Get | provenance | MaD:745 |
| tst.go:152:14:152:35 | call to Get | tst.go:155:33:155:136 | ...+... | provenance | |
| tst.go:152:14:152:35 | call to Get | tst.go:158:18:158:121 | ...+... | provenance | |
| tst.go:152:14:152:35 | call to Get | tst.go:164:31:164:126 | ...+... | provenance | |
| tst.go:152:14:152:35 | call to Get | tst.go:173:21:173:116 | ...+... | provenance | |
| tst.go:152:14:152:35 | call to Get | tst.go:182:27:182:122 | ...+... | provenance | |
| tst.go:193:14:193:19 | selection of Form | tst.go:193:14:193:35 | call to Get | provenance | MaD:742 |
| tst.go:193:14:193:19 | selection of Form | tst.go:193:14:193:35 | call to Get | provenance | MaD:745 |
| tst.go:193:14:193:35 | call to Get | tst.go:198:23:198:85 | ...+... | provenance | |
nodes
| XPathInjection.go:13:14:13:19 | selection of Form | semmle.label | selection of Form |

View File

@@ -1,12 +1,12 @@
edges
| RequestForgery.go:8:12:8:34 | call to FormValue | RequestForgery.go:11:24:11:65 | ...+... | provenance | Src:MaD:670 |
| tst.go:10:13:10:35 | call to FormValue | tst.go:14:11:14:17 | tainted | provenance | Src:MaD:670 |
| tst.go:10:13:10:35 | call to FormValue | tst.go:18:12:18:18 | tainted | provenance | Src:MaD:670 |
| tst.go:10:13:10:35 | call to FormValue | tst.go:21:34:21:40 | tainted | provenance | Src:MaD:670 |
| tst.go:10:13:10:35 | call to FormValue | tst.go:24:66:24:72 | tainted | provenance | Src:MaD:670 |
| tst.go:10:13:10:35 | call to FormValue | tst.go:27:11:27:29 | ...+... | provenance | Src:MaD:670 |
| tst.go:10:13:10:35 | call to FormValue | tst.go:29:11:29:40 | ...+... | provenance | Src:MaD:670 |
| tst.go:10:13:10:35 | call to FormValue | tst.go:36:11:36:17 | tainted | provenance | Src:MaD:670 |
| RequestForgery.go:8:12:8:34 | call to FormValue | RequestForgery.go:11:24:11:65 | ...+... | provenance | Src:MaD:673 |
| tst.go:10:13:10:35 | call to FormValue | tst.go:14:11:14:17 | tainted | provenance | Src:MaD:673 |
| tst.go:10:13:10:35 | call to FormValue | tst.go:18:12:18:18 | tainted | provenance | Src:MaD:673 |
| tst.go:10:13:10:35 | call to FormValue | tst.go:21:34:21:40 | tainted | provenance | Src:MaD:673 |
| tst.go:10:13:10:35 | call to FormValue | tst.go:24:66:24:72 | tainted | provenance | Src:MaD:673 |
| tst.go:10:13:10:35 | call to FormValue | tst.go:27:11:27:29 | ...+... | provenance | Src:MaD:673 |
| tst.go:10:13:10:35 | call to FormValue | tst.go:29:11:29:40 | ...+... | provenance | Src:MaD:673 |
| tst.go:10:13:10:35 | call to FormValue | tst.go:36:11:36:17 | tainted | provenance | Src:MaD:673 |
| tst.go:35:2:35:2 | definition of u [pointer] | tst.go:36:2:36:2 | u [pointer] | provenance | |
| tst.go:36:2:36:2 | implicit dereference | tst.go:35:2:35:2 | definition of u [pointer] | provenance | |
| tst.go:36:2:36:2 | implicit dereference | tst.go:36:2:36:2 | u | provenance | |
@@ -17,16 +17,16 @@ edges
| tst.go:36:2:36:2 | u [pointer] | tst.go:36:2:36:2 | implicit dereference | provenance | |
| tst.go:36:11:36:17 | tainted | tst.go:36:2:36:2 | u | provenance | Config |
| tst.go:36:11:36:17 | tainted | tst.go:37:11:37:11 | u | provenance | Config |
| tst.go:37:11:37:11 | u | tst.go:37:11:37:20 | call to String | provenance | MaD:235 |
| websocket.go:60:21:60:31 | call to Referer | websocket.go:65:27:65:40 | untrustedInput | provenance | Src:MaD:673 |
| websocket.go:74:21:74:31 | call to Referer | websocket.go:78:36:78:49 | untrustedInput | provenance | Src:MaD:673 |
| websocket.go:88:21:88:31 | call to Referer | websocket.go:91:31:91:44 | untrustedInput | provenance | Src:MaD:673 |
| websocket.go:107:21:107:31 | call to Referer | websocket.go:110:15:110:28 | untrustedInput | provenance | Src:MaD:673 |
| websocket.go:126:21:126:31 | call to Referer | websocket.go:129:38:129:51 | untrustedInput | provenance | Src:MaD:673 |
| websocket.go:154:21:154:31 | call to Referer | websocket.go:155:31:155:44 | untrustedInput | provenance | Src:MaD:673 |
| websocket.go:160:21:160:31 | call to Referer | websocket.go:162:31:162:44 | untrustedInput | provenance | Src:MaD:673 |
| websocket.go:195:21:195:31 | call to Referer | websocket.go:197:18:197:31 | untrustedInput | provenance | Src:MaD:673 |
| websocket.go:202:21:202:31 | call to Referer | websocket.go:204:11:204:24 | untrustedInput | provenance | Src:MaD:673 |
| tst.go:37:11:37:11 | u | tst.go:37:11:37:20 | call to String | provenance | MaD:238 |
| websocket.go:60:21:60:31 | call to Referer | websocket.go:65:27:65:40 | untrustedInput | provenance | Src:MaD:676 |
| websocket.go:74:21:74:31 | call to Referer | websocket.go:78:36:78:49 | untrustedInput | provenance | Src:MaD:676 |
| websocket.go:88:21:88:31 | call to Referer | websocket.go:91:31:91:44 | untrustedInput | provenance | Src:MaD:676 |
| websocket.go:107:21:107:31 | call to Referer | websocket.go:110:15:110:28 | untrustedInput | provenance | Src:MaD:676 |
| websocket.go:126:21:126:31 | call to Referer | websocket.go:129:38:129:51 | untrustedInput | provenance | Src:MaD:676 |
| websocket.go:154:21:154:31 | call to Referer | websocket.go:155:31:155:44 | untrustedInput | provenance | Src:MaD:676 |
| websocket.go:160:21:160:31 | call to Referer | websocket.go:162:31:162:44 | untrustedInput | provenance | Src:MaD:676 |
| websocket.go:195:21:195:31 | call to Referer | websocket.go:197:18:197:31 | untrustedInput | provenance | Src:MaD:676 |
| websocket.go:202:21:202:31 | call to Referer | websocket.go:204:11:204:24 | untrustedInput | provenance | Src:MaD:676 |
nodes
| RequestForgery.go:8:12:8:34 | call to FormValue | semmle.label | call to FormValue |
| RequestForgery.go:11:24:11:65 | ...+... | semmle.label | ...+... |

View File

@@ -29,4 +29,10 @@ extensions:
- ["org.apache.commons.io", "FileUtils", True, "copyToFile", "(InputStream,File)", "", "Argument[0]", "file-content-store", "ai-manual"]
- ["org.apache.commons.io", "FileUtils", True, "copyToFile", "(InputStream,File)", "", "Argument[1]", "path-injection", "manual"]
- ["org.apache.commons.io", "FileUtils", True, "openInputStream", "(File)", "", "Argument[0]", "path-injection", "ai-manual"]
- ["org.apache.commons.io", "FileUtils", True, "delete", "(File)", "", "Argument[0]", "path-injection", "manual"]
- ["org.apache.commons.io", "FileUtils", True, "deleteDirectory", "(File)", "", "Argument[0]", "path-injection", "manual"]
- ["org.apache.commons.io", "FileUtils", True, "deleteQuietly", "(File)", "", "Argument[0]", "path-injection", "manual"]
- ["org.apache.commons.io", "FileUtils", True, "forceDelete", "(File)", "", "Argument[0]", "path-injection", "manual"]
- ["org.apache.commons.io", "FileUtils", True, "forceDeleteOnExit", "(File)", "", "Argument[0]", "path-injection", "manual"]
- ["org.apache.commons.io", "FileUtils", True, "forceMkdirParent", "(File)", "", "Argument[0]", "path-injection", "manual"]
- ["org.apache.commons.io", "IOUtils", False, "resourceToString", "(String,Charset)", "", "Argument[0]", "path-injection", "ai-manual"]

View File

@@ -15,6 +15,8 @@ private class ShortStringLiteral extends StringLiteral {
class BrokenAlgoLiteral extends ShortStringLiteral {
BrokenAlgoLiteral() {
this.getValue().regexpMatch(getInsecureAlgorithmRegex()) and
// Exclude RSA/ECB/.* ciphers.
not this.getValue().regexpMatch("RSA/ECB.*") and
// Exclude German and French sentences.
not this.getValue().regexpMatch(".*\\p{IsLowercase} des \\p{IsLetter}.*")
}

View File

@@ -0,0 +1,4 @@
---
category: majorAnalysis
---
* The query `java/weak-cryptographic-algorithm` no longer alerts about `RSA/ECB` algorithm strings.

View File

@@ -0,0 +1,4 @@
---
category: minorAnalysis
---
* Added more `org.apache.commons.io.FileUtils`-related sinks to the path injection query.

View File

@@ -19,18 +19,18 @@ edges
| SpringUrlRedirect.java:104:39:104:56 | redirectUrl : String | SpringUrlRedirect.java:106:37:106:47 | redirectUrl : String | provenance | |
| SpringUrlRedirect.java:106:9:106:19 | httpHeaders [post update] : HttpHeaders | SpringUrlRedirect.java:108:68:108:78 | httpHeaders | provenance | |
| SpringUrlRedirect.java:106:9:106:19 | httpHeaders [post update] : HttpHeaders [<map.value>, <element>] : String | SpringUrlRedirect.java:108:68:108:78 | httpHeaders | provenance | |
| SpringUrlRedirect.java:106:37:106:47 | redirectUrl : String | SpringUrlRedirect.java:106:9:106:19 | httpHeaders [post update] : HttpHeaders | provenance | MaD:49213 |
| SpringUrlRedirect.java:106:37:106:47 | redirectUrl : String | SpringUrlRedirect.java:106:9:106:19 | httpHeaders [post update] : HttpHeaders [<map.value>, <element>] : String | provenance | MaD:49454 |
| SpringUrlRedirect.java:106:37:106:47 | redirectUrl : String | SpringUrlRedirect.java:106:9:106:19 | httpHeaders [post update] : HttpHeaders | provenance | MaD:49219 |
| SpringUrlRedirect.java:106:37:106:47 | redirectUrl : String | SpringUrlRedirect.java:106:9:106:19 | httpHeaders [post update] : HttpHeaders [<map.value>, <element>] : String | provenance | MaD:49460 |
| SpringUrlRedirect.java:112:39:112:56 | redirectUrl : String | SpringUrlRedirect.java:114:37:114:47 | redirectUrl : String | provenance | |
| SpringUrlRedirect.java:114:9:114:19 | httpHeaders [post update] : HttpHeaders | SpringUrlRedirect.java:116:37:116:47 | httpHeaders | provenance | |
| SpringUrlRedirect.java:114:9:114:19 | httpHeaders [post update] : HttpHeaders [<map.value>, <element>] : String | SpringUrlRedirect.java:116:37:116:47 | httpHeaders | provenance | |
| SpringUrlRedirect.java:114:37:114:47 | redirectUrl : String | SpringUrlRedirect.java:114:9:114:19 | httpHeaders [post update] : HttpHeaders | provenance | MaD:49213 |
| SpringUrlRedirect.java:114:37:114:47 | redirectUrl : String | SpringUrlRedirect.java:114:9:114:19 | httpHeaders [post update] : HttpHeaders [<map.value>, <element>] : String | provenance | MaD:49454 |
| SpringUrlRedirect.java:114:37:114:47 | redirectUrl : String | SpringUrlRedirect.java:114:9:114:19 | httpHeaders [post update] : HttpHeaders | provenance | MaD:49219 |
| SpringUrlRedirect.java:114:37:114:47 | redirectUrl : String | SpringUrlRedirect.java:114:9:114:19 | httpHeaders [post update] : HttpHeaders [<map.value>, <element>] : String | provenance | MaD:49460 |
| SpringUrlRedirect.java:120:33:120:50 | redirectUrl : String | SpringUrlRedirect.java:122:37:122:47 | redirectUrl : String | provenance | |
| SpringUrlRedirect.java:122:9:122:19 | httpHeaders [post update] : HttpHeaders | SpringUrlRedirect.java:124:49:124:59 | httpHeaders | provenance | |
| SpringUrlRedirect.java:122:9:122:19 | httpHeaders [post update] : HttpHeaders [<map.value>, <element>] : String | SpringUrlRedirect.java:124:49:124:59 | httpHeaders | provenance | |
| SpringUrlRedirect.java:122:37:122:47 | redirectUrl : String | SpringUrlRedirect.java:122:9:122:19 | httpHeaders [post update] : HttpHeaders | provenance | MaD:49213 |
| SpringUrlRedirect.java:122:37:122:47 | redirectUrl : String | SpringUrlRedirect.java:122:9:122:19 | httpHeaders [post update] : HttpHeaders [<map.value>, <element>] : String | provenance | MaD:49454 |
| SpringUrlRedirect.java:122:37:122:47 | redirectUrl : String | SpringUrlRedirect.java:122:9:122:19 | httpHeaders [post update] : HttpHeaders | provenance | MaD:49219 |
| SpringUrlRedirect.java:122:37:122:47 | redirectUrl : String | SpringUrlRedirect.java:122:9:122:19 | httpHeaders [post update] : HttpHeaders [<map.value>, <element>] : String | provenance | MaD:49460 |
| SpringUrlRedirect.java:128:33:128:50 | redirectUrl : String | SpringUrlRedirect.java:130:44:130:54 | redirectUrl : String | provenance | |
| SpringUrlRedirect.java:130:9:130:19 | httpHeaders : HttpHeaders | SpringUrlRedirect.java:132:49:132:59 | httpHeaders | provenance | |
| SpringUrlRedirect.java:130:33:130:55 | create(...) : URI | SpringUrlRedirect.java:130:9:130:19 | httpHeaders : HttpHeaders | provenance | Config |

View File

@@ -92,68 +92,68 @@ edges
| LdapInjection.java:196:32:196:78 | uBadSearchRequestSetFilter : String | LdapInjection.java:199:17:199:42 | uBadSearchRequestSetFilter : String | provenance | |
| LdapInjection.java:199:5:199:5 | s : SearchRequest | LdapInjection.java:200:14:200:14 | s | provenance | Sink:MaD:1933 |
| LdapInjection.java:199:17:199:42 | uBadSearchRequestSetFilter : String | LdapInjection.java:199:5:199:5 | s : SearchRequest | provenance | Config |
| LdapInjection.java:229:30:229:54 | sBad : String | LdapInjection.java:230:36:230:55 | ... + ... | provenance | Sink:MaD:49343 |
| LdapInjection.java:229:57:229:83 | sBadDN : String | LdapInjection.java:230:14:230:33 | ... + ... | provenance | Sink:MaD:49343 |
| LdapInjection.java:234:30:234:54 | sBad : String | LdapInjection.java:235:88:235:107 | ... + ... | provenance | Sink:MaD:49333 |
| LdapInjection.java:229:30:229:54 | sBad : String | LdapInjection.java:230:36:230:55 | ... + ... | provenance | Sink:MaD:49349 |
| LdapInjection.java:229:57:229:83 | sBadDN : String | LdapInjection.java:230:14:230:33 | ... + ... | provenance | Sink:MaD:49349 |
| LdapInjection.java:234:30:234:54 | sBad : String | LdapInjection.java:235:88:235:107 | ... + ... | provenance | Sink:MaD:49339 |
| LdapInjection.java:234:57:234:92 | sBadDNLNBuilder : String | LdapInjection.java:235:48:235:76 | ... + ... : String | provenance | |
| LdapInjection.java:235:20:235:77 | newInstance(...) : LdapNameBuilder | LdapInjection.java:235:20:235:85 | build(...) | provenance | Config Sink:MaD:49333 |
| LdapInjection.java:235:20:235:77 | newInstance(...) : LdapNameBuilder | LdapInjection.java:235:20:235:85 | build(...) | provenance | Config Sink:MaD:49339 |
| LdapInjection.java:235:48:235:76 | ... + ... : String | LdapInjection.java:235:20:235:77 | newInstance(...) : LdapNameBuilder | provenance | Config |
| LdapInjection.java:239:30:239:54 | sBad : String | LdapInjection.java:240:100:240:119 | ... + ... | provenance | Sink:MaD:49345 |
| LdapInjection.java:239:30:239:54 | sBad : String | LdapInjection.java:240:100:240:119 | ... + ... | provenance | Sink:MaD:49351 |
| LdapInjection.java:239:57:239:95 | sBadDNLNBuilderAdd : String | LdapInjection.java:240:57:240:88 | ... + ... : String | provenance | |
| LdapInjection.java:240:23:240:89 | add(...) : LdapNameBuilder | LdapInjection.java:240:23:240:97 | build(...) | provenance | Config Sink:MaD:49330 |
| LdapInjection.java:240:23:240:89 | add(...) : LdapNameBuilder | LdapInjection.java:240:23:240:97 | build(...) | provenance | Config Sink:MaD:49345 |
| LdapInjection.java:240:23:240:89 | add(...) : LdapNameBuilder | LdapInjection.java:240:23:240:97 | build(...) | provenance | Config Sink:MaD:49336 |
| LdapInjection.java:240:23:240:89 | add(...) : LdapNameBuilder | LdapInjection.java:240:23:240:97 | build(...) | provenance | Config Sink:MaD:49351 |
| LdapInjection.java:240:57:240:88 | ... + ... : String | LdapInjection.java:240:23:240:89 | add(...) : LdapNameBuilder | provenance | Config |
| LdapInjection.java:244:30:244:63 | sBadLdapQuery : String | LdapInjection.java:245:47:245:75 | ... + ... : String | provenance | |
| LdapInjection.java:245:47:245:75 | ... + ... : String | LdapInjection.java:245:15:245:76 | filter(...) | provenance | Config Sink:MaD:49342 |
| LdapInjection.java:245:47:245:75 | ... + ... : String | LdapInjection.java:245:15:245:76 | filter(...) | provenance | Config Sink:MaD:49348 |
| LdapInjection.java:249:30:249:60 | sBadFilter : String | LdapInjection.java:250:86:250:111 | ... + ... : String | provenance | |
| LdapInjection.java:249:63:249:98 | sBadDNLdapUtils : String | LdapInjection.java:250:34:250:62 | ... + ... : String | provenance | |
| LdapInjection.java:250:34:250:62 | ... + ... : String | LdapInjection.java:250:12:250:63 | newLdapName(...) | provenance | Config Sink:MaD:49341 |
| LdapInjection.java:250:86:250:111 | ... + ... : String | LdapInjection.java:250:66:250:112 | new HardcodedFilter(...) | provenance | Config Sink:MaD:49341 |
| LdapInjection.java:250:34:250:62 | ... + ... : String | LdapInjection.java:250:12:250:63 | newLdapName(...) | provenance | Config Sink:MaD:49347 |
| LdapInjection.java:250:86:250:111 | ... + ... : String | LdapInjection.java:250:66:250:112 | new HardcodedFilter(...) | provenance | Config Sink:MaD:49347 |
| LdapInjection.java:254:30:254:63 | sBadLdapQuery : String | LdapInjection.java:255:56:255:84 | ... + ... : String | provenance | |
| LdapInjection.java:255:56:255:84 | ... + ... : String | LdapInjection.java:255:24:255:85 | filter(...) | provenance | Config Sink:MaD:49344 |
| LdapInjection.java:255:56:255:84 | ... + ... : String | LdapInjection.java:255:24:255:85 | filter(...) | provenance | Config Sink:MaD:49350 |
| LdapInjection.java:259:30:259:64 | sBadLdapQuery2 : String | LdapInjection.java:260:51:260:80 | ... + ... : String | provenance | |
| LdapInjection.java:260:19:260:81 | filter(...) : LdapQuery | LdapInjection.java:261:24:261:24 | q | provenance | Sink:MaD:49344 |
| LdapInjection.java:260:19:260:81 | filter(...) : LdapQuery | LdapInjection.java:261:24:261:24 | q | provenance | Sink:MaD:49350 |
| LdapInjection.java:260:51:260:80 | ... + ... : String | LdapInjection.java:260:19:260:81 | filter(...) : LdapQuery | provenance | Config |
| LdapInjection.java:265:30:265:73 | sBadLdapQueryWithFilter : String | LdapInjection.java:266:76:266:114 | ... + ... : String | provenance | |
| LdapInjection.java:266:56:266:115 | new HardcodedFilter(...) : HardcodedFilter | LdapInjection.java:266:24:266:116 | filter(...) | provenance | Config Sink:MaD:49344 |
| LdapInjection.java:266:56:266:115 | new HardcodedFilter(...) : HardcodedFilter | LdapInjection.java:266:24:266:116 | filter(...) | provenance | Config Sink:MaD:49350 |
| LdapInjection.java:266:76:266:114 | ... + ... : String | LdapInjection.java:266:56:266:115 | new HardcodedFilter(...) : HardcodedFilter | provenance | Config |
| LdapInjection.java:270:30:270:74 | sBadLdapQueryWithFilter2 : String | LdapInjection.java:271:68:271:107 | ... + ... : String | provenance | |
| LdapInjection.java:271:48:271:108 | new HardcodedFilter(...) : HardcodedFilter | LdapInjection.java:272:56:272:56 | f : HardcodedFilter | provenance | |
| LdapInjection.java:271:68:271:107 | ... + ... : String | LdapInjection.java:271:48:271:108 | new HardcodedFilter(...) : HardcodedFilter | provenance | Config |
| LdapInjection.java:272:56:272:56 | f : HardcodedFilter | LdapInjection.java:272:24:272:57 | filter(...) | provenance | Config Sink:MaD:49344 |
| LdapInjection.java:272:56:272:56 | f : HardcodedFilter | LdapInjection.java:272:24:272:57 | filter(...) | provenance | Config Sink:MaD:49350 |
| LdapInjection.java:276:31:276:68 | sBadLdapQueryBase : String | LdapInjection.java:277:42:277:58 | sBadLdapQueryBase : String | provenance | |
| LdapInjection.java:277:12:277:59 | base(...) : LdapQueryBuilder | LdapInjection.java:277:12:277:66 | base(...) | provenance | Config Sink:MaD:49341 |
| LdapInjection.java:277:12:277:59 | base(...) : LdapQueryBuilder | LdapInjection.java:277:12:277:66 | base(...) | provenance | Config Sink:MaD:49347 |
| LdapInjection.java:277:42:277:58 | sBadLdapQueryBase : String | LdapInjection.java:277:12:277:59 | base(...) : LdapQueryBuilder | provenance | Config |
| LdapInjection.java:281:31:281:71 | sBadLdapQueryComplex : String | LdapInjection.java:282:54:282:73 | sBadLdapQueryComplex : String | provenance | |
| LdapInjection.java:282:24:282:74 | base(...) : LdapQueryBuilder | LdapInjection.java:282:24:282:87 | where(...) : ConditionCriteria | provenance | Config |
| LdapInjection.java:282:24:282:87 | where(...) : ConditionCriteria | LdapInjection.java:282:24:282:98 | is(...) | provenance | Config Sink:MaD:49344 |
| LdapInjection.java:282:24:282:87 | where(...) : ConditionCriteria | LdapInjection.java:282:24:282:98 | is(...) | provenance | Config Sink:MaD:49350 |
| LdapInjection.java:282:54:282:73 | sBadLdapQueryComplex : String | LdapInjection.java:282:24:282:74 | base(...) : LdapQueryBuilder | provenance | Config |
| LdapInjection.java:286:31:286:69 | sBadFilterToString : String | LdapInjection.java:287:38:287:71 | ... + ... : String | provenance | |
| LdapInjection.java:287:18:287:72 | new HardcodedFilter(...) : HardcodedFilter | LdapInjection.java:287:18:287:83 | toString(...) | provenance | Config Sink:MaD:49343 |
| LdapInjection.java:287:18:287:72 | new HardcodedFilter(...) : HardcodedFilter | LdapInjection.java:287:18:287:83 | toString(...) | provenance | Config Sink:MaD:49349 |
| LdapInjection.java:287:38:287:71 | ... + ... : String | LdapInjection.java:287:18:287:72 | new HardcodedFilter(...) : HardcodedFilter | provenance | Config |
| LdapInjection.java:291:31:291:67 | sBadFilterEncode : String | LdapInjection.java:293:25:293:56 | ... + ... : String | provenance | |
| LdapInjection.java:293:5:293:57 | new HardcodedFilter(...) : HardcodedFilter | LdapInjection.java:293:66:293:66 | s : StringBuffer | provenance | Config |
| LdapInjection.java:293:25:293:56 | ... + ... : String | LdapInjection.java:293:5:293:57 | new HardcodedFilter(...) : HardcodedFilter | provenance | Config |
| LdapInjection.java:293:66:293:66 | s : StringBuffer | LdapInjection.java:294:18:294:18 | s : StringBuffer | provenance | |
| LdapInjection.java:294:18:294:18 | s : StringBuffer | LdapInjection.java:294:18:294:29 | toString(...) | provenance | MaD:42720 Sink:MaD:49343 |
| LdapInjection.java:314:30:314:54 | aBad : String | LdapInjection.java:316:36:316:55 | ... + ... | provenance | Sink:MaD:47441 |
| LdapInjection.java:314:57:314:83 | aBadDN : String | LdapInjection.java:316:14:316:33 | ... + ... | provenance | Sink:MaD:47441 |
| LdapInjection.java:320:30:320:54 | aBad : String | LdapInjection.java:322:65:322:84 | ... + ... | provenance | Sink:MaD:47441 |
| LdapInjection.java:294:18:294:18 | s : StringBuffer | LdapInjection.java:294:18:294:29 | toString(...) | provenance | MaD:42720 Sink:MaD:49349 |
| LdapInjection.java:314:30:314:54 | aBad : String | LdapInjection.java:316:36:316:55 | ... + ... | provenance | Sink:MaD:47447 |
| LdapInjection.java:314:57:314:83 | aBadDN : String | LdapInjection.java:316:14:316:33 | ... + ... | provenance | Sink:MaD:47447 |
| LdapInjection.java:320:30:320:54 | aBad : String | LdapInjection.java:322:65:322:84 | ... + ... | provenance | Sink:MaD:47447 |
| LdapInjection.java:320:57:320:94 | aBadDNObjToString : String | LdapInjection.java:322:21:322:51 | ... + ... : String | provenance | |
| LdapInjection.java:322:14:322:52 | new Dn(...) : Dn | LdapInjection.java:322:14:322:62 | getName(...) | provenance | Config Sink:MaD:47441 |
| LdapInjection.java:322:14:322:52 | new Dn(...) : Dn | LdapInjection.java:322:14:322:62 | getName(...) | provenance | Config Sink:MaD:47447 |
| LdapInjection.java:322:21:322:51 | ... + ... : String | LdapInjection.java:322:14:322:52 | new Dn(...) : Dn | provenance | Config |
| LdapInjection.java:326:30:326:67 | aBadSearchRequest : String | LdapInjection.java:329:17:329:49 | ... + ... : String | provenance | |
| LdapInjection.java:329:5:329:5 | s : SearchRequestImpl | LdapInjection.java:330:14:330:14 | s | provenance | Sink:MaD:47441 |
| LdapInjection.java:329:5:329:5 | s : SearchRequestImpl | LdapInjection.java:330:14:330:14 | s | provenance | Sink:MaD:47447 |
| LdapInjection.java:329:17:329:49 | ... + ... : String | LdapInjection.java:329:5:329:5 | s : SearchRequestImpl | provenance | Config |
| LdapInjection.java:334:74:334:103 | aBadDNObj : String | LdapInjection.java:337:22:337:44 | ... + ... : String | provenance | |
| LdapInjection.java:337:5:337:5 | s : SearchRequestImpl | LdapInjection.java:338:14:338:14 | s | provenance | Sink:MaD:47441 |
| LdapInjection.java:337:5:337:5 | s : SearchRequestImpl | LdapInjection.java:338:14:338:14 | s | provenance | Sink:MaD:47447 |
| LdapInjection.java:337:15:337:45 | new Dn(...) : Dn | LdapInjection.java:337:5:337:5 | s : SearchRequestImpl | provenance | Config |
| LdapInjection.java:337:22:337:44 | ... + ... : String | LdapInjection.java:337:15:337:45 | new Dn(...) : Dn | provenance | Config |
| LdapInjection.java:342:30:342:72 | aBadDNSearchRequestGet : String | LdapInjection.java:345:22:345:57 | ... + ... : String | provenance | |
| LdapInjection.java:345:5:345:5 | s : SearchRequestImpl | LdapInjection.java:346:14:346:14 | s : SearchRequestImpl | provenance | |
| LdapInjection.java:345:15:345:58 | new Dn(...) : Dn | LdapInjection.java:345:5:345:5 | s : SearchRequestImpl | provenance | Config |
| LdapInjection.java:345:22:345:57 | ... + ... : String | LdapInjection.java:345:15:345:58 | new Dn(...) : Dn | provenance | Config |
| LdapInjection.java:346:14:346:14 | s : SearchRequestImpl | LdapInjection.java:346:14:346:24 | getBase(...) | provenance | Config Sink:MaD:47441 |
| LdapInjection.java:346:14:346:14 | s : SearchRequestImpl | LdapInjection.java:346:14:346:24 | getBase(...) | provenance | Config Sink:MaD:47447 |
nodes
| LdapInjection.java:45:28:45:52 | jBad : String | semmle.label | jBad : String |
| LdapInjection.java:45:55:45:81 | jBadDN : String | semmle.label | jBadDN : String |

View File

@@ -4,7 +4,7 @@ edges
| UrlRedirect.java:45:28:45:39 | input : String | UrlRedirect.java:46:10:46:14 | input : String | provenance | |
| UrlRedirect.java:46:10:46:14 | input : String | UrlRedirect.java:46:10:46:40 | replaceAll(...) : String | provenance | MaD:42761 |
| mad/Test.java:9:16:9:41 | getParameter(...) : String | mad/Test.java:14:31:14:38 | source(...) : String | provenance | Src:MaD:44678 |
| mad/Test.java:14:31:14:38 | source(...) : String | mad/Test.java:14:22:14:38 | (...)... | provenance | Sink:MaD:48998 |
| mad/Test.java:14:31:14:38 | source(...) : String | mad/Test.java:14:22:14:38 | (...)... | provenance | Sink:MaD:49004 |
nodes
| UrlRedirect2.java:27:25:27:54 | getParameter(...) | semmle.label | getParameter(...) |
| UrlRedirect.java:23:25:23:54 | getParameter(...) | semmle.label | getParameter(...) |

View File

@@ -36,11 +36,3 @@ codeql_pack(
visibility = ["//visibility:public"],
zips = {"//javascript/extractor/lib/typescript": "tools"},
)
# TODO copy for internal repository backward compatibility
genrule(
name = "javascript.zip",
srcs = [":javascript-generic-zip"],
outs = ["javascript.zip"],
cmd = "cp $< $@",
)

23
misc/bazel/rust.bzl Normal file
View File

@@ -0,0 +1,23 @@
load("@rules_rust//rust:defs.bzl", "rust_binary")
load("@semmle_code//buildutils-internal:glibc_symbols_check.bzl", "glibc_symbols_check")
load("@semmle_code//buildutils-internal:lipo.bzl", "universal_binary")
def codeql_rust_binary(
name,
target_compatible_with = None,
visibility = None,
symbols_test = True,
**kwargs):
rust_label_name = name + "_single_arch"
universal_binary(
name = name,
dep = ":" + rust_label_name,
target_compatible_with = target_compatible_with,
visibility = visibility,
)
rust_binary(
name = rust_label_name,
**kwargs
)
if symbols_test:
glibc_symbols_check(name = name + "symbols-test", binary = name)

View File

@@ -1,5 +1,5 @@
load("@py_deps//:defs.bzl", "aliases", "all_crate_deps")
load("@semmle_code//:common.bzl", "codeql_rust_binary")
load("//misc/bazel:rust.bzl", "codeql_rust_binary")
codeql_rust_binary(
name = "tsg-python",

File diff suppressed because it is too large Load Diff

View File

@@ -6,15 +6,6 @@ version = "0.1.0"
authors = ["Taus Brock-Nannestad <tausbn@github.com>"]
edition = "2021"
# When changing/updating these, the `Cargo.Bazel.lock` file has to be regenerated.
# Run `CARGO_BAZEL_REPIN=true CARGO_BAZEL_REPIN_ONLY=py_deps ./tools/bazel sync --only=py_deps`
# in the `semmle-code` repository to do so.
# For more information, check out the documentation at
# https://bazelbuild.github.io/rules_rust/crate_universe.html#repinning--updating-dependencies
# In the future, the hope is to move this handling of the dependencies entirely into the `codeql` repository,
# but that depends on `rules_rust` being fully compatible with bzlmod, which they aren't yet
# (c.f. https://github.com/bazelbuild/rules_rust/issues/2452).
# Warning: The process takes >5min on my M1 mac, so do wait for a while.
[dependencies]
anyhow = "1.0"
regex = "1"

View File

@@ -1,5 +1,5 @@
load("@ruby_deps//:defs.bzl", "aliases", "all_crate_deps")
load("@semmle_code//:common.bzl", "codeql_rust_binary")
load("//misc/bazel:rust.bzl", "codeql_rust_binary")
codeql_rust_binary(
name = "extractor",

View File

@@ -6,15 +6,6 @@ version = "0.1.0"
authors = ["GitHub"]
edition = "2021"
# When changing/updating these, the `cargo-bazel-lock.json` file has to be regenerated.
# Run `CARGO_BAZEL_REPIN=true CARGO_BAZEL_REPIN_ONLY=ruby_deps ./tools/bazel sync --only=ruby_deps`
# in the `semmle-code` repository to do so.
# For more information, check out the documentation at
# https://bazelbuild.github.io/rules_rust/crate_universe.html#repinning--updating-dependencies
# In the future, the hope is to move this handling of the dependencies entirely into the `codeql` repository,
# but that depends on `rules_rust` being fully compatible with bzlmod, which they aren't yet
# (c.f. https://github.com/bazelbuild/rules_rust/issues/2452).
# Warning: The process takes >5min on my M1 mac, so do wait for a while.
[dependencies]
tree-sitter = ">= 0.22.6"
tree-sitter-embedded-template = { git = "https://github.com/tree-sitter/tree-sitter-embedded-template.git", rev = "38d5004a797298dc42c85e7706c5ceac46a3f29f" }

File diff suppressed because it is too large Load Diff

View File

@@ -4,7 +4,6 @@
private import codeql.dataflow.DataFlow as DF
private import codeql.util.Location
private import DataFlowImpl
private import AccessPathSyntax as AccessPathSyntax
/**

View File

@@ -85,7 +85,6 @@ lib/codeql/swift/elements/expr/BridgeFromObjCExpr.qll b95f6d0cac24cf6c1f84cb904a
lib/codeql/swift/elements/expr/BridgeFromObjCExprConstructor.qll db5793d44c554bab954b7c2458f3ce148ddcfff07c77ca4e0267736fda932042 7261f6ca92d0adc4dbb04d06f7a42956646d782d250d626d3c57fdf1d9ed3d8b
lib/codeql/swift/elements/expr/BridgeToObjCExpr.qll 9bd4eee52d5f1c50cb509814dcb6d458097fb0e813c5450394eb328fc5c99e6f eed912e1f3c0a49c8f6fb449deddd062f347c89336fe69d50837d38a1747e1fa
lib/codeql/swift/elements/expr/BridgeToObjCExprConstructor.qll 41a089db366d7dbd84c16cda81acf4ccbd2040177ac728159b913c813ed1e5d2 59f5c03373e9dcb2f29a672d3c109437afdf69677a04c7396191ef29b090e34e
lib/codeql/swift/elements/expr/BuiltinLiteralExpr.qll f499b2cdca030f432b87b0a8298929482babf480e920b83172d6d9cbe665b34b 25c469d6fd814906b58378a078bb132d44c5e0843a6a5f06df5aeb5a5c32905c
lib/codeql/swift/elements/expr/CallExpr.qll 9be90299dd21aca291b03814fcd7cb62cccf3727b20050481c262e80b853fb0a a9fd826a55a366bdef15b98901ff3aa512e7a2c305a3471a7fdde267a7b54294
lib/codeql/swift/elements/expr/CallExprConstructor.qll 08051f7d7ea23a9e3a01257d8d7d5280c5ad5a8df714935d7f7ee5cdfd788464 3bcd28ba5272ab73a57f9fea470a7f2c2742974dce484953c3a97ec1e8501b17
lib/codeql/swift/elements/expr/CaptureListExprConstructor.qll d6ad6d73fca40b89935fc934ff133e57fa05cf946ed30f0d5cd4c0f6e276f47d 5a2ee131bd2aa497937334debc1d16d4ac6805f5262b3a3c4d8001dd1dd987dd
@@ -164,7 +163,6 @@ lib/codeql/swift/elements/expr/LinearFunctionExtractOriginalExpr.qll 42abd80e6d9
lib/codeql/swift/elements/expr/LinearFunctionExtractOriginalExprConstructor.qll 4d1fc7ebae7ab9596771085393ebd21a1e9d398b7c14792b27cb2b6410702d68 a5bfba96a697e4bd70c03a0dc8ef544d110d098a6826d40c89dc0bf84a513f86
lib/codeql/swift/elements/expr/LinearToDifferentiableFunctionExpr.qll a6118df273d66b35411011ebe41fab06f710432237daaaf6ba21047e4b119b67 5fe3b22ba730d3eca87d55dc22c80e67f2bfd9a991cdd6b59683b10663585a21
lib/codeql/swift/elements/expr/LinearToDifferentiableFunctionExprConstructor.qll 793764acc836d9e29b027d764ee68edf878ec02d6dbc1dba13f39f10ef837ed2 80bafa0b1aa45881ba3eda0c6d18301bafa39056add3a72e7fe9629b51b11322
lib/codeql/swift/elements/expr/LiteralExpr.qll 42b95b4f0a54fb3a6527922f4ac638e41346436fb6b2a0fda08e411d4dd1aaf2 fd6708244873a82d62e3c073fc1979987ace9cf87c45141984406c31216ea81c
lib/codeql/swift/elements/expr/LoadExpr.qll c67aecfdf75a969d15aec4ec8364c5c8be6574e9e99519c1498736f1cb954da6 734f4b4ca41748a998260dea5166afd6b5b14023b8e633fc76f5e404e684cc11
lib/codeql/swift/elements/expr/LoadExprConstructor.qll 56727367026e84469b8ee2e0b82906106a61eb89aedcaeac832dc7fca9e84a8a b5b05334e4c35236ca84e782baeaee62f7220cd546b1aae876efbffba8110661
lib/codeql/swift/elements/expr/LookupExpr.qll 7fb2fa23233abcd1f2cf4cdde60d6db13e31d41bf3f77cdbed6c2e46a2a0408b 553ce4073d2aaf13e92fac564bef631f77f11a79ec626d74182cf95e02ff9a55

2
swift/ql/.gitattributes generated vendored
View File

@@ -87,7 +87,6 @@
/lib/codeql/swift/elements/expr/BridgeFromObjCExprConstructor.qll linguist-generated
/lib/codeql/swift/elements/expr/BridgeToObjCExpr.qll linguist-generated
/lib/codeql/swift/elements/expr/BridgeToObjCExprConstructor.qll linguist-generated
/lib/codeql/swift/elements/expr/BuiltinLiteralExpr.qll linguist-generated
/lib/codeql/swift/elements/expr/CallExpr.qll linguist-generated
/lib/codeql/swift/elements/expr/CallExprConstructor.qll linguist-generated
/lib/codeql/swift/elements/expr/CaptureListExprConstructor.qll linguist-generated
@@ -166,7 +165,6 @@
/lib/codeql/swift/elements/expr/LinearFunctionExtractOriginalExprConstructor.qll linguist-generated
/lib/codeql/swift/elements/expr/LinearToDifferentiableFunctionExpr.qll linguist-generated
/lib/codeql/swift/elements/expr/LinearToDifferentiableFunctionExprConstructor.qll linguist-generated
/lib/codeql/swift/elements/expr/LiteralExpr.qll linguist-generated
/lib/codeql/swift/elements/expr/LoadExpr.qll linguist-generated
/lib/codeql/swift/elements/expr/LoadExprConstructor.qll linguist-generated
/lib/codeql/swift/elements/expr/LookupExpr.qll linguist-generated

View File

@@ -1,5 +1,13 @@
private import codeql.swift.generated.expr.BooleanLiteralExpr
/**
* A boolean literal. For example `true` in:
* ```
* let x = true
* ```
*/
class BooleanLiteralExpr extends Generated::BooleanLiteralExpr {
override string toString() { result = this.getValue().toString() }
override string getValueString() { result = this.getValue().toString() }
}

View File

@@ -1,8 +1,15 @@
// generated by codegen/codegen.py, remove this comment if you wish to edit this file
/**
* This module provides a hand-modifiable wrapper around the generated class `BuiltinLiteralExpr`.
*/
private import codeql.swift.generated.expr.BuiltinLiteralExpr
class BuiltinLiteralExpr extends Generated::BuiltinLiteralExpr { }
/**
* A Swift literal of a kind that is built in to the Swift language.
*/
class BuiltinLiteralExpr extends Generated::BuiltinLiteralExpr {
/**
* Gets the value of this literal expression (as a string).
*/
string getValueString() { none() }
}

View File

@@ -2,4 +2,6 @@ private import codeql.swift.generated.expr.FloatLiteralExpr
class FloatLiteralExpr extends Generated::FloatLiteralExpr {
override string toString() { result = this.getStringValue() }
override string getValueString() { result = this.getStringValue() }
}

View File

@@ -1,5 +1,13 @@
private import codeql.swift.generated.expr.IntegerLiteralExpr
/**
* An integer literal. For example `1` in:
* ```
* let x = 1
* ```
*/
class IntegerLiteralExpr extends Generated::IntegerLiteralExpr {
override string toString() { result = this.getStringValue() }
override string getValueString() { result = this.getStringValue() }
}

View File

@@ -1,8 +1,12 @@
// generated by codegen/codegen.py, remove this comment if you wish to edit this file
/**
* This module provides a hand-modifiable wrapper around the generated class `LiteralExpr`.
*/
private import codeql.swift.generated.expr.LiteralExpr
/**
* A Swift literal.
*
* This is the root class for all literals.
*/
class LiteralExpr extends Generated::LiteralExpr { }

View File

@@ -1,5 +1,13 @@
private import codeql.swift.generated.expr.MagicIdentifierLiteralExpr
/**
* An identifier literal that is expanded at compile time. For example `#file` in:
* ```
* let x = #file
* ```
*/
class MagicIdentifierLiteralExpr extends Generated::MagicIdentifierLiteralExpr {
override string toString() { result = "#..." }
override string getValueString() { none() } // TODO: value not yet extracted
}

View File

@@ -1,5 +1,13 @@
private import codeql.swift.generated.expr.StringLiteralExpr
/**
* A string literal. For example `"abc"` in:
* ```
* let x = "abc"
* ```
*/
class StringLiteralExpr extends Generated::StringLiteralExpr {
override string toString() { result = this.getValue() }
override string getValueString() { result = this.getValue() }
}

View File

@@ -33,6 +33,108 @@ edges
| file://:0:0:0:0 | value | test.swift:965:9:965:9 | newValue | provenance | |
| file://:0:0:0:0 | value [some:0] | file://:0:0:0:0 | [post] self [v2, some:0] | provenance | |
| file://:0:0:0:0 | value [some:0] | file://:0:0:0:0 | [post] self [x, some:0] | provenance | |
| test2.swift:5:14:5:66 | [...] [Collection element, Tuple element at index 1] | test2.swift:10:15:10:15 | d1 [Collection element, Tuple element at index 1] | provenance | |
| test2.swift:5:14:5:66 | [...] [Collection element, Tuple element at index 1] | test2.swift:11:15:11:15 | d1 [Collection element, Tuple element at index 1] | provenance | |
| test2.swift:5:14:5:66 | [...] [Collection element, Tuple element at index 1] | test2.swift:12:15:12:15 | d1 [Collection element, Tuple element at index 1] | provenance | |
| test2.swift:5:14:5:66 | [...] [Collection element, Tuple element at index 1] | test2.swift:14:15:14:15 | d1 [Collection element, Tuple element at index 1] | provenance | |
| test2.swift:5:14:5:66 | [...] [Collection element, Tuple element at index 1] | test2.swift:15:15:15:15 | d1 [Collection element, Tuple element at index 1] | provenance | |
| test2.swift:5:14:5:66 | [...] [Collection element, Tuple element at index 1] | test2.swift:16:15:16:15 | d1 [Collection element, Tuple element at index 1] | provenance | |
| test2.swift:5:14:5:66 | [...] [Collection element, Tuple element at index 1] | test2.swift:20:19:20:19 | d1 [Collection element, Tuple element at index 1] | provenance | |
| test2.swift:5:14:5:66 | [...] [Collection element, Tuple element at index 1] | test2.swift:25:25:25:25 | d1 [Collection element, Tuple element at index 1] | provenance | |
| test2.swift:5:44:5:65 | (...) [Tuple element at index 1] | test2.swift:5:14:5:66 | [...] [Collection element, Tuple element at index 1] | provenance | |
| test2.swift:5:49:5:65 | call to source(_:) | test2.swift:5:44:5:65 | (...) [Tuple element at index 1] | provenance | |
| test2.swift:10:15:10:15 | d1 [Collection element, Tuple element at index 1] | test2.swift:10:15:10:21 | DictionarySubscriptNode [Tuple element at index 1] | provenance | |
| test2.swift:10:15:10:21 | ...[...] | test2.swift:10:15:10:22 | ...! | provenance | |
| test2.swift:10:15:10:21 | DictionarySubscriptNode [Tuple element at index 1] | test2.swift:10:15:10:21 | ...[...] | provenance | |
| test2.swift:11:15:11:15 | d1 [Collection element, Tuple element at index 1] | test2.swift:11:15:11:21 | DictionarySubscriptNode [Tuple element at index 1] | provenance | |
| test2.swift:11:15:11:21 | ...[...] | test2.swift:11:15:11:22 | ...! | provenance | |
| test2.swift:11:15:11:21 | DictionarySubscriptNode [Tuple element at index 1] | test2.swift:11:15:11:21 | ...[...] | provenance | |
| test2.swift:12:15:12:15 | d1 [Collection element, Tuple element at index 1] | test2.swift:12:15:12:21 | DictionarySubscriptNode [Tuple element at index 1] | provenance | |
| test2.swift:12:15:12:21 | ...[...] | test2.swift:12:15:12:22 | ...! | provenance | |
| test2.swift:12:15:12:21 | DictionarySubscriptNode [Tuple element at index 1] | test2.swift:12:15:12:21 | ...[...] | provenance | |
| test2.swift:14:15:14:15 | d1 [Collection element, Tuple element at index 1] | test2.swift:14:15:14:22 | DictionarySubscriptNode [Tuple element at index 1] | provenance | |
| test2.swift:14:15:14:22 | ...[...] | test2.swift:14:15:14:23 | ...! | provenance | |
| test2.swift:14:15:14:22 | DictionarySubscriptNode [Tuple element at index 1] | test2.swift:14:15:14:22 | ...[...] | provenance | |
| test2.swift:15:15:15:15 | d1 [Collection element, Tuple element at index 1] | test2.swift:15:15:15:22 | DictionarySubscriptNode [Tuple element at index 1] | provenance | |
| test2.swift:15:15:15:22 | ...[...] | test2.swift:15:15:15:23 | ...! | provenance | |
| test2.swift:15:15:15:22 | DictionarySubscriptNode [Tuple element at index 1] | test2.swift:15:15:15:22 | ...[...] | provenance | |
| test2.swift:16:15:16:15 | d1 [Collection element, Tuple element at index 1] | test2.swift:16:15:16:22 | DictionarySubscriptNode [Tuple element at index 1] | provenance | |
| test2.swift:16:15:16:22 | ...[...] | test2.swift:16:15:16:23 | ...! | provenance | |
| test2.swift:16:15:16:22 | DictionarySubscriptNode [Tuple element at index 1] | test2.swift:16:15:16:22 | ...[...] | provenance | |
| test2.swift:20:19:20:19 | d1 [Collection element, Tuple element at index 1] | test2.swift:20:19:20:25 | DictionarySubscriptNode [Tuple element at index 1] | provenance | |
| test2.swift:20:19:20:25 | ...[...] | test2.swift:20:19:20:26 | ...! | provenance | |
| test2.swift:20:19:20:25 | DictionarySubscriptNode [Tuple element at index 1] | test2.swift:20:19:20:25 | ...[...] | provenance | |
| test2.swift:25:5:25:5 | $generator [Collection element, Tuple element at index 1] | test2.swift:25:5:25:5 | call to next() [some:0, Tuple element at index 1] | provenance | |
| test2.swift:25:5:25:5 | call to next() [some:0, Tuple element at index 1] | test2.swift:25:9:25:20 | (...) [Tuple element at index 1] | provenance | |
| test2.swift:25:9:25:20 | (...) [Tuple element at index 1] | test2.swift:25:15:25:15 | value | provenance | |
| test2.swift:25:15:25:15 | value | test2.swift:27:19:27:19 | value | provenance | |
| test2.swift:25:25:25:25 | call to makeIterator() [Collection element, Tuple element at index 1] | test2.swift:25:5:25:5 | $generator [Collection element, Tuple element at index 1] | provenance | |
| test2.swift:25:25:25:25 | d1 [Collection element, Tuple element at index 1] | test2.swift:25:25:25:25 | call to makeIterator() [Collection element, Tuple element at index 1] | provenance | |
| test2.swift:32:14:32:57 | [...] [Collection element, Tuple element at index 1] | test2.swift:34:15:34:15 | d2 [Collection element, Tuple element at index 1] | provenance | |
| test2.swift:32:14:32:57 | [...] [Collection element, Tuple element at index 1] | test2.swift:35:15:35:15 | d2 [Collection element, Tuple element at index 1] | provenance | |
| test2.swift:32:14:32:57 | [...] [Collection element, Tuple element at index 1] | test2.swift:36:15:36:15 | d2 [Collection element, Tuple element at index 1] | provenance | |
| test2.swift:32:14:32:57 | [...] [Collection element, Tuple element at index 1] | test2.swift:38:15:38:15 | d2 [Collection element, Tuple element at index 1] | provenance | |
| test2.swift:32:25:32:44 | (...) [Tuple element at index 1] | test2.swift:32:14:32:57 | [...] [Collection element, Tuple element at index 1] | provenance | |
| test2.swift:32:28:32:44 | call to source(_:) | test2.swift:32:25:32:44 | (...) [Tuple element at index 1] | provenance | |
| test2.swift:34:15:34:15 | d2 [Collection element, Tuple element at index 1] | test2.swift:34:15:34:19 | DictionarySubscriptNode [Tuple element at index 1] | provenance | |
| test2.swift:34:15:34:19 | ...[...] | test2.swift:34:15:34:20 | ...! | provenance | |
| test2.swift:34:15:34:19 | DictionarySubscriptNode [Tuple element at index 1] | test2.swift:34:15:34:19 | ...[...] | provenance | |
| test2.swift:35:15:35:15 | d2 [Collection element, Tuple element at index 1] | test2.swift:35:15:35:19 | DictionarySubscriptNode [Tuple element at index 1] | provenance | |
| test2.swift:35:15:35:19 | ...[...] | test2.swift:35:15:35:20 | ...! | provenance | |
| test2.swift:35:15:35:19 | DictionarySubscriptNode [Tuple element at index 1] | test2.swift:35:15:35:19 | ...[...] | provenance | |
| test2.swift:36:15:36:15 | d2 [Collection element, Tuple element at index 1] | test2.swift:36:15:36:19 | DictionarySubscriptNode [Tuple element at index 1] | provenance | |
| test2.swift:36:15:36:19 | ...[...] | test2.swift:36:15:36:20 | ...! | provenance | |
| test2.swift:36:15:36:19 | DictionarySubscriptNode [Tuple element at index 1] | test2.swift:36:15:36:19 | ...[...] | provenance | |
| test2.swift:38:15:38:15 | d2 [Collection element, Tuple element at index 1] | test2.swift:38:15:38:23 | DictionarySubscriptNode [Tuple element at index 1] | provenance | |
| test2.swift:38:15:38:23 | ...[...] | test2.swift:38:15:38:24 | ...! | provenance | |
| test2.swift:38:15:38:23 | DictionarySubscriptNode [Tuple element at index 1] | test2.swift:38:15:38:23 | ...[...] | provenance | |
| test2.swift:46:5:46:5 | [post] d3 [Collection element, Tuple element at index 1, some:0] | test2.swift:49:15:49:15 | d3 [Collection element, Tuple element at index 1, some:0] | provenance | |
| test2.swift:46:5:46:5 | [post] d3 [Collection element, Tuple element at index 1, some:0] | test2.swift:51:5:51:5 | d3 [Collection element, Tuple element at index 1, some:0] | provenance | |
| test2.swift:46:5:46:5 | [post] d3 [Collection element, Tuple element at index 1, some:0] | test2.swift:54:15:54:15 | d3 [Collection element, Tuple element at index 1, some:0] | provenance | |
| test2.swift:46:5:46:5 | [post] d3 [Collection element, Tuple element at index 1] | test2.swift:48:15:48:15 | d3 [Collection element, Tuple element at index 1] | provenance | |
| test2.swift:46:5:46:5 | [post] d3 [Collection element, Tuple element at index 1] | test2.swift:49:15:49:15 | d3 [Collection element, Tuple element at index 1] | provenance | |
| test2.swift:46:5:46:5 | [post] d3 [Collection element, Tuple element at index 1] | test2.swift:51:5:51:5 | d3 [Collection element, Tuple element at index 1] | provenance | |
| test2.swift:46:5:46:5 | [post] d3 [Collection element, Tuple element at index 1] | test2.swift:53:15:53:15 | d3 [Collection element, Tuple element at index 1] | provenance | |
| test2.swift:46:5:46:5 | [post] d3 [Collection element, Tuple element at index 1] | test2.swift:54:15:54:15 | d3 [Collection element, Tuple element at index 1] | provenance | |
| test2.swift:46:5:46:13 | DictionarySubscriptNode [Tuple element at index 1, some:0] | test2.swift:46:5:46:5 | [post] d3 [Collection element, Tuple element at index 1, some:0] | provenance | |
| test2.swift:46:5:46:13 | DictionarySubscriptNode [Tuple element at index 1] | test2.swift:46:5:46:5 | [post] d3 [Collection element, Tuple element at index 1] | provenance | |
| test2.swift:46:17:46:33 | call to source(_:) | test2.swift:46:5:46:13 | DictionarySubscriptNode [Tuple element at index 1] | provenance | |
| test2.swift:46:17:46:33 | call to source(_:) | test2.swift:46:17:46:33 | call to source(_:) [some:0] | provenance | |
| test2.swift:46:17:46:33 | call to source(_:) [some:0] | test2.swift:46:5:46:13 | DictionarySubscriptNode [Tuple element at index 1, some:0] | provenance | |
| test2.swift:48:15:48:15 | d3 [Collection element, Tuple element at index 1] | test2.swift:48:15:48:23 | DictionarySubscriptNode [Tuple element at index 1] | provenance | |
| test2.swift:48:15:48:23 | ...[...] | test2.swift:48:15:48:28 | ... ??(_:_:) ... | provenance | |
| test2.swift:48:15:48:23 | DictionarySubscriptNode [Tuple element at index 1] | test2.swift:48:15:48:23 | ...[...] | provenance | |
| test2.swift:49:15:49:15 | d3 [Collection element, Tuple element at index 1, some:0] | test2.swift:49:15:49:23 | DictionarySubscriptNode [Tuple element at index 1, some:0] | provenance | |
| test2.swift:49:15:49:15 | d3 [Collection element, Tuple element at index 1] | test2.swift:49:15:49:23 | DictionarySubscriptNode [Tuple element at index 1] | provenance | |
| test2.swift:49:15:49:23 | ...[...] | test2.swift:49:15:49:24 | ...! | provenance | |
| test2.swift:49:15:49:23 | ...[...] [some:0] | test2.swift:49:15:49:24 | ...! | provenance | |
| test2.swift:49:15:49:23 | DictionarySubscriptNode [Tuple element at index 1, some:0] | test2.swift:49:15:49:23 | ...[...] [some:0] | provenance | |
| test2.swift:49:15:49:23 | DictionarySubscriptNode [Tuple element at index 1] | test2.swift:49:15:49:23 | ...[...] | provenance | |
| test2.swift:51:5:51:5 | [post] d3 [Collection element, Tuple element at index 1, some:0] | test2.swift:54:15:54:15 | d3 [Collection element, Tuple element at index 1, some:0] | provenance | |
| test2.swift:51:5:51:5 | [post] d3 [Collection element, Tuple element at index 1] | test2.swift:53:15:53:15 | d3 [Collection element, Tuple element at index 1] | provenance | |
| test2.swift:51:5:51:5 | [post] d3 [Collection element, Tuple element at index 1] | test2.swift:54:15:54:15 | d3 [Collection element, Tuple element at index 1] | provenance | |
| test2.swift:51:5:51:5 | d3 [Collection element, Tuple element at index 1, some:0] | test2.swift:51:5:51:13 | DictionarySubscriptNode [Tuple element at index 1, some:0] | provenance | |
| test2.swift:51:5:51:5 | d3 [Collection element, Tuple element at index 1] | test2.swift:51:5:51:13 | DictionarySubscriptNode [Tuple element at index 1] | provenance | |
| test2.swift:51:5:51:13 | DictionarySubscriptNode [Tuple element at index 1, some:0] | test2.swift:51:5:51:5 | [post] d3 [Collection element, Tuple element at index 1, some:0] | provenance | |
| test2.swift:51:5:51:13 | DictionarySubscriptNode [Tuple element at index 1] | test2.swift:51:5:51:5 | [post] d3 [Collection element, Tuple element at index 1] | provenance | |
| test2.swift:53:15:53:15 | d3 [Collection element, Tuple element at index 1] | test2.swift:53:15:53:23 | DictionarySubscriptNode [Tuple element at index 1] | provenance | |
| test2.swift:53:15:53:23 | ...[...] | test2.swift:53:15:53:28 | ... ??(_:_:) ... | provenance | |
| test2.swift:53:15:53:23 | DictionarySubscriptNode [Tuple element at index 1] | test2.swift:53:15:53:23 | ...[...] | provenance | |
| test2.swift:54:15:54:15 | d3 [Collection element, Tuple element at index 1, some:0] | test2.swift:54:15:54:23 | DictionarySubscriptNode [Tuple element at index 1, some:0] | provenance | |
| test2.swift:54:15:54:15 | d3 [Collection element, Tuple element at index 1] | test2.swift:54:15:54:23 | DictionarySubscriptNode [Tuple element at index 1] | provenance | |
| test2.swift:54:15:54:23 | ...[...] | test2.swift:54:15:54:24 | ...! | provenance | |
| test2.swift:54:15:54:23 | ...[...] [some:0] | test2.swift:54:15:54:24 | ...! | provenance | |
| test2.swift:54:15:54:23 | DictionarySubscriptNode [Tuple element at index 1, some:0] | test2.swift:54:15:54:23 | ...[...] [some:0] | provenance | |
| test2.swift:54:15:54:23 | DictionarySubscriptNode [Tuple element at index 1] | test2.swift:54:15:54:23 | ...[...] | provenance | |
| test2.swift:60:5:60:5 | [post] d4 [Collection element, Tuple element at index 0] | test2.swift:69:25:69:25 | d4 [Collection element, Tuple element at index 0] | provenance | |
| test2.swift:60:5:60:25 | DictionarySubscriptNode [Tuple element at index 0] | test2.swift:60:5:60:5 | [post] d4 [Collection element, Tuple element at index 0] | provenance | |
| test2.swift:60:8:60:24 | call to source(_:) | test2.swift:60:5:60:25 | DictionarySubscriptNode [Tuple element at index 0] | provenance | |
| test2.swift:69:5:69:5 | $generator [Collection element, Tuple element at index 0] | test2.swift:69:5:69:5 | call to next() [some:0, Tuple element at index 0] | provenance | |
| test2.swift:69:5:69:5 | call to next() [some:0, Tuple element at index 0] | test2.swift:69:9:69:20 | (...) [Tuple element at index 0] | provenance | |
| test2.swift:69:9:69:20 | (...) [Tuple element at index 0] | test2.swift:69:10:69:10 | key | provenance | |
| test2.swift:69:10:69:10 | key | test2.swift:70:19:70:19 | key | provenance | |
| test2.swift:69:25:69:25 | call to makeIterator() [Collection element, Tuple element at index 0] | test2.swift:69:5:69:5 | $generator [Collection element, Tuple element at index 0] | provenance | |
| test2.swift:69:25:69:25 | d4 [Collection element, Tuple element at index 0] | test2.swift:69:25:69:25 | call to makeIterator() [Collection element, Tuple element at index 0] | provenance | |
| test.swift:6:19:6:26 | call to source() | test.swift:7:15:7:15 | t1 | provenance | |
| test.swift:6:19:6:26 | call to source() | test.swift:9:15:9:15 | t1 | provenance | |
| test.swift:6:19:6:26 | call to source() | test.swift:10:15:10:15 | t2 | provenance | |
@@ -687,6 +789,107 @@ nodes
| file://:0:0:0:0 | value | semmle.label | value |
| file://:0:0:0:0 | value [some:0] | semmle.label | value [some:0] |
| file://:0:0:0:0 | value [some:0] | semmle.label | value [some:0] |
| test2.swift:5:14:5:66 | [...] [Collection element, Tuple element at index 1] | semmle.label | [...] [Collection element, Tuple element at index 1] |
| test2.swift:5:44:5:65 | (...) [Tuple element at index 1] | semmle.label | (...) [Tuple element at index 1] |
| test2.swift:5:49:5:65 | call to source(_:) | semmle.label | call to source(_:) |
| test2.swift:10:15:10:15 | d1 [Collection element, Tuple element at index 1] | semmle.label | d1 [Collection element, Tuple element at index 1] |
| test2.swift:10:15:10:21 | ...[...] | semmle.label | ...[...] |
| test2.swift:10:15:10:21 | DictionarySubscriptNode [Tuple element at index 1] | semmle.label | DictionarySubscriptNode [Tuple element at index 1] |
| test2.swift:10:15:10:22 | ...! | semmle.label | ...! |
| test2.swift:11:15:11:15 | d1 [Collection element, Tuple element at index 1] | semmle.label | d1 [Collection element, Tuple element at index 1] |
| test2.swift:11:15:11:21 | ...[...] | semmle.label | ...[...] |
| test2.swift:11:15:11:21 | DictionarySubscriptNode [Tuple element at index 1] | semmle.label | DictionarySubscriptNode [Tuple element at index 1] |
| test2.swift:11:15:11:22 | ...! | semmle.label | ...! |
| test2.swift:12:15:12:15 | d1 [Collection element, Tuple element at index 1] | semmle.label | d1 [Collection element, Tuple element at index 1] |
| test2.swift:12:15:12:21 | ...[...] | semmle.label | ...[...] |
| test2.swift:12:15:12:21 | DictionarySubscriptNode [Tuple element at index 1] | semmle.label | DictionarySubscriptNode [Tuple element at index 1] |
| test2.swift:12:15:12:22 | ...! | semmle.label | ...! |
| test2.swift:14:15:14:15 | d1 [Collection element, Tuple element at index 1] | semmle.label | d1 [Collection element, Tuple element at index 1] |
| test2.swift:14:15:14:22 | ...[...] | semmle.label | ...[...] |
| test2.swift:14:15:14:22 | DictionarySubscriptNode [Tuple element at index 1] | semmle.label | DictionarySubscriptNode [Tuple element at index 1] |
| test2.swift:14:15:14:23 | ...! | semmle.label | ...! |
| test2.swift:15:15:15:15 | d1 [Collection element, Tuple element at index 1] | semmle.label | d1 [Collection element, Tuple element at index 1] |
| test2.swift:15:15:15:22 | ...[...] | semmle.label | ...[...] |
| test2.swift:15:15:15:22 | DictionarySubscriptNode [Tuple element at index 1] | semmle.label | DictionarySubscriptNode [Tuple element at index 1] |
| test2.swift:15:15:15:23 | ...! | semmle.label | ...! |
| test2.swift:16:15:16:15 | d1 [Collection element, Tuple element at index 1] | semmle.label | d1 [Collection element, Tuple element at index 1] |
| test2.swift:16:15:16:22 | ...[...] | semmle.label | ...[...] |
| test2.swift:16:15:16:22 | DictionarySubscriptNode [Tuple element at index 1] | semmle.label | DictionarySubscriptNode [Tuple element at index 1] |
| test2.swift:16:15:16:23 | ...! | semmle.label | ...! |
| test2.swift:20:19:20:19 | d1 [Collection element, Tuple element at index 1] | semmle.label | d1 [Collection element, Tuple element at index 1] |
| test2.swift:20:19:20:25 | ...[...] | semmle.label | ...[...] |
| test2.swift:20:19:20:25 | DictionarySubscriptNode [Tuple element at index 1] | semmle.label | DictionarySubscriptNode [Tuple element at index 1] |
| test2.swift:20:19:20:26 | ...! | semmle.label | ...! |
| test2.swift:25:5:25:5 | $generator [Collection element, Tuple element at index 1] | semmle.label | $generator [Collection element, Tuple element at index 1] |
| test2.swift:25:5:25:5 | call to next() [some:0, Tuple element at index 1] | semmle.label | call to next() [some:0, Tuple element at index 1] |
| test2.swift:25:9:25:20 | (...) [Tuple element at index 1] | semmle.label | (...) [Tuple element at index 1] |
| test2.swift:25:15:25:15 | value | semmle.label | value |
| test2.swift:25:25:25:25 | call to makeIterator() [Collection element, Tuple element at index 1] | semmle.label | call to makeIterator() [Collection element, Tuple element at index 1] |
| test2.swift:25:25:25:25 | d1 [Collection element, Tuple element at index 1] | semmle.label | d1 [Collection element, Tuple element at index 1] |
| test2.swift:27:19:27:19 | value | semmle.label | value |
| test2.swift:32:14:32:57 | [...] [Collection element, Tuple element at index 1] | semmle.label | [...] [Collection element, Tuple element at index 1] |
| test2.swift:32:25:32:44 | (...) [Tuple element at index 1] | semmle.label | (...) [Tuple element at index 1] |
| test2.swift:32:28:32:44 | call to source(_:) | semmle.label | call to source(_:) |
| test2.swift:34:15:34:15 | d2 [Collection element, Tuple element at index 1] | semmle.label | d2 [Collection element, Tuple element at index 1] |
| test2.swift:34:15:34:19 | ...[...] | semmle.label | ...[...] |
| test2.swift:34:15:34:19 | DictionarySubscriptNode [Tuple element at index 1] | semmle.label | DictionarySubscriptNode [Tuple element at index 1] |
| test2.swift:34:15:34:20 | ...! | semmle.label | ...! |
| test2.swift:35:15:35:15 | d2 [Collection element, Tuple element at index 1] | semmle.label | d2 [Collection element, Tuple element at index 1] |
| test2.swift:35:15:35:19 | ...[...] | semmle.label | ...[...] |
| test2.swift:35:15:35:19 | DictionarySubscriptNode [Tuple element at index 1] | semmle.label | DictionarySubscriptNode [Tuple element at index 1] |
| test2.swift:35:15:35:20 | ...! | semmle.label | ...! |
| test2.swift:36:15:36:15 | d2 [Collection element, Tuple element at index 1] | semmle.label | d2 [Collection element, Tuple element at index 1] |
| test2.swift:36:15:36:19 | ...[...] | semmle.label | ...[...] |
| test2.swift:36:15:36:19 | DictionarySubscriptNode [Tuple element at index 1] | semmle.label | DictionarySubscriptNode [Tuple element at index 1] |
| test2.swift:36:15:36:20 | ...! | semmle.label | ...! |
| test2.swift:38:15:38:15 | d2 [Collection element, Tuple element at index 1] | semmle.label | d2 [Collection element, Tuple element at index 1] |
| test2.swift:38:15:38:23 | ...[...] | semmle.label | ...[...] |
| test2.swift:38:15:38:23 | DictionarySubscriptNode [Tuple element at index 1] | semmle.label | DictionarySubscriptNode [Tuple element at index 1] |
| test2.swift:38:15:38:24 | ...! | semmle.label | ...! |
| test2.swift:46:5:46:5 | [post] d3 [Collection element, Tuple element at index 1, some:0] | semmle.label | [post] d3 [Collection element, Tuple element at index 1, some:0] |
| test2.swift:46:5:46:5 | [post] d3 [Collection element, Tuple element at index 1] | semmle.label | [post] d3 [Collection element, Tuple element at index 1] |
| test2.swift:46:5:46:13 | DictionarySubscriptNode [Tuple element at index 1, some:0] | semmle.label | DictionarySubscriptNode [Tuple element at index 1, some:0] |
| test2.swift:46:5:46:13 | DictionarySubscriptNode [Tuple element at index 1] | semmle.label | DictionarySubscriptNode [Tuple element at index 1] |
| test2.swift:46:17:46:33 | call to source(_:) | semmle.label | call to source(_:) |
| test2.swift:46:17:46:33 | call to source(_:) [some:0] | semmle.label | call to source(_:) [some:0] |
| test2.swift:48:15:48:15 | d3 [Collection element, Tuple element at index 1] | semmle.label | d3 [Collection element, Tuple element at index 1] |
| test2.swift:48:15:48:23 | ...[...] | semmle.label | ...[...] |
| test2.swift:48:15:48:23 | DictionarySubscriptNode [Tuple element at index 1] | semmle.label | DictionarySubscriptNode [Tuple element at index 1] |
| test2.swift:48:15:48:28 | ... ??(_:_:) ... | semmle.label | ... ??(_:_:) ... |
| test2.swift:49:15:49:15 | d3 [Collection element, Tuple element at index 1, some:0] | semmle.label | d3 [Collection element, Tuple element at index 1, some:0] |
| test2.swift:49:15:49:15 | d3 [Collection element, Tuple element at index 1] | semmle.label | d3 [Collection element, Tuple element at index 1] |
| test2.swift:49:15:49:23 | ...[...] | semmle.label | ...[...] |
| test2.swift:49:15:49:23 | ...[...] [some:0] | semmle.label | ...[...] [some:0] |
| test2.swift:49:15:49:23 | DictionarySubscriptNode [Tuple element at index 1, some:0] | semmle.label | DictionarySubscriptNode [Tuple element at index 1, some:0] |
| test2.swift:49:15:49:23 | DictionarySubscriptNode [Tuple element at index 1] | semmle.label | DictionarySubscriptNode [Tuple element at index 1] |
| test2.swift:49:15:49:24 | ...! | semmle.label | ...! |
| test2.swift:51:5:51:5 | [post] d3 [Collection element, Tuple element at index 1, some:0] | semmle.label | [post] d3 [Collection element, Tuple element at index 1, some:0] |
| test2.swift:51:5:51:5 | [post] d3 [Collection element, Tuple element at index 1] | semmle.label | [post] d3 [Collection element, Tuple element at index 1] |
| test2.swift:51:5:51:5 | d3 [Collection element, Tuple element at index 1, some:0] | semmle.label | d3 [Collection element, Tuple element at index 1, some:0] |
| test2.swift:51:5:51:5 | d3 [Collection element, Tuple element at index 1] | semmle.label | d3 [Collection element, Tuple element at index 1] |
| test2.swift:51:5:51:13 | DictionarySubscriptNode [Tuple element at index 1, some:0] | semmle.label | DictionarySubscriptNode [Tuple element at index 1, some:0] |
| test2.swift:51:5:51:13 | DictionarySubscriptNode [Tuple element at index 1] | semmle.label | DictionarySubscriptNode [Tuple element at index 1] |
| test2.swift:53:15:53:15 | d3 [Collection element, Tuple element at index 1] | semmle.label | d3 [Collection element, Tuple element at index 1] |
| test2.swift:53:15:53:23 | ...[...] | semmle.label | ...[...] |
| test2.swift:53:15:53:23 | DictionarySubscriptNode [Tuple element at index 1] | semmle.label | DictionarySubscriptNode [Tuple element at index 1] |
| test2.swift:53:15:53:28 | ... ??(_:_:) ... | semmle.label | ... ??(_:_:) ... |
| test2.swift:54:15:54:15 | d3 [Collection element, Tuple element at index 1, some:0] | semmle.label | d3 [Collection element, Tuple element at index 1, some:0] |
| test2.swift:54:15:54:15 | d3 [Collection element, Tuple element at index 1] | semmle.label | d3 [Collection element, Tuple element at index 1] |
| test2.swift:54:15:54:23 | ...[...] | semmle.label | ...[...] |
| test2.swift:54:15:54:23 | ...[...] [some:0] | semmle.label | ...[...] [some:0] |
| test2.swift:54:15:54:23 | DictionarySubscriptNode [Tuple element at index 1, some:0] | semmle.label | DictionarySubscriptNode [Tuple element at index 1, some:0] |
| test2.swift:54:15:54:23 | DictionarySubscriptNode [Tuple element at index 1] | semmle.label | DictionarySubscriptNode [Tuple element at index 1] |
| test2.swift:54:15:54:24 | ...! | semmle.label | ...! |
| test2.swift:60:5:60:5 | [post] d4 [Collection element, Tuple element at index 0] | semmle.label | [post] d4 [Collection element, Tuple element at index 0] |
| test2.swift:60:5:60:25 | DictionarySubscriptNode [Tuple element at index 0] | semmle.label | DictionarySubscriptNode [Tuple element at index 0] |
| test2.swift:60:8:60:24 | call to source(_:) | semmle.label | call to source(_:) |
| test2.swift:69:5:69:5 | $generator [Collection element, Tuple element at index 0] | semmle.label | $generator [Collection element, Tuple element at index 0] |
| test2.swift:69:5:69:5 | call to next() [some:0, Tuple element at index 0] | semmle.label | call to next() [some:0, Tuple element at index 0] |
| test2.swift:69:9:69:20 | (...) [Tuple element at index 0] | semmle.label | (...) [Tuple element at index 0] |
| test2.swift:69:10:69:10 | key | semmle.label | key |
| test2.swift:69:25:69:25 | call to makeIterator() [Collection element, Tuple element at index 0] | semmle.label | call to makeIterator() [Collection element, Tuple element at index 0] |
| test2.swift:69:25:69:25 | d4 [Collection element, Tuple element at index 0] | semmle.label | d4 [Collection element, Tuple element at index 0] |
| test2.swift:70:19:70:19 | key | semmle.label | key |
| test.swift:6:19:6:26 | call to source() | semmle.label | call to source() |
| test.swift:7:15:7:15 | t1 | semmle.label | t1 |
| test.swift:9:15:9:15 | t1 | semmle.label | t1 |
@@ -1407,6 +1610,23 @@ subpaths
| test.swift:841:13:841:16 | .s [x] | test.swift:615:7:615:7 | self [x] | file://:0:0:0:0 | .x | test.swift:841:13:841:18 | .x |
| test.swift:867:15:867:15 | args [Collection element] | test.swift:866:21:866:29 | enter #keyPath(...) [Collection element] | test.swift:866:21:866:29 | exit #keyPath(...) | test.swift:867:15:867:38 | \\...[...] |
#select
| test2.swift:10:15:10:22 | ...! | test2.swift:5:49:5:65 | call to source(_:) | test2.swift:10:15:10:22 | ...! | result |
| test2.swift:11:15:11:22 | ...! | test2.swift:5:49:5:65 | call to source(_:) | test2.swift:11:15:11:22 | ...! | result |
| test2.swift:12:15:12:22 | ...! | test2.swift:5:49:5:65 | call to source(_:) | test2.swift:12:15:12:22 | ...! | result |
| test2.swift:14:15:14:23 | ...! | test2.swift:5:49:5:65 | call to source(_:) | test2.swift:14:15:14:23 | ...! | result |
| test2.swift:15:15:15:23 | ...! | test2.swift:5:49:5:65 | call to source(_:) | test2.swift:15:15:15:23 | ...! | result |
| test2.swift:16:15:16:23 | ...! | test2.swift:5:49:5:65 | call to source(_:) | test2.swift:16:15:16:23 | ...! | result |
| test2.swift:20:19:20:26 | ...! | test2.swift:5:49:5:65 | call to source(_:) | test2.swift:20:19:20:26 | ...! | result |
| test2.swift:27:19:27:19 | value | test2.swift:5:49:5:65 | call to source(_:) | test2.swift:27:19:27:19 | value | result |
| test2.swift:34:15:34:20 | ...! | test2.swift:32:28:32:44 | call to source(_:) | test2.swift:34:15:34:20 | ...! | result |
| test2.swift:35:15:35:20 | ...! | test2.swift:32:28:32:44 | call to source(_:) | test2.swift:35:15:35:20 | ...! | result |
| test2.swift:36:15:36:20 | ...! | test2.swift:32:28:32:44 | call to source(_:) | test2.swift:36:15:36:20 | ...! | result |
| test2.swift:38:15:38:24 | ...! | test2.swift:32:28:32:44 | call to source(_:) | test2.swift:38:15:38:24 | ...! | result |
| test2.swift:48:15:48:28 | ... ??(_:_:) ... | test2.swift:46:17:46:33 | call to source(_:) | test2.swift:48:15:48:28 | ... ??(_:_:) ... | result |
| test2.swift:49:15:49:24 | ...! | test2.swift:46:17:46:33 | call to source(_:) | test2.swift:49:15:49:24 | ...! | result |
| test2.swift:53:15:53:28 | ... ??(_:_:) ... | test2.swift:46:17:46:33 | call to source(_:) | test2.swift:53:15:53:28 | ... ??(_:_:) ... | result |
| test2.swift:54:15:54:24 | ...! | test2.swift:46:17:46:33 | call to source(_:) | test2.swift:54:15:54:24 | ...! | result |
| test2.swift:70:19:70:19 | key | test2.swift:60:8:60:24 | call to source(_:) | test2.swift:70:19:70:19 | key | result |
| test.swift:7:15:7:15 | t1 | test.swift:6:19:6:26 | call to source() | test.swift:7:15:7:15 | t1 | result |
| test.swift:9:15:9:15 | t1 | test.swift:6:19:6:26 | call to source() | test.swift:9:15:9:15 | t1 | result |
| test.swift:10:15:10:15 | t2 | test.swift:6:19:6:26 | call to source() | test.swift:10:15:10:15 | t2 | result |

View File

@@ -1,3 +1,166 @@
| test2.swift:5:9:5:9 | SSA def(d1) | test2.swift:10:15:10:15 | d1 |
| test2.swift:5:9:5:9 | d1 | test2.swift:5:9:5:9 | SSA def(d1) |
| test2.swift:5:14:5:66 | [...] | test2.swift:5:9:5:9 | d1 |
| test2.swift:6:9:6:9 | SSA def(strA) | test2.swift:14:18:14:18 | strA |
| test2.swift:6:9:6:9 | strA | test2.swift:6:9:6:9 | SSA def(strA) |
| test2.swift:6:16:6:16 | a | test2.swift:6:9:6:9 | strA |
| test2.swift:7:9:7:9 | SSA def(strB) | test2.swift:15:18:15:18 | strB |
| test2.swift:7:9:7:9 | strB | test2.swift:7:9:7:9 | SSA def(strB) |
| test2.swift:7:16:7:16 | b | test2.swift:7:9:7:9 | strB |
| test2.swift:8:9:8:9 | SSA def(strC) | test2.swift:16:18:16:18 | strC |
| test2.swift:8:9:8:9 | strC | test2.swift:8:9:8:9 | SSA def(strC) |
| test2.swift:8:16:8:16 | c | test2.swift:8:9:8:9 | strC |
| test2.swift:10:15:10:15 | [post] d1 | test2.swift:11:15:11:15 | d1 |
| test2.swift:10:15:10:15 | d1 | test2.swift:11:15:11:15 | d1 |
| test2.swift:10:15:10:21 | ...[...] | test2.swift:10:15:10:22 | ...! |
| test2.swift:11:15:11:15 | [post] d1 | test2.swift:12:15:12:15 | d1 |
| test2.swift:11:15:11:15 | d1 | test2.swift:12:15:12:15 | d1 |
| test2.swift:11:15:11:21 | ...[...] | test2.swift:11:15:11:22 | ...! |
| test2.swift:12:15:12:15 | [post] d1 | test2.swift:14:15:14:15 | d1 |
| test2.swift:12:15:12:15 | d1 | test2.swift:14:15:14:15 | d1 |
| test2.swift:12:15:12:21 | ...[...] | test2.swift:12:15:12:22 | ...! |
| test2.swift:14:15:14:15 | [post] d1 | test2.swift:15:15:15:15 | d1 |
| test2.swift:14:15:14:15 | d1 | test2.swift:15:15:15:15 | d1 |
| test2.swift:14:15:14:22 | ...[...] | test2.swift:14:15:14:23 | ...! |
| test2.swift:15:15:15:15 | [post] d1 | test2.swift:16:15:16:15 | d1 |
| test2.swift:15:15:15:15 | d1 | test2.swift:16:15:16:15 | d1 |
| test2.swift:15:15:15:22 | ...[...] | test2.swift:15:15:15:23 | ...! |
| test2.swift:16:15:16:15 | [post] d1 | test2.swift:18:16:18:16 | d1 |
| test2.swift:16:15:16:15 | d1 | test2.swift:18:16:18:16 | d1 |
| test2.swift:16:15:16:22 | ...[...] | test2.swift:16:15:16:23 | ...! |
| test2.swift:18:5:18:5 | $key$generator | test2.swift:18:5:18:5 | &... |
| test2.swift:18:5:18:5 | &... | test2.swift:18:5:18:5 | $key$generator |
| test2.swift:18:5:18:5 | [post] $key$generator | test2.swift:18:5:18:5 | &... |
| test2.swift:18:9:18:9 | SSA def(key) | test2.swift:19:19:19:19 | key |
| test2.swift:18:9:18:9 | key | test2.swift:18:9:18:9 | SSA def(key) |
| test2.swift:18:16:18:16 | $key$generator | test2.swift:18:16:18:16 | SSA def($key$generator) |
| test2.swift:18:16:18:16 | SSA def($key$generator) | test2.swift:18:5:18:5 | $key$generator |
| test2.swift:18:16:18:16 | [post] d1 | test2.swift:20:19:20:19 | d1 |
| test2.swift:18:16:18:16 | [post] d1 | test2.swift:22:18:22:18 | d1 |
| test2.swift:18:16:18:16 | d1 | test2.swift:20:19:20:19 | d1 |
| test2.swift:18:16:18:16 | d1 | test2.swift:22:18:22:18 | d1 |
| test2.swift:18:16:18:19 | call to makeIterator() | test2.swift:18:16:18:16 | $key$generator |
| test2.swift:19:19:19:19 | [post] key | test2.swift:20:22:20:22 | key |
| test2.swift:19:19:19:19 | key | test2.swift:20:22:20:22 | key |
| test2.swift:20:19:20:19 | [post] d1 | test2.swift:20:19:20:19 | d1 |
| test2.swift:20:19:20:19 | [post] d1 | test2.swift:22:18:22:18 | d1 |
| test2.swift:20:19:20:19 | d1 | test2.swift:20:19:20:19 | d1 |
| test2.swift:20:19:20:19 | d1 | test2.swift:22:18:22:18 | d1 |
| test2.swift:20:19:20:25 | ...[...] | test2.swift:20:19:20:26 | ...! |
| test2.swift:22:5:22:5 | $value$generator | test2.swift:22:5:22:5 | &... |
| test2.swift:22:5:22:5 | &... | test2.swift:22:5:22:5 | $value$generator |
| test2.swift:22:5:22:5 | [post] $value$generator | test2.swift:22:5:22:5 | &... |
| test2.swift:22:9:22:9 | SSA def(value) | test2.swift:23:19:23:19 | value |
| test2.swift:22:9:22:9 | value | test2.swift:22:9:22:9 | SSA def(value) |
| test2.swift:22:18:22:18 | $value$generator | test2.swift:22:18:22:18 | SSA def($value$generator) |
| test2.swift:22:18:22:18 | SSA def($value$generator) | test2.swift:22:5:22:5 | $value$generator |
| test2.swift:22:18:22:18 | [post] d1 | test2.swift:25:25:25:25 | d1 |
| test2.swift:22:18:22:18 | d1 | test2.swift:25:25:25:25 | d1 |
| test2.swift:22:18:22:21 | call to makeIterator() | test2.swift:22:18:22:18 | $value$generator |
| test2.swift:25:5:25:5 | $generator | test2.swift:25:5:25:5 | &... |
| test2.swift:25:5:25:5 | &... | test2.swift:25:5:25:5 | $generator |
| test2.swift:25:5:25:5 | [post] $generator | test2.swift:25:5:25:5 | &... |
| test2.swift:25:10:25:10 | SSA def(key) | test2.swift:26:19:26:19 | key |
| test2.swift:25:10:25:10 | key | test2.swift:25:10:25:10 | SSA def(key) |
| test2.swift:25:15:25:15 | SSA def(value) | test2.swift:27:19:27:19 | value |
| test2.swift:25:15:25:15 | value | test2.swift:25:15:25:15 | SSA def(value) |
| test2.swift:25:25:25:25 | $generator | test2.swift:25:25:25:25 | SSA def($generator) |
| test2.swift:25:25:25:25 | SSA def($generator) | test2.swift:25:5:25:5 | $generator |
| test2.swift:25:25:25:25 | call to makeIterator() | test2.swift:25:25:25:25 | $generator |
| test2.swift:32:9:32:9 | SSA def(d2) | test2.swift:34:15:34:15 | d2 |
| test2.swift:32:9:32:9 | d2 | test2.swift:32:9:32:9 | SSA def(d2) |
| test2.swift:32:14:32:57 | [...] | test2.swift:32:9:32:9 | d2 |
| test2.swift:34:15:34:15 | [post] d2 | test2.swift:35:15:35:15 | d2 |
| test2.swift:34:15:34:15 | d2 | test2.swift:35:15:35:15 | d2 |
| test2.swift:34:15:34:19 | ...[...] | test2.swift:34:15:34:20 | ...! |
| test2.swift:35:15:35:15 | [post] d2 | test2.swift:36:15:36:15 | d2 |
| test2.swift:35:15:35:15 | d2 | test2.swift:36:15:36:15 | d2 |
| test2.swift:35:15:35:19 | ...[...] | test2.swift:35:15:35:20 | ...! |
| test2.swift:36:15:36:15 | [post] d2 | test2.swift:38:15:38:15 | d2 |
| test2.swift:36:15:36:15 | d2 | test2.swift:38:15:38:15 | d2 |
| test2.swift:36:15:36:19 | ...[...] | test2.swift:36:15:36:20 | ...! |
| test2.swift:38:15:38:23 | ...[...] | test2.swift:38:15:38:24 | ...! |
| test2.swift:42:9:42:9 | SSA def(d3) | test2.swift:44:15:44:15 | d3 |
| test2.swift:42:9:42:9 | d3 | test2.swift:42:9:42:9 | SSA def(d3) |
| test2.swift:42:9:42:28 | ... as ... | test2.swift:42:9:42:9 | d3 |
| test2.swift:42:32:42:34 | [...] | test2.swift:42:9:42:28 | ... as ... |
| test2.swift:44:15:44:15 | &... | test2.swift:46:5:46:5 | d3 |
| test2.swift:44:15:44:15 | [post] d3 | test2.swift:44:15:44:15 | &... |
| test2.swift:44:15:44:15 | d3 | test2.swift:44:15:44:15 | &... |
| test2.swift:44:15:44:23 | ...[...] | test2.swift:44:15:44:28 | ... ??(_:_:) ... |
| test2.swift:44:28:44:28 | default | test2.swift:44:15:44:28 | ... ??(_:_:) ... |
| test2.swift:44:28:44:28 | { ... } | test2.swift:44:15:44:28 | ... ??(_:_:) ... |
| test2.swift:46:5:46:5 | &... | test2.swift:48:15:48:15 | d3 |
| test2.swift:46:5:46:5 | [post] d3 | test2.swift:46:5:46:5 | &... |
| test2.swift:46:5:46:5 | d3 | test2.swift:46:5:46:5 | &... |
| test2.swift:48:15:48:15 | &... | test2.swift:49:15:49:15 | d3 |
| test2.swift:48:15:48:15 | [post] d3 | test2.swift:48:15:48:15 | &... |
| test2.swift:48:15:48:15 | d3 | test2.swift:48:15:48:15 | &... |
| test2.swift:48:15:48:23 | ...[...] | test2.swift:48:15:48:28 | ... ??(_:_:) ... |
| test2.swift:48:28:48:28 | default | test2.swift:48:15:48:28 | ... ??(_:_:) ... |
| test2.swift:48:28:48:28 | { ... } | test2.swift:48:15:48:28 | ... ??(_:_:) ... |
| test2.swift:49:15:49:15 | &... | test2.swift:51:5:51:5 | d3 |
| test2.swift:49:15:49:15 | [post] d3 | test2.swift:49:15:49:15 | &... |
| test2.swift:49:15:49:15 | d3 | test2.swift:49:15:49:15 | &... |
| test2.swift:49:15:49:23 | ...[...] | test2.swift:49:15:49:24 | ...! |
| test2.swift:51:5:51:5 | &... | test2.swift:53:15:53:15 | d3 |
| test2.swift:51:5:51:5 | [post] d3 | test2.swift:51:5:51:5 | &... |
| test2.swift:51:5:51:5 | d3 | test2.swift:51:5:51:5 | &... |
| test2.swift:53:15:53:15 | &... | test2.swift:54:15:54:15 | d3 |
| test2.swift:53:15:53:15 | [post] d3 | test2.swift:53:15:53:15 | &... |
| test2.swift:53:15:53:15 | d3 | test2.swift:53:15:53:15 | &... |
| test2.swift:53:15:53:23 | ...[...] | test2.swift:53:15:53:28 | ... ??(_:_:) ... |
| test2.swift:53:28:53:28 | default | test2.swift:53:15:53:28 | ... ??(_:_:) ... |
| test2.swift:53:28:53:28 | { ... } | test2.swift:53:15:53:28 | ... ??(_:_:) ... |
| test2.swift:54:15:54:15 | [post] d3 | test2.swift:54:15:54:15 | &... |
| test2.swift:54:15:54:15 | d3 | test2.swift:54:15:54:15 | &... |
| test2.swift:54:15:54:23 | ...[...] | test2.swift:54:15:54:24 | ...! |
| test2.swift:58:9:58:9 | SSA def(d4) | test2.swift:60:5:60:5 | d4 |
| test2.swift:58:9:58:9 | d4 | test2.swift:58:9:58:9 | SSA def(d4) |
| test2.swift:58:9:58:28 | ... as ... | test2.swift:58:9:58:9 | d4 |
| test2.swift:58:32:58:34 | [...] | test2.swift:58:9:58:28 | ... as ... |
| test2.swift:60:5:60:5 | &... | test2.swift:62:16:62:16 | d4 |
| test2.swift:60:5:60:5 | [post] d4 | test2.swift:60:5:60:5 | &... |
| test2.swift:60:5:60:5 | d4 | test2.swift:60:5:60:5 | &... |
| test2.swift:62:5:62:5 | $key$generator | test2.swift:62:5:62:5 | &... |
| test2.swift:62:5:62:5 | &... | test2.swift:62:5:62:5 | $key$generator |
| test2.swift:62:5:62:5 | [post] $key$generator | test2.swift:62:5:62:5 | &... |
| test2.swift:62:9:62:9 | SSA def(key) | test2.swift:63:19:63:19 | key |
| test2.swift:62:9:62:9 | key | test2.swift:62:9:62:9 | SSA def(key) |
| test2.swift:62:16:62:16 | $key$generator | test2.swift:62:16:62:16 | SSA def($key$generator) |
| test2.swift:62:16:62:16 | SSA def($key$generator) | test2.swift:62:5:62:5 | $key$generator |
| test2.swift:62:16:62:16 | [post] d4 | test2.swift:64:19:64:19 | d4 |
| test2.swift:62:16:62:16 | [post] d4 | test2.swift:66:18:66:18 | d4 |
| test2.swift:62:16:62:16 | d4 | test2.swift:64:19:64:19 | d4 |
| test2.swift:62:16:62:16 | d4 | test2.swift:66:18:66:18 | d4 |
| test2.swift:62:16:62:19 | call to makeIterator() | test2.swift:62:16:62:16 | $key$generator |
| test2.swift:63:19:63:19 | [post] key | test2.swift:64:22:64:22 | key |
| test2.swift:63:19:63:19 | key | test2.swift:64:22:64:22 | key |
| test2.swift:64:19:64:19 | &... | test2.swift:64:19:64:19 | d4 |
| test2.swift:64:19:64:19 | &... | test2.swift:66:18:66:18 | d4 |
| test2.swift:64:19:64:19 | [post] d4 | test2.swift:64:19:64:19 | &... |
| test2.swift:64:19:64:19 | d4 | test2.swift:64:19:64:19 | &... |
| test2.swift:64:19:64:25 | ...[...] | test2.swift:64:19:64:26 | ...! |
| test2.swift:66:5:66:5 | $value$generator | test2.swift:66:5:66:5 | &... |
| test2.swift:66:5:66:5 | &... | test2.swift:66:5:66:5 | $value$generator |
| test2.swift:66:5:66:5 | [post] $value$generator | test2.swift:66:5:66:5 | &... |
| test2.swift:66:9:66:9 | SSA def(value) | test2.swift:67:19:67:19 | value |
| test2.swift:66:9:66:9 | value | test2.swift:66:9:66:9 | SSA def(value) |
| test2.swift:66:18:66:18 | $value$generator | test2.swift:66:18:66:18 | SSA def($value$generator) |
| test2.swift:66:18:66:18 | SSA def($value$generator) | test2.swift:66:5:66:5 | $value$generator |
| test2.swift:66:18:66:18 | [post] d4 | test2.swift:69:25:69:25 | d4 |
| test2.swift:66:18:66:18 | d4 | test2.swift:69:25:69:25 | d4 |
| test2.swift:66:18:66:21 | call to makeIterator() | test2.swift:66:18:66:18 | $value$generator |
| test2.swift:69:5:69:5 | $generator | test2.swift:69:5:69:5 | &... |
| test2.swift:69:5:69:5 | &... | test2.swift:69:5:69:5 | $generator |
| test2.swift:69:5:69:5 | [post] $generator | test2.swift:69:5:69:5 | &... |
| test2.swift:69:10:69:10 | SSA def(key) | test2.swift:70:19:70:19 | key |
| test2.swift:69:10:69:10 | key | test2.swift:69:10:69:10 | SSA def(key) |
| test2.swift:69:15:69:15 | SSA def(value) | test2.swift:71:19:71:19 | value |
| test2.swift:69:15:69:15 | value | test2.swift:69:15:69:15 | SSA def(value) |
| test2.swift:69:25:69:25 | $generator | test2.swift:69:25:69:25 | SSA def($generator) |
| test2.swift:69:25:69:25 | SSA def($generator) | test2.swift:69:5:69:5 | $generator |
| test2.swift:69:25:69:25 | call to makeIterator() | test2.swift:69:25:69:25 | $generator |
| test.swift:5:9:5:13 | ... as ... | test.swift:5:9:5:9 | t2 |
| test.swift:6:9:6:9 | SSA def(t1) | test.swift:7:15:7:15 | t1 |
| test.swift:6:9:6:9 | t1 | test.swift:6:9:6:9 | SSA def(t1) |

View File

@@ -0,0 +1,73 @@
func source(_ label: String) -> String { return ""; }
func sink(arg: String) {}
func testDicts() {
let d1 = ["a": "apple", "b": "banana", "c": source("source1")]
let strA = "a"
let strB = "b"
let strC = "c"
sink(arg: d1["a"]!) // $ SPURIOUS: flow=source1
sink(arg: d1["b"]!) // $ SPURIOUS: flow=source1
sink(arg: d1["c"]!) // $ flow=source1
sink(arg: d1[strA]!) // $ SPURIOUS: flow=source1
sink(arg: d1[strB]!) // $ SPURIOUS: flow=source1
sink(arg: d1[strC]!) // $ flow=source1
for key in d1.keys {
sink(arg: key)
sink(arg: d1[key]!) // $ flow=source1
}
for value in d1.values {
sink(arg: value) // $ MISSING: flow=source1
}
for (key, value) in d1 {
sink(arg: key)
sink(arg: value) // $ flow=source1
}
}
func testDicts2() {
let d2 = [1: "one", 2: source("source2"), 3: "three"]
sink(arg: d2[1]!) // $ SPURIOUS: flow=source2
sink(arg: d2[2]!) // $ flow=source2
sink(arg: d2[3]!) // $ SPURIOUS: flow=source2
sink(arg: d2[1 + 1]!) // $ flow=source2
}
func testDicts3() {
var d3: [String: String] = [:]
sink(arg: d3["val"] ?? "default")
d3["val"] = source("source3")
sink(arg: d3["val"] ?? "default") // $ flow=source3
sink(arg: d3["val"]!) // $ flow=source3
d3["val"] = nil
sink(arg: d3["val"] ?? "default") // $ SPURIOUS: flow=source3
sink(arg: d3["val"]!) // $ SPURIOUS: flow=source3
}
func testDicts4() {
var d4: [String: String] = [:]
d4[source("source4")] = "value"
for key in d4.keys {
sink(arg: key) // $ MISSING: flow=source4
sink(arg: d4[key]!)
}
for value in d4.values {
sink(arg: value)
}
for (key, value) in d4 {
sink(arg: key) // $ flow=source4
sink(arg: value)
}
}

View File

@@ -225,6 +225,51 @@
| conversions.swift:188:13:188:13 | arr2c | conversions.swift:190:13:190:13 | arr2c |
| conversions.swift:189:13:189:13 | arr1c | conversions.swift:189:13:189:20 | ...[...] |
| conversions.swift:190:13:190:13 | arr2c | conversions.swift:190:13:190:20 | ...[...] |
| conversions.swift:196:7:196:7 | SSA def(self) | conversions.swift:196:7:196:7 | self[return] |
| conversions.swift:196:7:196:7 | self | conversions.swift:196:7:196:7 | SSA def(self) |
| conversions.swift:197:6:197:6 | self | conversions.swift:197:6:197:6 | SSA def(self) |
| conversions.swift:197:6:197:6 | self | conversions.swift:197:6:197:6 | SSA def(self) |
| conversions.swift:197:6:197:6 | self | conversions.swift:197:6:197:6 | SSA def(self) |
| conversions.swift:197:6:197:6 | value | conversions.swift:197:6:197:6 | SSA def(value) |
| conversions.swift:199:2:199:2 | SSA def(self) | conversions.swift:200:3:200:3 | self |
| conversions.swift:199:2:199:2 | self | conversions.swift:199:2:199:2 | SSA def(self) |
| conversions.swift:199:7:199:12 | SSA def(v) | conversions.swift:200:12:200:12 | v |
| conversions.swift:199:7:199:12 | v | conversions.swift:199:7:199:12 | SSA def(v) |
| conversions.swift:200:3:200:3 | [post] self | conversions.swift:199:2:201:2 | self[return] |
| conversions.swift:200:3:200:3 | self | conversions.swift:199:2:201:2 | self[return] |
| conversions.swift:205:7:205:17 | SSA def(withUInt) | conversions.swift:206:13:206:13 | withUInt |
| conversions.swift:205:7:205:17 | withUInt | conversions.swift:205:7:205:17 | SSA def(withUInt) |
| conversions.swift:206:13:206:13 | [post] withUInt | conversions.swift:207:14:207:14 | withUInt |
| conversions.swift:206:13:206:13 | withUInt | conversions.swift:207:14:207:14 | withUInt |
| conversions.swift:207:3:207:22 | SSA def(self) | conversions.swift:208:12:208:12 | self |
| conversions.swift:207:10:207:22 | call to Self.init(_:) | conversions.swift:207:3:207:22 | SSA def(self) |
| conversions.swift:207:14:207:14 | withUInt | conversions.swift:207:10:207:22 | call to Self.init(_:) |
| conversions.swift:208:12:208:12 | [post] self | conversions.swift:205:2:209:2 | self[return] |
| conversions.swift:208:12:208:12 | self | conversions.swift:205:2:209:2 | self[return] |
| conversions.swift:211:7:211:20 | SSA def(withMyValue) | conversions.swift:212:13:212:13 | withMyValue |
| conversions.swift:211:7:211:20 | withMyValue | conversions.swift:211:7:211:20 | SSA def(withMyValue) |
| conversions.swift:212:13:212:13 | [post] withMyValue | conversions.swift:213:10:213:10 | withMyValue |
| conversions.swift:212:13:212:13 | withMyValue | conversions.swift:213:10:213:10 | withMyValue |
| conversions.swift:213:3:213:22 | SSA def(self) | conversions.swift:214:12:214:12 | self |
| conversions.swift:214:12:214:12 | [post] self | conversions.swift:211:2:215:2 | self[return] |
| conversions.swift:214:12:214:12 | self | conversions.swift:211:2:215:2 | self[return] |
| conversions.swift:217:7:217:21 | SSA def(withMyValue2) | conversions.swift:218:13:218:13 | withMyValue2 |
| conversions.swift:217:7:217:21 | withMyValue2 | conversions.swift:217:7:217:21 | SSA def(withMyValue2) |
| conversions.swift:218:13:218:13 | [post] withMyValue2 | conversions.swift:219:11:219:11 | withMyValue2 |
| conversions.swift:218:13:218:13 | withMyValue2 | conversions.swift:219:11:219:11 | withMyValue2 |
| conversions.swift:219:7:219:7 | SSA def(x) | conversions.swift:220:10:220:10 | x |
| conversions.swift:219:7:219:7 | x | conversions.swift:219:7:219:7 | SSA def(x) |
| conversions.swift:219:11:219:24 | .v | conversions.swift:219:7:219:7 | x |
| conversions.swift:220:3:220:10 | SSA def(self) | conversions.swift:221:12:221:12 | self |
| conversions.swift:220:10:220:10 | x | conversions.swift:220:3:220:10 | SSA def(self) |
| conversions.swift:221:12:221:12 | [post] self | conversions.swift:217:2:222:2 | self[return] |
| conversions.swift:221:12:221:12 | self | conversions.swift:217:2:222:2 | self[return] |
| conversions.swift:224:14:224:14 | SSA def(self) | conversions.swift:224:2:227:2 | self[return] |
| conversions.swift:224:14:224:14 | self | conversions.swift:224:14:224:14 | SSA def(self) |
| conversions.swift:224:20:224:33 | SSA def(withMyValue) | conversions.swift:225:13:225:13 | withMyValue |
| conversions.swift:224:20:224:33 | withMyValue | conversions.swift:224:20:224:33 | SSA def(withMyValue) |
| conversions.swift:225:13:225:13 | [post] withMyValue | conversions.swift:226:10:226:10 | withMyValue |
| conversions.swift:225:13:225:13 | withMyValue | conversions.swift:226:10:226:10 | withMyValue |
| simple.swift:12:13:12:13 | 1 | simple.swift:12:13:12:24 | ... .+(_:_:) ... |
| simple.swift:12:17:12:24 | call to source() | simple.swift:12:13:12:24 | ... .+(_:_:) ... |
| simple.swift:13:13:13:20 | call to source() | simple.swift:13:13:13:24 | ... .+(_:_:) ... |

View File

@@ -135,10 +135,50 @@ edges
| conversions.swift:186:31:186:31 | arr2 [Collection element] | conversions.swift:186:15:186:35 | call to ContiguousArray<Element>.init(_:) [Collection element] | provenance | |
| conversions.swift:189:13:189:13 | arr1c [Collection element] | conversions.swift:189:13:189:20 | ...[...] | provenance | |
| conversions.swift:190:13:190:13 | arr2c [Collection element] | conversions.swift:190:13:190:20 | ...[...] | provenance | |
| conversions.swift:197:6:197:6 | self [v] | file://:0:0:0:0 | self [v] | provenance | |
| conversions.swift:199:7:199:12 | v | conversions.swift:200:12:200:12 | v | provenance | |
| conversions.swift:200:3:200:3 | [post] self [v] | conversions.swift:199:2:201:2 | self[return] [v] | provenance | |
| conversions.swift:200:12:200:12 | v | conversions.swift:200:3:200:3 | [post] self [v] | provenance | |
| conversions.swift:205:7:205:17 | withUInt | conversions.swift:206:13:206:13 | withUInt | provenance | |
| conversions.swift:205:7:205:17 | withUInt | conversions.swift:207:14:207:14 | withUInt | provenance | |
| conversions.swift:207:10:207:22 | call to Self.init(_:) | conversions.swift:205:2:209:2 | self[return] | provenance | |
| conversions.swift:207:10:207:22 | call to Self.init(_:) | conversions.swift:208:12:208:12 | self | provenance | |
| conversions.swift:207:14:207:14 | withUInt | conversions.swift:207:10:207:22 | call to Self.init(_:) | provenance | |
| conversions.swift:211:7:211:20 | withMyValue [v] | conversions.swift:212:13:212:13 | withMyValue [v] | provenance | |
| conversions.swift:212:13:212:13 | withMyValue [v] | conversions.swift:197:6:197:6 | self [v] | provenance | |
| conversions.swift:212:13:212:13 | withMyValue [v] | conversions.swift:212:13:212:25 | .v | provenance | |
| conversions.swift:217:7:217:21 | withMyValue2 [v] | conversions.swift:218:13:218:13 | withMyValue2 [v] | provenance | |
| conversions.swift:217:7:217:21 | withMyValue2 [v] | conversions.swift:219:11:219:11 | withMyValue2 [v] | provenance | |
| conversions.swift:218:13:218:13 | withMyValue2 [v] | conversions.swift:197:6:197:6 | self [v] | provenance | |
| conversions.swift:218:13:218:13 | withMyValue2 [v] | conversions.swift:218:13:218:26 | .v | provenance | |
| conversions.swift:219:11:219:11 | withMyValue2 [v] | conversions.swift:197:6:197:6 | self [v] | provenance | |
| conversions.swift:219:11:219:11 | withMyValue2 [v] | conversions.swift:219:11:219:24 | .v | provenance | |
| conversions.swift:219:11:219:24 | .v | conversions.swift:217:2:222:2 | self[return] | provenance | |
| conversions.swift:219:11:219:24 | .v | conversions.swift:221:12:221:12 | self | provenance | |
| conversions.swift:224:20:224:33 | withMyValue [v] | conversions.swift:225:13:225:13 | withMyValue [v] | provenance | |
| conversions.swift:224:20:224:33 | withMyValue [v] | conversions.swift:226:10:226:10 | withMyValue [v] | provenance | |
| conversions.swift:225:13:225:13 | withMyValue [v] | conversions.swift:197:6:197:6 | self [v] | provenance | |
| conversions.swift:225:13:225:13 | withMyValue [v] | conversions.swift:225:13:225:25 | .v | provenance | |
| conversions.swift:226:10:226:10 | withMyValue [v] | conversions.swift:197:6:197:6 | self [v] | provenance | |
| conversions.swift:226:10:226:10 | withMyValue [v] | conversions.swift:226:10:226:22 | .v | provenance | |
| conversions.swift:232:26:232:37 | call to sourceUInt() | conversions.swift:205:7:205:17 | withUInt | provenance | |
| conversions.swift:232:26:232:37 | call to sourceUInt() | conversions.swift:232:12:232:38 | call to Int.init(withUInt:) | provenance | |
| conversions.swift:235:29:235:48 | call to MyValue.init(_:) [v] | conversions.swift:211:7:211:20 | withMyValue [v] | provenance | |
| conversions.swift:235:37:235:47 | call to sourceInt() | conversions.swift:199:7:199:12 | v | provenance | |
| conversions.swift:235:37:235:47 | call to sourceInt() | conversions.swift:235:29:235:48 | call to MyValue.init(_:) [v] | provenance | |
| conversions.swift:238:30:238:49 | call to MyValue.init(_:) [v] | conversions.swift:217:7:217:21 | withMyValue2 [v] | provenance | |
| conversions.swift:238:30:238:49 | call to MyValue.init(_:) [v] | conversions.swift:238:12:238:50 | call to Int.init(withMyValue2:) | provenance | |
| conversions.swift:238:38:238:48 | call to sourceInt() | conversions.swift:199:7:199:12 | v | provenance | |
| conversions.swift:238:38:238:48 | call to sourceInt() | conversions.swift:238:30:238:49 | call to MyValue.init(_:) [v] | provenance | |
| conversions.swift:241:35:241:54 | call to MyValue.init(_:) [v] | conversions.swift:224:20:224:33 | withMyValue [v] | provenance | |
| conversions.swift:241:35:241:54 | call to MyValue.init(_:) [v] | conversions.swift:241:12:241:55 | call to mkInt(withMyValue:) | provenance | |
| conversions.swift:241:43:241:53 | call to sourceInt() | conversions.swift:199:7:199:12 | v | provenance | |
| conversions.swift:241:43:241:53 | call to sourceInt() | conversions.swift:241:35:241:54 | call to MyValue.init(_:) [v] | provenance | |
| file://:0:0:0:0 | [post] self [first] | stringinterpolation.swift:6:6:6:6 | self [Return] [first] | provenance | |
| file://:0:0:0:0 | [post] self [second] | stringinterpolation.swift:7:6:7:6 | self [Return] [second] | provenance | |
| file://:0:0:0:0 | self [first] | file://:0:0:0:0 | .first | provenance | |
| file://:0:0:0:0 | self [second] | file://:0:0:0:0 | .second | provenance | |
| file://:0:0:0:0 | self [v] | file://:0:0:0:0 | .v | provenance | |
| file://:0:0:0:0 | value | file://:0:0:0:0 | [post] self [first] | provenance | |
| file://:0:0:0:0 | value | file://:0:0:0:0 | [post] self [second] | provenance | |
| simple.swift:12:17:12:24 | call to source() | simple.swift:12:13:12:24 | ... .+(_:_:) ... | provenance | |
@@ -388,12 +428,50 @@ nodes
| conversions.swift:189:13:189:20 | ...[...] | semmle.label | ...[...] |
| conversions.swift:190:13:190:13 | arr2c [Collection element] | semmle.label | arr2c [Collection element] |
| conversions.swift:190:13:190:20 | ...[...] | semmle.label | ...[...] |
| conversions.swift:197:6:197:6 | self [v] | semmle.label | self [v] |
| conversions.swift:199:2:201:2 | self[return] [v] | semmle.label | self[return] [v] |
| conversions.swift:199:7:199:12 | v | semmle.label | v |
| conversions.swift:200:3:200:3 | [post] self [v] | semmle.label | [post] self [v] |
| conversions.swift:200:12:200:12 | v | semmle.label | v |
| conversions.swift:205:2:209:2 | self[return] | semmle.label | self[return] |
| conversions.swift:205:7:205:17 | withUInt | semmle.label | withUInt |
| conversions.swift:206:13:206:13 | withUInt | semmle.label | withUInt |
| conversions.swift:207:10:207:22 | call to Self.init(_:) | semmle.label | call to Self.init(_:) |
| conversions.swift:207:14:207:14 | withUInt | semmle.label | withUInt |
| conversions.swift:208:12:208:12 | self | semmle.label | self |
| conversions.swift:211:7:211:20 | withMyValue [v] | semmle.label | withMyValue [v] |
| conversions.swift:212:13:212:13 | withMyValue [v] | semmle.label | withMyValue [v] |
| conversions.swift:212:13:212:25 | .v | semmle.label | .v |
| conversions.swift:217:2:222:2 | self[return] | semmle.label | self[return] |
| conversions.swift:217:7:217:21 | withMyValue2 [v] | semmle.label | withMyValue2 [v] |
| conversions.swift:218:13:218:13 | withMyValue2 [v] | semmle.label | withMyValue2 [v] |
| conversions.swift:218:13:218:26 | .v | semmle.label | .v |
| conversions.swift:219:11:219:11 | withMyValue2 [v] | semmle.label | withMyValue2 [v] |
| conversions.swift:219:11:219:24 | .v | semmle.label | .v |
| conversions.swift:221:12:221:12 | self | semmle.label | self |
| conversions.swift:224:20:224:33 | withMyValue [v] | semmle.label | withMyValue [v] |
| conversions.swift:225:13:225:13 | withMyValue [v] | semmle.label | withMyValue [v] |
| conversions.swift:225:13:225:25 | .v | semmle.label | .v |
| conversions.swift:226:10:226:10 | withMyValue [v] | semmle.label | withMyValue [v] |
| conversions.swift:226:10:226:22 | .v | semmle.label | .v |
| conversions.swift:232:12:232:38 | call to Int.init(withUInt:) | semmle.label | call to Int.init(withUInt:) |
| conversions.swift:232:26:232:37 | call to sourceUInt() | semmle.label | call to sourceUInt() |
| conversions.swift:235:29:235:48 | call to MyValue.init(_:) [v] | semmle.label | call to MyValue.init(_:) [v] |
| conversions.swift:235:37:235:47 | call to sourceInt() | semmle.label | call to sourceInt() |
| conversions.swift:238:12:238:50 | call to Int.init(withMyValue2:) | semmle.label | call to Int.init(withMyValue2:) |
| conversions.swift:238:30:238:49 | call to MyValue.init(_:) [v] | semmle.label | call to MyValue.init(_:) [v] |
| conversions.swift:238:38:238:48 | call to sourceInt() | semmle.label | call to sourceInt() |
| conversions.swift:241:12:241:55 | call to mkInt(withMyValue:) | semmle.label | call to mkInt(withMyValue:) |
| conversions.swift:241:35:241:54 | call to MyValue.init(_:) [v] | semmle.label | call to MyValue.init(_:) [v] |
| conversions.swift:241:43:241:53 | call to sourceInt() | semmle.label | call to sourceInt() |
| file://:0:0:0:0 | .first | semmle.label | .first |
| file://:0:0:0:0 | .second | semmle.label | .second |
| file://:0:0:0:0 | .v | semmle.label | .v |
| file://:0:0:0:0 | [post] self [first] | semmle.label | [post] self [first] |
| file://:0:0:0:0 | [post] self [second] | semmle.label | [post] self [second] |
| file://:0:0:0:0 | self [first] | semmle.label | self [first] |
| file://:0:0:0:0 | self [second] | semmle.label | self [second] |
| file://:0:0:0:0 | self [v] | semmle.label | self [v] |
| file://:0:0:0:0 | value | semmle.label | value |
| file://:0:0:0:0 | value | semmle.label | value |
| simple.swift:12:13:12:24 | ... .+(_:_:) ... | semmle.label | ... .+(_:_:) ... |
@@ -509,6 +587,17 @@ nodes
| try.swift:18:18:18:25 | call to source() | semmle.label | call to source() |
| try.swift:18:18:18:25 | call to source() [some:0] | semmle.label | call to source() [some:0] |
subpaths
| conversions.swift:212:13:212:13 | withMyValue [v] | conversions.swift:197:6:197:6 | self [v] | file://:0:0:0:0 | .v | conversions.swift:212:13:212:25 | .v |
| conversions.swift:218:13:218:13 | withMyValue2 [v] | conversions.swift:197:6:197:6 | self [v] | file://:0:0:0:0 | .v | conversions.swift:218:13:218:26 | .v |
| conversions.swift:219:11:219:11 | withMyValue2 [v] | conversions.swift:197:6:197:6 | self [v] | file://:0:0:0:0 | .v | conversions.swift:219:11:219:24 | .v |
| conversions.swift:225:13:225:13 | withMyValue [v] | conversions.swift:197:6:197:6 | self [v] | file://:0:0:0:0 | .v | conversions.swift:225:13:225:25 | .v |
| conversions.swift:226:10:226:10 | withMyValue [v] | conversions.swift:197:6:197:6 | self [v] | file://:0:0:0:0 | .v | conversions.swift:226:10:226:22 | .v |
| conversions.swift:232:26:232:37 | call to sourceUInt() | conversions.swift:205:7:205:17 | withUInt | conversions.swift:205:2:209:2 | self[return] | conversions.swift:232:12:232:38 | call to Int.init(withUInt:) |
| conversions.swift:235:37:235:47 | call to sourceInt() | conversions.swift:199:7:199:12 | v | conversions.swift:199:2:201:2 | self[return] [v] | conversions.swift:235:29:235:48 | call to MyValue.init(_:) [v] |
| conversions.swift:238:30:238:49 | call to MyValue.init(_:) [v] | conversions.swift:217:7:217:21 | withMyValue2 [v] | conversions.swift:217:2:222:2 | self[return] | conversions.swift:238:12:238:50 | call to Int.init(withMyValue2:) |
| conversions.swift:238:38:238:48 | call to sourceInt() | conversions.swift:199:7:199:12 | v | conversions.swift:199:2:201:2 | self[return] [v] | conversions.swift:238:30:238:49 | call to MyValue.init(_:) [v] |
| conversions.swift:241:35:241:54 | call to MyValue.init(_:) [v] | conversions.swift:224:20:224:33 | withMyValue [v] | conversions.swift:226:10:226:22 | .v | conversions.swift:241:12:241:55 | call to mkInt(withMyValue:) |
| conversions.swift:241:43:241:53 | call to sourceInt() | conversions.swift:199:7:199:12 | v | conversions.swift:199:2:201:2 | self[return] [v] | conversions.swift:241:35:241:54 | call to MyValue.init(_:) [v] |
| stringinterpolation.swift:13:36:13:36 | pair [first] | stringinterpolation.swift:6:6:6:6 | self [first] | file://:0:0:0:0 | .first | stringinterpolation.swift:13:36:13:41 | .first |
| stringinterpolation.swift:19:13:19:20 | call to source() | stringinterpolation.swift:6:6:6:6 | value | stringinterpolation.swift:6:6:6:6 | self [Return] [first] | stringinterpolation.swift:19:2:19:2 | [post] p1 [first] |
| stringinterpolation.swift:22:21:22:21 | p1 [first] | stringinterpolation.swift:6:6:6:6 | self [first] | file://:0:0:0:0 | .first | stringinterpolation.swift:22:21:22:24 | .first |
@@ -588,6 +677,15 @@ subpaths
| conversions.swift:188:13:188:13 | arr2c | conversions.swift:172:15:172:25 | call to sourceInt() | conversions.swift:188:13:188:13 | arr2c | result |
| conversions.swift:189:13:189:20 | ...[...] | conversions.swift:171:14:171:33 | call to sourceArray(_:) | conversions.swift:189:13:189:20 | ...[...] | result |
| conversions.swift:190:13:190:20 | ...[...] | conversions.swift:172:15:172:25 | call to sourceInt() | conversions.swift:190:13:190:20 | ...[...] | result |
| conversions.swift:206:13:206:13 | withUInt | conversions.swift:232:26:232:37 | call to sourceUInt() | conversions.swift:206:13:206:13 | withUInt | result |
| conversions.swift:208:12:208:12 | self | conversions.swift:232:26:232:37 | call to sourceUInt() | conversions.swift:208:12:208:12 | self | result |
| conversions.swift:212:13:212:25 | .v | conversions.swift:235:37:235:47 | call to sourceInt() | conversions.swift:212:13:212:25 | .v | result |
| conversions.swift:218:13:218:26 | .v | conversions.swift:238:38:238:48 | call to sourceInt() | conversions.swift:218:13:218:26 | .v | result |
| conversions.swift:221:12:221:12 | self | conversions.swift:238:38:238:48 | call to sourceInt() | conversions.swift:221:12:221:12 | self | result |
| conversions.swift:225:13:225:25 | .v | conversions.swift:241:43:241:53 | call to sourceInt() | conversions.swift:225:13:225:25 | .v | result |
| conversions.swift:232:12:232:38 | call to Int.init(withUInt:) | conversions.swift:232:26:232:37 | call to sourceUInt() | conversions.swift:232:12:232:38 | call to Int.init(withUInt:) | result |
| conversions.swift:238:12:238:50 | call to Int.init(withMyValue2:) | conversions.swift:238:38:238:48 | call to sourceInt() | conversions.swift:238:12:238:50 | call to Int.init(withMyValue2:) | result |
| conversions.swift:241:12:241:55 | call to mkInt(withMyValue:) | conversions.swift:241:43:241:53 | call to sourceInt() | conversions.swift:241:12:241:55 | call to mkInt(withMyValue:) | result |
| simple.swift:12:13:12:24 | ... .+(_:_:) ... | simple.swift:12:17:12:24 | call to source() | simple.swift:12:13:12:24 | ... .+(_:_:) ... | result |
| simple.swift:13:13:13:24 | ... .+(_:_:) ... | simple.swift:13:13:13:20 | call to source() | simple.swift:13:13:13:24 | ... .+(_:_:) ... | result |
| simple.swift:14:13:14:24 | ... .-(_:_:) ... | simple.swift:14:17:14:24 | call to source() | simple.swift:14:13:14:24 | ... .-(_:_:) ... | result |

View File

@@ -190,3 +190,53 @@ class TestArrayConversion {
sink(arg: arr2c[0]) // $ tainted=172
}
}
// ---
class MyValue {
var v : Int
init(_ v: Int) {
self.v = v
}
}
extension Int {
init(withUInt: UInt) {
sink(arg: withUInt) // $ tainted=232
self = Int(withUInt)
sink(arg:self) // $ tainted=232
}
init(withMyValue: MyValue) {
sink(arg: withMyValue.v) // $ tainted=235
self = withMyValue.v
sink(arg:self) // $ MISSING: tainted=235
}
init(withMyValue2: MyValue) {
sink(arg: withMyValue2.v) // $ tainted=238
let x = withMyValue2.v
self = x
sink(arg:self) // $ tainted=238
}
static func mkInt(withMyValue: MyValue) -> Int {
sink(arg: withMyValue.v) // $ tainted=241
return withMyValue.v
}
}
func testIntExtensions() {
sink(arg: Int(withUInt: 0))
sink(arg: Int(withUInt: sourceUInt())) // $ tainted=232
sink(arg: Int(withMyValue: MyValue(0)))
sink(arg: Int(withMyValue: MyValue(sourceInt()))) // $ MISSING: tainted=235
sink(arg: Int(withMyValue2: MyValue(0)))
sink(arg: Int(withMyValue2: MyValue(sourceInt()))) // $ tainted=238
sink(arg: Int.mkInt(withMyValue: MyValue(0)))
sink(arg: Int.mkInt(withMyValue: MyValue(sourceInt()))) // $ tainted=241
}

View File

@@ -0,0 +1,10 @@
| builtinliteralexpr.swift:4:6:4:6 | 1 | 1 |
| builtinliteralexpr.swift:5:6:5:6 | 0xFF | 0xFF |
| builtinliteralexpr.swift:6:6:6:6 | 2.34 | 2.34 |
| builtinliteralexpr.swift:7:6:7:6 | true | true |
| builtinliteralexpr.swift:8:6:8:6 | abc | abc |
| builtinliteralexpr.swift:9:6:9:6 | \u2872 | \u2872 |
| builtinliteralexpr.swift:11:7:11:7 | 5 | 5 |
| builtinliteralexpr.swift:12:7:12:7 | 6 | 6 |
| builtinliteralexpr.swift:12:10:12:10 | 7 | 7 |
| builtinliteralexpr.swift:13:6:13:6 | #... | |

View File

@@ -0,0 +1,5 @@
import swift
from BuiltinLiteralExpr e
where e.getFile().getBaseName() != ""
select e, concat(e.getValueString(), "")

View File

@@ -0,0 +1,14 @@
func test() {
// builtin literals
_ = 1
_ = 0xFF
_ = 2.34
_ = true
_ = "abc"
_ = "" // (braille)
let maybe: Int? = nil // (no BuiltinLiteralExpr)
_ = [5]
_ = [6: 7]
_ = #line
}